last executing test programs:

11m14.557487442s ago: executing program 2 (id=502):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[], 0x6, 0x2c0, &(0x7f0000000440)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
r0 = open(&(0x7f0000000140)='./file2\x00', 0x147842, 0x126)
preadv2(r0, &(0x7f0000000900)=[{0x0, 0x3000}, {&(0x7f0000000a00)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x1)

11m14.162893326s ago: executing program 2 (id=507):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000540)='ns/user\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f00000004c0), 0x1200008, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@uuid_off}, {@verity_on}], [{@subj_type={'subj_type', 0x3d, '\x00'}}, {@euid_eq}]})
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000000c0)="480000001500257f09004b01fcfc8c860a881300f217e0060000e3323909b8f8896e33719fe3bb036e0bc90900"/54, 0x36}], 0x1)

11m10.574080856s ago: executing program 2 (id=521):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000000), 0x560c89bb)
r3 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
splice(r1, 0x0, r3, 0x0, 0x8000, 0x0)

11m9.230617826s ago: executing program 2 (id=526):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
syz_open_procfs(0x0, &(0x7f00000005c0)='cgroup\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r8, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r9, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40)

11m8.794548615s ago: executing program 2 (id=532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
fcntl$setpipe(r2, 0x407, 0xc6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0xfc00)

11m7.72386436s ago: executing program 2 (id=535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r4, 0x29, 0x4e, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000040000000c"], 0x50)
r6 = io_uring_setup(0x9b5, &(0x7f0000000a80)={0x0, 0xed11, 0x800, 0x1, 0x2d2})
io_uring_setup(0x3cf, &(0x7f0000000b00)={0x0, 0x1248, 0x100, 0x2, 0x27d, 0x0, r6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000001480)={[{@data_journal}]}, 0x1, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

10m52.59718906s ago: executing program 32 (id=535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r4, 0x29, 0x4e, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000040000000c"], 0x50)
r6 = io_uring_setup(0x9b5, &(0x7f0000000a80)={0x0, 0xed11, 0x800, 0x1, 0x2d2})
io_uring_setup(0x3cf, &(0x7f0000000b00)={0x0, 0x1248, 0x100, 0x2, 0x27d, 0x0, r6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000001480)={[{@data_journal}]}, 0x1, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

12.034829655s ago: executing program 1 (id=4349):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x0, 0x1, 0xa, 0x2, 0x138, &(0x7f0000000580)="1b9c55fc2d0a81171f3a1241036d647d5a771aaa4cb6f8ddc4027f2e74413f02507947e19e0302093abbfed53ba0e3e8d25086282a8cae8d5479104e39f6a9f58916a3c11ffeff6587a26fe8418cfd8711712d63951d826dd69e818ed8f02ba06f7ba003838e97359423d177b25feb4769e1909d6f5636e545f8734074eff5f1a18f118bba84f5353d5c482d38a05d68ad461a427ce3444e4dbe67a69f554b776a1a195b71021c6eaf2aca2c0fa62d7b5cc43a4ecaa6c9e89055213b48c797040ad6d10b8895538f46a76302ac574d591ed260fd61518e631299327ef1307107a2760744cc2d946c2c16cfe4526ca2b5ccb7b904ab9c764aa89534440ff125702d17991890c1d8baa81fe068a8c512c07b55847909dc9dc266c6b08330d7f2df697e16e59086c48bbd564c8fcbc7b570833d74784bd16be88d400ca0fd80cdbe4d0d6a417ea6f1155a294bb8229373e979bc6c873a5e165660159662978e1e69c58b54bc6f12a42a990936b2ed91208ccfc33bea46427fbc6cc5df1677580c05cb0d1132cff9e2f9e4de404fcedc992ad779103f19a4ec1f69cc66f159560a1edc142f8599bc90f0d637b618f2fed3d5c75399e348445a1e71cb8ef0459b1202d856d235fc2586c29ca33ccfe63c2c41bafc7b0725a257162fd710d9b1e516c0ce1db7ecc7ca7d62086bdb442bbf8e11529c68dedc2f2ef319591ee9068dbd36f39ba97cb88d794a5a36be54efe554dd2d64aaf3c3ecbbb3a15e0568f59cf99b2da0a589c2c34b42e6f2c7ee184c6f6ffed5d2823745881b807c0e3ba5d08f0736ee5d4bb9d3a5e257811fed483435c6a846097dfea053c38ecac3b0b528d18f85cfb89991bc763690735699d0fc0b78e1e035a17267f0682c1938abf42d93700617a4d9ed484cb9776a9a1bb75a40de5552353cbf7d863773f52c7a4677d222417a3a2f3d190973c1d8b5a87e56de1b8f0977c4a31b29668f58c68e091d9f425067571d72e07aef424243414f31e27ce369f4428b320bccbb0fe4b0bedb2dcdd0cb88368c1bd79472770449790e4dc407e95f34d00b19ca2170127b9a7736f82c6bf8dae0f99ddd1de4852d9033091afa2de9732282760a9f7b72061c86ea5fb4ff703288167c015b0460b1c043f6176d8e9d06da50265edb1970b81e895311e505199eb0ccb1b5314f6060a848865cbfeff209e8301d4e778cc62ede6da463de415e993ed65afce36e326c75c7e94de50a48c2752e7edcfc41f78771c2db74f7f7c5c62837f2adbf79a80473a99e16ae7a8ff0ab5931d9f9830a989b85198eecc094b4e2b092e160bfae4e0db9614bdead01758e546f6a88573b4c369cbfa4a7e4c6e6d64745c370c50ab41f29aa6e058b519d5ff19ce6b42259ba995c36ae89f59bc33c6e2cefaafc5fb28d58060447e00aa1db783a4161d9695e9f842d2a"})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000002100)={[{@fat=@tz_utc}, {@fat=@dmask={'dmask', 0x3d, 0x4}}, {@fat=@nfs}, {@fat=@showexec}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x4}}, {@fat=@debug}, {}, {@nodots}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x92e5}}, {@fat=@umask={'umask', 0x3d, 0x1}}, {@dots}, {@dots}]}, 0x1, 0x249, &(0x7f0000000500)="$eJzs3cFqE0EYB/Avbdpue7Fn8bDgpaeivkGQCOKCENmDnlyoXloRUpDVUx6jz9BH8jFy6m3F7mJqGjzItpt0fz8I85E/A99cMjnM7H588uX05Ov55+rnRSRJGsOIWVxFHMZWbEdt0Ixb1/Vu3DQLAGDTTCbFqOseaNHg1jf7EVHsRMTerSi/vKeuAAAAAAAAAAAAaJnz/wDQP87/P3zT6ag4aP6//c35fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7V1X1qPrHp+v+AID22f8BoH/s/wDQP/Z/AOifd+8/vBll2XiSpknEfFbmZV6Pdf7qdTZ+ll47XMyal2W+09TZ+Hmdp8v5QTP/xcp8N46e1vnv7OXbbCnfi5O7XjwAAAAAAAAAAAAAAAAAAACsieP0jxv3+wcRsV3nx6vyebni+QBL9/eH8Xh4b8sAAAAAAAAAAAAAAAAAAACAjXb+/cdpcXb2abpxxeXRxbc1aONBFvvxH7OSWI/mFa0UXf8yAQAAAAAAAAAAAAAAAABA/ywu/XbdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0Z/H+/7srul4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0A+/AgAA//+BxY58")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r1}, &(0x7f0000000500), &(0x7f00000002c0)='%+9llu \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDGKBDIACR(r4, 0x4b4a, &(0x7f0000002f80)=""/61)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r3}, 0x38)
r5 = syz_open_dev$loop(&(0x7f0000000040), 0x2, 0x101000)
ioctl$BLKFINISHZONE(r5, 0x40101288, &(0x7f00000003c0)={0xd, 0x8})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0x2}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
writev(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000180)={[{@hide}, {@dmode}, {@map_off}, {@check_relaxed}]}, 0x1, 0x511, &(0x7f0000000ac0)="$eJzs3M9u3MYZAHBSlhBBBYQCQWNH8YFxenAP2XBXtQwhJ5bLlZjsLhckFcinIqilQKiUFk0KNL754rZA+xC59gGKnvoYfYugj5CCy1Vq698mtqs13N8PsGeW/DjzDbGYwVIYBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAEKb9OO6GwTAf7+1Hl0v7ZTG64vxpe/94prii3yAIm3/B6mpwqz10683/nv5J89+d4Gb76Waw2hSrwaMfvfXjD99cXjq9/oqErsUXXz369afHxwe/O3ti4Zldj51snFdFPkp2siivimh7ayv+YHdQRYN8mFUPqjobRWmZJXVRRnfTn0Xd7e3NKOs8KPbGO/1kmJ0evP9+L463oo86kywpq2L8wUedKt3Nh8N8vDONaU43MfebL+LHeR3VWTKKosOj44PNeUk2Qd3vE9SbF9SLe71ut9frbt3bvnc/jpfPHYjPCM5FLP5Ly2K95Bkcnt+3s/UfAAAAeH2F02fsze//lelz+DAY5MMsXnRaAAAAwEs0/cv/zaZYaWq3gtDvfwAAAHjd/GnuHrtq8kb4z38HZbkSPp7s/zQ8SZq45ORGe92Nsy3Wg41wfdbItNhann1Ks9vh223Q26fR38yKw3l5hC8hgeAvwUYbs/GwLR+enml7WRvkw6yTFsMPu0GSrC/V2X79+8+P/hBMh//n8Wg9DA6Pjg86v/rN8cNpLo+bVh6fzDZQnNtHcUUuX3637/HiEa9MH8TM+l1r+42fHv9Se/nSD+jzSfBOG/POWluuPTv+1abPbuey0c+y6L7gyJ8Et9uY23ffa4r37l6QRW9eFr2ns3iue/E9sticl8XmC2YBsCiHc1ah8PzCf8UsV/29rZ6d5a5ndX8SvNvGvLsxnViXNy6Y0eN5M3r8gqvb34I7bcyd0+DL1tim37+eWVW/bi74+tJ+q2EvbG7hjS9Pfhu89cVXj94/Ovn0s4PPDj7v9Ta34p/H8b1esDIdxqyw9gBwgaz8Jlyr/xiWZT75ZXd7u5vUu1lUFunHUZn3d7IoH9dZme4m450smrxR1EVaDKNJWXyS97MqqvYmk6Kso0FRRpOiyvenb36JZq9+qbJRMq7ztJoMs6TKorQY10laR/28SqPJ3i+GebWbldOLq0mWfjvI06TOi3FUFXtlmnWiqMqypwLzfjau80HeVMfRpMxHSfkg+qQY7o2yqJ9VaZlP6qJt8LSvfDwoytG02c6ibzYAvCK+e4Pd/7Cy6DECAM+ySgMAAAAAAAAAAAAAwKvvOvb/qfyfV/61HgSvQBoqP6Sy6JkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM77TwAAAP//71GkXA==")
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="6c886373ae9788"], 0xc)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x10)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
recvmmsg(r0, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

10.830821951s ago: executing program 1 (id=4356):
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={0x0}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000b80)={r3, r2, 0x25, 0x0, @val=@netkit}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400251}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000500)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x33, 0x4000, @fd_index=0x1, 0x5, 0x0, 0x0, 0x2, 0x1, {0x2}})
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x0)
syz_emit_ethernet(0xd81, &(0x7f0000000bc0)={@local, @empty, @void, {@ipv6={0x86dd, @dccp_packet={0x6, 0x6, "936c34", 0xd4b, 0x21, 0x0, @private0, @mcast2, {[], {{0x4e21, 0x4e24, 0x4, 0x1, 0xb, 0x0, 0x0, 0x1a, 0x5, "9d3696", 0x7f, "afe0dc"}, "96ac244a4c27fa87c0d235551dbe506f162d0dd4a7234c0018156d56069f0a7a2d61d0e9e4382abc6ee8776b844ef23aed0ecee5cad64c8f0234fe82a24f0ea53e12cff09a94248015517e98adb1b67b0f3222d937b71f7fd1477af36f29b6f30f7d3ae6725cfede95cdaced89ba7fb98371a8600ea3016bea5516e5b8919bc6c6af28d09b6921ac86fbf6a5fe6868b79c045e8909dd1c0892c8221a4724043772cf0af5ae8cf638299a6cc2ae60daa33095206d348952942ac6e833466047e7152d29338f823a9c017710946ba448e60e63cd98dffa7070c15341da9500e9b7c55cb2cb97b34fa0b767249d5631f04ede4770e6b8e659040c3ea2e617b2e9154d7f622f9de46228104caf7fb3bb97a82fba1ed40df47d95e4638d7bdf82286ccdef72e9e2657aadec9810b466c463dfdc2e8e126f96fa6f44cdd69246ada7502b95aab8e520525d10a99c71e8838abd3b6ac770f48a1107c77013f78908a73b3389973d2c91a87a41bc221b57bb0661881044bc0aeaa904d58e019958cf4077d70ca2377d5915455cdeca57a641f3d424c0002b75c8709e695abb23322c9472e174006381d18005865d035b4ad295a3230a3f946c21fbdb58dc811dda26b1aacdc104e99b5839e626e2c71bbbeea570259478fd9613245c7f88f9e1ad7835f70ad1993cd25d7652b266de363ec33c06fe3a34c15169bd3f4bb294855fb5595e1a4deb30299ab2d828694b77e78ac271011d7202f1365861eef9689c013421db8709560d938682c7f9a7dec7f018b9de80d483f0e6cd8c5367984142e729998671fad4bc8c17687be186c9f1e6b84adde74f9d185ac3a9a9f6be597d4d0db2206a60b51397ef11d1d9fdc631b6da78be69415d3e617991c090af1328bb613633c358f929f435a717ed4cf985e74a092e86a5f26d0dc9e918795b606ca6b5e732e7f4b19abf994986efe7f369d5e8a7a3a4044d371aa050524d0150738501c6a4215df1b1f06a0091a904c90ad759df341c7522138d9dc4243b3dc87fad57b46c204e641366b7bfaa58762df74a162fd2fb685ba319ef65081bd481265b43faaed60930e34e48a2e6d9b77543e63a5989f43abb1fba7c2edc9f119d92d82f71d89f2b5102852cd25ad8fe8dd341491b2f3f54a2350803f7431a3a8174c8d9d07e3b339f1ba4356e43ba8b359774d77877cee1e08da2e61c75b9836ce0a3d0ce985d497e3bfdbcecbaf6a63e0c39e5b6e1db8935c3071584f6356778a5b3de4745addc2a40a4db267d58a06379ed1f411362526b69bfefa4ebe5c3df40328e9b34c3315dd78e6026fac216cd48f03172229cae65a625d0a011f603de7c717c24da2d3b427ac9c21a910e6f1ca72e8b634eb5651afb9c9a6ed51faa9e22da18d1b741bead9f6ca2e2210306946ec1a12cd92d2079d9dcd755280513996024de881146fcccdc749af4ec651e2fccf8f1e71db9159d9c044923fbc35ad44f6997e4264bf9235778f46255bf662d58817d9f976c1729e715a98852e2d2e03b4c76402601d99174937e56a9aaf971c03704dfcfb970f4f1856274b9f64f11954dcd3692c5b9110a2854be44de05fb546b6642d0b6d04b7071551ddab35e4240405bc13deb3197c84989dc7e9e132f68be6cbdc71931cc110e302f8d169ae34aa386a5b20d370ef881286a8671aeb4c5f87d6c83846149b89b38091db91b931b56a252dd8351c2fd9537a27a0ebc349557e93a8e1b8a7aa3f35a83aa402197d80965bf26a7af8f0e3043b15b22182f856de447585d332cbb6955bb5b7c63733b23a8d313cedebb3973265d4510f87c6f49cb822c159334e77cc4ec41edb591b5cdbe95087baac78e0604daccff8c65aca949cc019c6d0cb1f43c189e9387e6dab035eabfe6d12b8f9fd554e0c910ca2a517b483c8e5d7caa63f887727d2b1fcd0331b3b6d8e953423927494e716b92f7cfa6572acd81d9cc8657315e567b98d483dc3ee2fc07d2d09c44aff6d9413283895c8b00928e679fcc40cdf7b92087f7428febf9fab94d71477c74ea194c3257211bfe7393eec4b0de9d9d240ade8f5896c716cacc029d467587f200c3f727cd000c842d66b815c9121a2dd7e28662e8749e2ee86a46cb1f7f19d8dc4ba49b84f74a78217812184efed52e961f0158611409180b89bb0bba1b904f7d724aac636d96cb6fc13385e00914375449ef75eeeb6ea6af68570dfdaa9755fab10a5dc040310d4b6e95a6632875dafa769daf3fc47b000ec0490d7953d75d1ca428f5a87bdc0f17df5fab0767f5fe59f46271ee09d98c8e395b3af04458e5ec91adf717beeb4f6ccb7585588c5c230ca846bafb8fb4cda324f1d852c0e9adf1c483d419512274aaf925efe87a249792c9ba7d7ffaca828dda2303fa1d23ea77f02be0bffc225ea56aefaad2d3bc366a392be17f2558adc32da5f9ec059de27c290533fabed897cd9a18720e9c9362a65f06376828c14a705ffd805e53ef98cceb11ef21553166481a3758d950aea7ef762eee3e0b9cfd8658870a9a77695ca045d3c651df818c9d6cd373a6f225ad089806650205bf734ec184311b17ac8f45107d84cdd726fcc23ae2fb01582d42961c48e36726ff58b4fafda4d7a7dad0fc12a5231c230bd35d42ec0477cf0e33da7f176419504fefddf69b981e2dc43a0e5271d2baba8b06a1226e42b7b4319ad3a22362c5d654f4ca1692038c5d672922980df263455cb5691131a2cd8ed9874078ab5e844f3be25b7c25b58fbdce0560a293e5cefa420711ea56ce67f3a49567a310f8e4f1afd8378ebd32e3fa1d0aa7d5cc22b1267d827b4506717f4337fb38f8c2dab6d7fcba94d56de90e534b8a3ce8928ac1c4b3c2dcfec69c4d9f21e651ec730931b0402b610167a99f56c598c03ba8861059091090751d37e937148d667fd52b5d18f54b59a0091ae92ee5267100c0d3650e8aedda07d74d4335458371cc7366f86b060f670905027b1a31098d3ab8cddab29f21d1c6134ca3add671effd6b0737253c165d194da720071f8ca5252b7bd1af1cbeb1117b7ba232641884fdc85fbd29613b6ef92f6ced4f0a2c4bde00e4a3f7e3a06260bcf62c013761a0c0474cb7de456a75b31faaf5a4ecf52b696e54da615e53c2ba272c1c84bb28f9c31382eea886d1416c254713bfd89126149b27b7cf401ba3ad1416be401d29b3ee90c8b265f420a76c1e593268f028c0bccddb2bd94ca7b4b9c4556333eadd53f66511848c47409c0001c1ba708999d77dcd3205530fe69550ab397d5b8c2fd2ec1d28ac6807cd3d366e093d861a91b76cb3cfea35b0c2e6721218b67c908b85773828fb2758fa4cd88736a132ce116f82bb94bb2ad24e299f61de5229c22080bc29f6d877af257a58d0aec30c0977b6c3c4bde6b8b2d983308cf39a45b52824ab8a2e8091236b80354296934fc1a92902829536e426247551f530c41a91a04894c1670aa34f979b6005939e06d2337446e36470c3b2a3ac62b8967904d7c77443cd87a429513c495d53455ae1bfca7b6a95ce3c7aaf28f3afafddfc4459ac34497761fe0cc30b3136b1a073266a40c2c1e1f40d0f1b5d32d80eebe80bf031a16c1b522a67bca724da6e541332384a80e7dc340cc794582bf3cf68b45f05f13ce776b123b42c477553838f349a6634059e0fcf4f2aeb821244a7ee4d74825289794669a7e7f04497545b216b0106cc731801faedafe935f91275d4d5c21920fde28cec45fc55334f9148013417c2835b28433a50e287409b9790bae5d89a6ff68bef21d6dc040c798d4a75217f6b2628e57ff03c0b7efe72578386ccd9d333759c687b013cf38d2d7a53704bf5241fdb00629b1aa9c4205eafada8407477c131e04d1b8aacda0fbcfa09d89e99907deda0be9f37c1e8034dc4d9f678bef943c743ca53f79eb51d22231b9c2c0670a58a352d1a58e1ac266cee2ddda2ab870a000a0e98d3527a911151820490d4011c9a0fc0f5b389ba7e624b068ad8cf5b320d936acbdc9298d5c5503ae2288df12c06d80f2d8164cfd0f4896942d051c319229666c135434b92ef309dda573e9d430f56557243f38ea5fe5caabf5555df5ac3d82a858735f08636fbd430455f5bf09dca15914055e2eb84fbcbc55cc147946f7951efa258afc57609a1cd41ff6a52dba95bd957869feb7e8ca600f2b20bf19d610e7b179506cad6f98d25b89aeb42b6313123a6d38a1d2c8f59a69a0e16a4db04f73b12c9cf3e782f5d71b44aeb2e85f59d34d43c855e3f49eea31d53c1b52977ce3f315b2c6838905b6c453a6823454ad800371dc22b6f1754e0b7bda7b93a4b9c38bda77947877182cbe374dffc50e46e7e5b86f626f3c9e7fc08689c765f6897651e04c604dbb691606b9899d69da262a7458bbb8c85752d3727823926757d390d3a45700106a62add683a9185da048a74d150a17d6bfd1c85e547703eaf2aa880d9ff9bb27f6cb1bdf18e9f5f419f0d364c1b8d1b7a0564888f4a5198d8137c39456c9c573e078aff60c3f64d337e48a0198edbc1091ef7ef42c352f4cc221303c048cb373fd9ae1102f87f7e099e5cfb2a01cbffdd4bce63e7d1bae825421e761ffc06daae75908ebe5c9171cd1f3e481d9a0a6ad608e9434a4fb9e2ba75177311d948ffeb8abf10238979ea9aa8670b4aaf599ec0bc162746186ddebfadc5d93d2aabf0a6c3889fd6dcdd82ba9ce7b7e182c8d7f63519c3405b3610dc9efff82a3695b321fca1859599e589161e08cf26060713c9b4ac0a1f65db611967f559"}}}}}}, 0x0)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3, '\x00', r2, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r9=>r8}, './file0\x00'})
setsockopt$MRT_FLUSH(r9, 0x0, 0xd4, &(0x7f0000000880)=0x3, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xffffffff, '\x00', r2, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x50)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x4c0100, 0x0)

9.77132189s ago: executing program 5 (id=4360):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r2}, 0x14)

8.534707507s ago: executing program 5 (id=4363):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000001580)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000900), 0xffffffffffffffff)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x80042, 0x1}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x5, 0x5}}, 0x10, 0x0}, 0x40000)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r1, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

7.319570776s ago: executing program 3 (id=4368):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80), 0x0, 0x10122, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000302, 0x0, 0x0)

6.945501802s ago: executing program 5 (id=4370):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070003240000000000000002000300030000000903000038000000fcffffff0e00000000"], 0x58)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

6.456013002s ago: executing program 5 (id=4374):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r1, r1, 0x0, 0xe3aa6ea)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{0x0}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x1c3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
accept4(r4, 0x0, 0x0, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
unshare(0x64000600)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002})

6.437250217s ago: executing program 0 (id=4375):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="110000000000fbdbdf252d0000000e0001006e657464657673696d0000000f0002"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

5.985563163s ago: executing program 0 (id=4376):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f000000000000080085"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x3, 0x0, &(0x7f0000001640))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioprio_set$uid(0x3, 0x0, 0x0)

4.089364873s ago: executing program 0 (id=4378):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
unshare(0x2c020400)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100"/259], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r1, 0x1000)
r2 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
dup(r2)
writev(r0, &(0x7f0000000580)=[{&(0x7f0000000080)="268292", 0xfff6}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.625177449s ago: executing program 3 (id=4380):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000002c0)='./file0/file0\x00', 0x214552, &(0x7f0000000b40)=ANY=[], 0x0, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000fc0)=""/99, &(0x7f0000000000)=0x28)

3.51455451s ago: executing program 4 (id=4382):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001600)=ANY=[@ANYRESHEX=r0, @ANYBLOB="be244b9b715bf68602ce2112160e4f769a39dac147a768e1dc3202b649393e4e1ae687009e54e51badb4c851d517a1197eeaf9463cb1f9a536efd6477ebb74957e552df50d85f768bf9e476449206d68be0a0543c6b383d500"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f00000014c0)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, @sco={0x1f, @none}, @generic={0x27, "115a5d6ee142a1110dfb14fbe261"}, 0x600, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000000)='vxcan1\x00', 0x9, 0x1, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000800000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendfile(r4, r3, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket(0x8000000010, 0x2, 0x0)
write(r7, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r9}, 0x10)
sendto$inet(r8, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r10, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

3.271231434s ago: executing program 1 (id=4383):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000001580)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000900), 0xffffffffffffffff)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x80042, 0x1}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x5, 0x5}}, 0x10, 0x0}, 0x40000)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r1, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.270078735s ago: executing program 5 (id=4384):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r2, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)

3.248528052s ago: executing program 6 (id=4385):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r3, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x38, 0x2, [@TCA_ROUTE4_ACT={0x34, 0x6, [@m_csum={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x80, 0x3}}]}, 0x70}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

2.913262584s ago: executing program 6 (id=4386):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r1, 0x0, 0xfffffffffffffff4}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
mount$bind(&(0x7f0000000800)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1a9851, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

2.386776441s ago: executing program 6 (id=4387):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070003240000000000000002000300030000000903000038000000fcffffff0e00000000"], 0x58)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

2.386624864s ago: executing program 3 (id=4388):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="110000000000fbdbdf252d0000000e0001006e657464657673696d0000000f0002"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.369486723s ago: executing program 4 (id=4389):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000012700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40054)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x100000000000000)

2.210641796s ago: executing program 1 (id=4390):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f000000000000080085"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x3, 0x0, &(0x7f0000001640))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioprio_set$uid(0x3, 0x0, 0x0)

2.145624923s ago: executing program 3 (id=4391):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b705"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mknod$loop(0x0, 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7f, 0x1002, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)

2.104838887s ago: executing program 6 (id=4392):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f6080000000118000008"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r0, 0x7, 0x104, 0x7ff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.994657391s ago: executing program 0 (id=4393):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r0, 0x0, 0x20008800)

1.968872318s ago: executing program 3 (id=4394):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r6}, &(0x7f0000000240), &(0x7f00000003c0)=r8}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r4, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0xad, &(0x7f0000000300)=ANY=[], 0x0)

1.62768602s ago: executing program 4 (id=4395):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
recvmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x100, 0x0)

1.626104274s ago: executing program 5 (id=4396):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2480, 0x0)

811.471966ms ago: executing program 0 (id=4397):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b70300001c000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x94)
syz_emit_ethernet(0x7a, &(0x7f0000000080)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "6ed6c4", 0x44, 0x2f, 0xff, @private2, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x88a8, 0x0, 0xfffc}, {}, {}, {0xa888, 0x88be, 0x8000000, {{0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfe}, 0x1, {0x1}}}, {0x8, 0x22eb, 0x4, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6}}}}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r5 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000001600)={r4, 0x800, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09d0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90005f1c5512406c7f0000000000000400000000000000000000000b3765a500", [0x4, 0x40000000000000]}})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
add_key(&(0x7f0000000340)='ceph\x00', &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0x0)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x13, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x0, 0x6, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NFTA_RULE_POSITION={0x0, 0x6, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="f5c494e5355c2a32c68a4bf79ee9f96a2c786787477b4b3619770b009b16b727288794789db9d16b47e1f0637f0944e2d57891fa8590458167b2b8439dc4ee9d7ef0d9382ea0020776f88856ffacd98cac49815d52c75ad000", @ANYRESDEC=r3, @ANYRESOCT=r4, @ANYRESDEC, @ANYBLOB="edb3839065224273862687c089bbfed243809941ecaf39122ed80e0db4cd051b2be7981757a36a5358e8d566af63971527e3588be06fe1bbf9e8e58b51248d55b96b7dc65a8bc6834f7f6adf09a713beac98ed3a3150e0944c97981a0036de", @ANYRES64=r2], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {0xffff, 0xffff}, {0x5, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

811.072199ms ago: executing program 1 (id=4398):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x40}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0xe4ff, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r2, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x4, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x80, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

809.213858ms ago: executing program 6 (id=4399):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/135], 0x124}}, 0x0)

808.297997ms ago: executing program 3 (id=4400):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd144, 0x0, 0x3, 0x288}, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x10101, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x200000000}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

807.686742ms ago: executing program 4 (id=4401):
r0 = socket(0x18, 0x4, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000640)="52d742aa2c99133b2231e7ff01000000000000835edd8e0ce70ab632b536cd2fe89db804cdb0e44eb13512d48a7a97fec89692aabdf1f240ab02db4d08c443aee325608ce98743b8c309979343b424533fa63be47414e9082741bf19692a6194107ec7e0e041812fedd957a8f38c8d482d2914e79fa7cb508e21a2ce3137a7c9ad44ab1447be9cfa989b04505942b8286c1da3da16c2570198a830dbc0fc821aead524a66e2cbb7ab8c5f7c10eb6c67e33ead29e310ef94ef44ee533616d", 0xbe}, {0x0}], 0x2}}], 0x1, 0x4000)

635.276123ms ago: executing program 4 (id=4402):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x320, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x3, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xfffe, 0x0, 0x0, {[@mptcp=@syn={0x1e, 0xc, 0x9, 0x1, 0x8, 0x2, 0x1}]}}}}}}}, 0x0)

278.969633ms ago: executing program 6 (id=4403):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

136.568058ms ago: executing program 4 (id=4404):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800718, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

24.134423ms ago: executing program 0 (id=4405):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000080), 0x1, 0x451, &(0x7f0000000b00)="$eJzs28tvG8UfAPDvbh6/X1/EVOXRBzRQEBWPpElL6YELCCQOICHBoRxD4lahboOaINGqgoJQOaJK3BFHpP4FnOCCgBOCK3BGlSrUSwsno7V3G8e1XcdK6jT+fKRtZ3bHmfl6duzZHW8AA2s8+yeJ2B4Rv0fEWD27ssB4/b+b1y/M/nP9wmwS1epbfye1cjeuX5gtihav21ZkhiPSz5LY26LexXPnT81UKuWzeX5y6fT7k4vnzj83f3rmZPlk+cz0sWNHDk+9cHT6+TWJM4vrxp6PFvbtfu2dy2/MHr/87k9XkiL+pji6MXTnIuOdDj5Zra6mug1vR0M6Ge5jQ1iVofowjZHa+B+LoVjuvLF49dO+Ng5YV9Vqtfpg+8NXagWATSoxxGFAFV/02fVvsd2lqceGcO2l+gVQFvfNfKsfGY40LzPSdH27lsYj4vjFf7/Ktmi+D7FlnSoFAAbad9n859lW8780Gu8L3ZevoZQi4v6I2BkRRyNiV0Q8EFEr+1BEPLzK+psXSW6ff6ZXewqsS9n878V8bWvl/K+Y/UVpKM/tqMU/kpyYr5QPZe/Jr/vrJeYr5akOdXz/ym9ftDvWOP/Ltqz+Yi6Yt+Pq8P9WvmZuZmmm54CbXPskYs9wq/iTWysBSUTsjog9PdYx//Q3+9odaxP/aFd/eA3WmapfRzxV7/+L0RR/Iem8Pjn5/6iUD00WZ8Xtfv7l0pvt6r9z/6+vrP+3tjz/i/j/LCWN67WLq6/j0h+ft72m7PX8H03eXrHvw5mlpbNTEaPJ67V8qXH/dFO56eXyWfwHD7Qe/ztj+Z3YGxHZSfxIRDwaEfvztj8WEY9HxIEO8f/48hPv9R7/+srin+vY/9HU/8uJ0Wje0zoxdOqHb1dUWlpN/Fn/H6mlDuZ7uvn866ZdvZ3NAAAAcO9JI2J7JOnErXSaTkzUf8O/K7amlYXFpWdOLHxwZq7+jEApRtLiTtdYw/3QqfyyvshP578tLvKH8/vGXw5tqeUnZhcqc/0OHgbctjbjP/NXFw+5APe45nW0rX1qB3D3eV4TBpfxD4PL+IfB1WL8e/QMBkSr7/+P+9AO4O5rGv8dl/1MDGBzcf0Pg8v4h8Fl/MNAWtwSd35IfnMk0ojYAM3YLIlIN0QzJNYp0e9PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLXxXwAAAP//JI/k8w==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x20000, 0x42)
getdents(r0, 0x0, 0x0)

0s ago: executing program 1 (id=4406):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000580)={0x1, {{0x2, 0x4e24, @multicast2}}}, 0x88)

kernel console output (not intermixed with test programs):

ical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  784.995241][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.002672][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.002728][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.017076][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.017126][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.038574][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.038626][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.047421][T17370] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3936'.
[  785.078930][T17363] syz.5.3933: attempt to access beyond end of device
[  785.078930][T17363] loop5: rw=2049, sector=305, nr_sectors = 80 limit=128
[  785.150345][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.160608][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.175427][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.185714][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.193702][T17367] ldm_validate_partition_table(): Disk read failed.
[  785.201849][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.212139][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.235866][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  785.246112][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.254224][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.262432][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.265148][T17362] Buffer I/O error on dev loop5, logical block 305, async page read
[  785.282917][T17367] Dev loop9: unable to read RDB block 0
[  785.288830][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.297112][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.305435][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  785.313490][T17367]  loop9: unable to read partition table
[  785.321755][T17367] loop9: partition table beyond EOD, truncated
[  785.343816][T17367] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  785.343816][T17367] 
) failed (rc=-5)
[  785.604484][T17384] netlink: 'syz.0.3941': attribute type 4 has an invalid length.
[  785.735056][T17386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3942'.
[  785.969516][T17392] loop0: detected capacity change from 0 to 1024
[  786.017275][T17392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  786.108209][T17399] loop1: detected capacity change from 0 to 2048
[  786.141853][T17399] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  786.189295][   T30] audit: type=1800 audit(1760491407.790:1725): pid=17399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3946" name="file1" dev="loop1" ino=15 res=0 errno=0
[  786.845525][T17399] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.3946: bg 0: block 234: padding at end of block bitmap is not set
[  786.864051][T17399] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  786.885798][T17399] EXT4-fs (loop1): This should not happen!! Data will be lost
[  786.885798][T17399] 
[  787.129415][   T30] audit: type=1800 audit(1760491408.720:1726): pid=17411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3945" name="bus" dev="loop0" ino=18 res=0 errno=0
[  787.340662][T13479] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  787.382646][T13479] EXT4-fs (loop1): This should not happen!! Data will be lost
[  787.382646][T13479] 
[  787.415070][T13479] EXT4-fs (loop1): Total free blocks count 0
[  787.421077][T13479] EXT4-fs (loop1): Free/Dirty block details
[  787.442781][T13479] EXT4-fs (loop1): free_blocks=0
[  787.452626][T13479] EXT4-fs (loop1): dirty_blocks=6160
[  787.498327][T13479] EXT4-fs (loop1): Block reservation details
[  787.876656][T16599] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  788.036123][T17423] loop5: detected capacity change from 0 to 128
[  788.142382][T17427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3957'.
[  788.263904][T17427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3957'.
[  789.834976][T17454] loop0: detected capacity change from 0 to 1024
[  789.865677][T17452] loop4: detected capacity change from 0 to 2048
[  789.902160][T17452] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  789.917458][T17454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  789.958759][   T30] audit: type=1800 audit(1760491411.550:1727): pid=17452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3966" name="file1" dev="loop4" ino=15 res=0 errno=0
[  790.022850][T17463] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3968'.
[  790.078399][T17463] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3968'.
[  790.231555][   T30] audit: type=1326 audit(1760491411.830:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17455 comm="syz.5.3968" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6375f8eec9 code=0x0
[  790.598027][T17452] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.3966: bg 0: block 234: padding at end of block bitmap is not set
[  790.649136][T17452] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  790.678638][T17452] EXT4-fs (loop4): This should not happen!! Data will be lost
[  790.678638][T17452] 
[  790.705313][T17476] program syz.1.3970 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  790.759366][   T30] audit: type=1800 audit(1760491412.360:1729): pid=17477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3967" name="bus" dev="loop0" ino=18 res=0 errno=0
[  790.986917][T17481] loop5: detected capacity change from 0 to 128
[  791.047995][T17483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3973'.
[  791.098868][T17481] bio_check_eod: 1534 callbacks suppressed
[  791.098890][T17481] syz.5.3972: attempt to access beyond end of device
[  791.098890][T17481] loop5: rw=2049, sector=145, nr_sectors = 24 limit=128
[  791.146337][T17481] syz.5.3972: attempt to access beyond end of device
[  791.146337][T17481] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[  791.149192][T17483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3973'.
[  791.202955][T17481] syz.5.3972: attempt to access beyond end of device
[  791.202955][T17481] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  791.240027][T13472] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 88 with error 28
[  791.279002][T16599] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  791.292876][T17481] syz.5.3972: attempt to access beyond end of device
[  791.292876][T17481] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  791.317892][T13472] EXT4-fs (loop4): This should not happen!! Data will be lost
[  791.317892][T13472] 
[  791.338473][T13472] EXT4-fs (loop4): Total free blocks count 0
[  791.348571][T13472] EXT4-fs (loop4): Free/Dirty block details
[  791.370020][T13472] EXT4-fs (loop4): free_blocks=0
[  791.379809][T17481] syz.5.3972: attempt to access beyond end of device
[  791.379809][T17481] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  791.397897][T13472] EXT4-fs (loop4): dirty_blocks=96
[  791.412712][T13472] EXT4-fs (loop4): Block reservation details
[  791.451420][T17486] syz.5.3972: attempt to access beyond end of device
[  791.451420][T17486] loop5: rw=2049, sector=305, nr_sectors = 80 limit=128
[  791.466388][T17481] syz.5.3972: attempt to access beyond end of device
[  791.466388][T17481] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  791.532548][T17486] syz.5.3972: attempt to access beyond end of device
[  791.532548][T17486] loop5: rw=2049, sector=393, nr_sectors = 8 limit=128
[  791.542637][T17481] syz.5.3972: attempt to access beyond end of device
[  791.542637][T17481] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  791.620342][T17481] syz.5.3972: attempt to access beyond end of device
[  791.620342][T17481] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  791.766735][T17480] buffer_io_error: 1471 callbacks suppressed
[  791.766762][T17480] Buffer I/O error on dev loop5, logical block 305, async page read
[  791.822350][T17480] Buffer I/O error on dev loop5, logical block 306, async page read
[  791.851628][T17480] Buffer I/O error on dev loop5, logical block 307, async page read
[  791.882851][T17480] Buffer I/O error on dev loop5, logical block 308, async page read
[  791.922825][T17480] Buffer I/O error on dev loop5, logical block 309, async page read
[  791.942894][T17480] Buffer I/O error on dev loop5, logical block 310, async page read
[  791.951000][T17480] Buffer I/O error on dev loop5, logical block 311, async page read
[  791.991435][T17480] Buffer I/O error on dev loop5, logical block 312, async page read
[  792.032857][T17480] Buffer I/O error on dev loop5, logical block 305, async page read
[  792.082799][T17480] Buffer I/O error on dev loop5, logical block 306, async page read
[  792.165943][T17502] loop1: detected capacity change from 0 to 2048
[  792.232471][T17502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  793.724131][T17518] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  793.742028][T17518] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  793.813085][T17518] EXT4-fs (loop1): This should not happen!! Data will be lost
[  793.813085][T17518] 
[  793.822885][T17518] EXT4-fs (loop1): Total free blocks count 0
[  793.828877][T17518] EXT4-fs (loop1): Free/Dirty block details
[  793.834861][T17518] EXT4-fs (loop1): free_blocks=2415919504
[  793.843185][T17518] EXT4-fs (loop1): dirty_blocks=48
[  793.848307][T17518] EXT4-fs (loop1): Block reservation details
[  793.854346][T17518] EXT4-fs (loop1): i_reserved_data_blocks=3
[  794.034366][T17521] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  794.189850][T17521] loop9: detected capacity change from 0 to 8
[  794.209668][    C1] blk_print_req_error: 5 callbacks suppressed
[  794.209700][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.278175][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.312933][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.408987][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.487356][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.490114][T17529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3985'.
[  794.490145][T17529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3985'.
[  794.540147][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.609608][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.622498][   T30] audit: type=1326 audit(1760491416.220:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17524 comm="syz.4.3985" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x0
[  794.663373][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.700938][T17521] ldm_validate_partition_table(): Disk read failed.
[  794.701147][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.702401][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  794.766625][T17521] Dev loop9: unable to read RDB block 0
[  794.830140][T17521]  loop9: unable to read partition table
[  794.830393][T17521] loop9: partition table beyond EOD, truncated
[  794.830422][T17521] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  794.830422][T17521] 
) failed (rc=-5)
[  795.184057][ T6574] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  795.437323][T17534] loop0: detected capacity change from 0 to 2048
[  795.450219][T17539] loop1: detected capacity change from 0 to 1024
[  795.496837][T17534] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  795.512468][T17539] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  795.533314][   T30] audit: type=1800 audit(1760491417.130:1731): pid=17534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3987" name="file1" dev="loop0" ino=15 res=0 errno=0
[  796.182961][T17534] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.3987: bg 0: block 234: padding at end of block bitmap is not set
[  796.200438][T17534] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  796.213018][T17534] EXT4-fs (loop0): This should not happen!! Data will be lost
[  796.213018][T17534] 
[  796.506383][T13487] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  796.562722][T13487] EXT4-fs (loop0): This should not happen!! Data will be lost
[  796.562722][T13487] 
[  796.583942][T13487] EXT4-fs (loop0): Total free blocks count 0
[  796.589957][T13487] EXT4-fs (loop0): Free/Dirty block details
[  796.606300][T13487] EXT4-fs (loop0): free_blocks=0
[  796.616429][T13487] EXT4-fs (loop0): dirty_blocks=5376
[  796.628946][T13487] EXT4-fs (loop0): Block reservation details
[  796.669761][   T30] audit: type=1800 audit(1760491418.270:1732): pid=17561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3988" name="bus" dev="loop1" ino=18 res=0 errno=0
[  797.332924][T15331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  797.447317][T17572] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4002'.
[  797.475726][T17572] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4002'.
[  797.574594][T17580] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  797.596791][T17580] loop9: detected capacity change from 0 to 8
[  797.616365][    C0] buffer_io_error: 741 callbacks suppressed
[  797.616390][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.684167][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.697585][T17578] loop1: detected capacity change from 0 to 2048
[  797.704352][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.722603][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.735062][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.744125][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.764881][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.773734][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.781959][T17580] ldm_validate_partition_table(): Disk read failed.
[  797.789784][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.799617][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  797.845540][T17578] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  797.863038][T17580] Dev loop9: unable to read RDB block 0
[  797.885576][T17580]  loop9: unable to read partition table
[  797.891492][T17580] loop9: partition table beyond EOD, truncated
[  797.923829][T17580] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  797.923829][T17580] 
) failed (rc=-5)
[  798.324159][T17602] program syz.3.4009 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  799.291471][T17604] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  799.306416][T17604] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  799.318757][T17604] EXT4-fs (loop1): This should not happen!! Data will be lost
[  799.318757][T17604] 
[  799.330220][T17604] EXT4-fs (loop1): Total free blocks count 0
[  799.337422][T17604] EXT4-fs (loop1): Free/Dirty block details
[  799.343387][T17604] EXT4-fs (loop1): free_blocks=2415919504
[  799.349115][T17604] EXT4-fs (loop1): dirty_blocks=80
[  799.355456][T17604] EXT4-fs (loop1): Block reservation details
[  799.361443][T17604] EXT4-fs (loop1): i_reserved_data_blocks=5
[  799.401064][T17600] loop4: detected capacity change from 0 to 2048
[  799.552803][T17599] Can't find ip_set type hash:net,
[  799.694243][T17600] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  799.912846][   T30] audit: type=1800 audit(1760491421.460:1733): pid=17600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4010" name="file1" dev="loop4" ino=15 res=0 errno=0
[  800.162716][T17600] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4010: bg 0: block 234: padding at end of block bitmap is not set
[  800.225186][T17600] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 528 with error 117
[  800.282687][T17600] EXT4-fs (loop4): This should not happen!! Data will be lost
[  800.282687][T17600] 
[  800.601340][T17002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.825748][T13478] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  801.474068][T17632] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4020'.
[  801.534529][T17632] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4020'.
[  801.587249][T17634] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  801.649692][T17634] loop9: detected capacity change from 0 to 8
[  801.675327][    C0] blk_print_req_error: 20 callbacks suppressed
[  801.675354][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.699231][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.719706][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.734619][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.736703][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.741540][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.742829][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.743090][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.743255][T17634] ldm_validate_partition_table(): Disk read failed.
[  801.743417][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.743667][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  801.744194][T17634] Dev loop9: unable to read RDB block 0
[  801.748277][T17634]  loop9: unable to read partition table
[  801.748533][T17634] loop9: partition table beyond EOD, truncated
[  801.748563][T17634] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  801.748563][T17634] 
) failed (rc=-5)
[  802.724337][T17657] program syz.3.4029 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  802.790898][T17663] loop4: detected capacity change from 0 to 1024
[  802.812173][T17666] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4030'.
[  802.856605][T17666] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4030'.
[  802.871948][T17663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  803.711983][T17682] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4039'.
[  803.742698][   T30] audit: type=1800 audit(1760491425.330:1734): pid=17683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4032" name="bus" dev="loop4" ino=18 res=0 errno=0
[  803.863003][T17689] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4039'.
[  804.854677][T17002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.959584][T17726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4053'.
[  805.982229][T17726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4053'.
[  806.222638][   T30] audit: type=1326 audit(1760491427.800:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17723 comm="syz.1.4053" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7ff922785d67 code=0x0
[  806.726593][T17738] loop6: detected capacity change from 0 to 1024
[  806.835792][T17738] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  808.161951][   T30] audit: type=1800 audit(1760491429.760:1736): pid=17752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4057" name="bus" dev="loop6" ino=18 res=0 errno=0
[  808.241492][T17754] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4062'.
[  808.346135][T17756] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4062'.
[  808.869169][ T7731] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.263580][T17770] loop5: detected capacity change from 0 to 2048
[  809.330955][T17770] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  809.399468][   T30] audit: type=1800 audit(1760491431.000:1737): pid=17770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4068" name="file1" dev="loop5" ino=15 res=0 errno=0
[  809.413338][T17778] loop6: detected capacity change from 0 to 2048
[  809.746070][T17778] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  810.272849][T17770] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.4068: bg 0: block 234: padding at end of block bitmap is not set
[  811.252639][T17788] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  811.273357][T17788] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  811.289305][T17788] EXT4-fs (loop6): This should not happen!! Data will be lost
[  811.289305][T17788] 
[  811.299063][T17788] EXT4-fs (loop6): Total free blocks count 0
[  811.305134][T17788] EXT4-fs (loop6): Free/Dirty block details
[  811.311035][T17788] EXT4-fs (loop6): free_blocks=2415919504
[  811.316797][T17788] EXT4-fs (loop6): dirty_blocks=32
[  811.321913][T17788] EXT4-fs (loop6): Block reservation details
[  811.327943][T17788] EXT4-fs (loop6): i_reserved_data_blocks=2
[  811.396422][T17770] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  811.492796][T17770] EXT4-fs (loop5): This should not happen!! Data will be lost
[  811.492796][T17770] 
[  811.872245][T17793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4073'.
[  811.949978][T17793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4073'.
[  812.166562][   T30] audit: type=1326 audit(1760491433.680:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17790 comm="syz.3.4073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f494dd8eec9 code=0x0
[  812.276533][T13463] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  812.319896][T13463] EXT4-fs (loop5): This should not happen!! Data will be lost
[  812.319896][T13463] 
[  812.359959][T13463] EXT4-fs (loop5): Total free blocks count 0
[  812.391903][T13463] EXT4-fs (loop5): Free/Dirty block details
[  812.429590][T13463] EXT4-fs (loop5): free_blocks=0
[  812.448887][T13463] EXT4-fs (loop5): dirty_blocks=4416
[  812.484380][T13463] EXT4-fs (loop5): Block reservation details
[  812.732361][T13474] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  812.753996][T17794] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  812.806150][T17794] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  812.812279][T17794] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  812.822985][T17794] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  812.829107][T17794] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  812.942990][T17794] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  813.053291][T17802] program syz.3.4079 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  813.254079][T17806] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  813.286971][T17806] loop9: detected capacity change from 0 to 8
[  813.304587][    C1] blk_print_req_error: 5 callbacks suppressed
[  813.304613][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.320944][    C1] buffer_io_error: 20 callbacks suppressed
[  813.320968][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.335064][T17808] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4080'.
[  813.342669][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.354219][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.364664][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.374941][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.384980][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.399670][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.426977][T17811] loop3: detected capacity change from 0 to 128
[  813.454056][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.464288][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.492712][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.502941][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.522630][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.532854][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.542711][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.550322][T17811] bio_check_eod: 769 callbacks suppressed
[  813.550345][T17811] syz.3.4082: attempt to access beyond end of device
[  813.550345][T17811] loop3: rw=2049, sector=145, nr_sectors = 24 limit=128
[  813.552928][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.554154][T17806] ldm_validate_partition_table(): Disk read failed.
[  813.604153][T17811] syz.3.4082: attempt to access beyond end of device
[  813.604153][T17811] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[  813.619397][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.629681][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.729963][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  813.740249][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  813.748535][T17811] syz.3.4082: attempt to access beyond end of device
[  813.748535][T17811] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[  813.765562][T17806] Dev loop9: unable to read RDB block 0
[  813.793320][T17806]  loop9: unable to read partition table
[  813.801266][T17811] syz.3.4082: attempt to access beyond end of device
[  813.801266][T17811] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[  813.832390][T17806] loop9: partition table beyond EOD, truncated
[  813.852698][T17806] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  813.852698][T17806] 
) failed (rc=-5)
[  813.887236][T17817] syz.3.4082: attempt to access beyond end of device
[  813.887236][T17817] loop3: rw=2049, sector=305, nr_sectors = 80 limit=128
[  813.893827][T17811] syz.3.4082: attempt to access beyond end of device
[  813.893827][T17811] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[  813.952317][T17811] syz.3.4082: attempt to access beyond end of device
[  813.952317][T17811] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[  813.987905][T17817] syz.3.4082: attempt to access beyond end of device
[  813.987905][T17817] loop3: rw=2049, sector=393, nr_sectors = 8 limit=128
[  814.002953][T17811] syz.3.4082: attempt to access beyond end of device
[  814.002953][T17811] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[  814.057819][T17817] syz.3.4082: attempt to access beyond end of device
[  814.057819][T17817] loop3: rw=2049, sector=409, nr_sectors = 8 limit=128
[  814.092777][T16899] Bluetooth: hci6: command 0x0405 tx timeout
[  814.197961][T17828] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4087'.
[  814.322174][T17830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4089'.
[  814.401128][T17832] loop3: detected capacity change from 0 to 512
[  814.428027][T17832] EXT4-fs: Ignoring removed bh option
[  814.467820][T17832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  814.483995][T17832] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  814.540850][T17839] loop0: detected capacity change from 0 to 2048
[  814.563439][T17839] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.583530][T17844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4092'.
[  814.592612][T17844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4092'.
[  814.678813][   T30] audit: type=1326 audit(1760491436.280:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17840 comm="syz.1.4092" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x0
[  814.882912][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  814.889178][   T52] Bluetooth: hci4: command 0x0c1a tx timeout
[  814.895447][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  814.902021][T16899] Bluetooth: hci0: command 0x0c1a tx timeout
[  815.973748][T17850] Bluetooth: hci1: command 0x0c1a tx timeout
[  816.000805][T17849] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  816.011938][T17853] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  816.029950][T17853] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 96 with error 28
[  816.042419][T17853] EXT4-fs (loop0): This should not happen!! Data will be lost
[  816.042419][T17853] 
[  816.052202][T17853] EXT4-fs (loop0): Total free blocks count 0
[  816.062474][T17853] EXT4-fs (loop0): Free/Dirty block details
[  816.068483][T17853] EXT4-fs (loop0): free_blocks=2415919504
[  816.074409][T17853] EXT4-fs (loop0): dirty_blocks=112
[  816.079684][T17853] EXT4-fs (loop0): Block reservation details
[  816.086167][T17849] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  816.092329][T17849] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  816.112957][T17853] EXT4-fs (loop0): i_reserved_data_blocks=7
[  816.383862][T17849] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  816.390015][T17849] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  816.435366][T17849] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  817.039894][ T5829] Bluetooth: hci6: command 0x0405 tx timeout
[  817.098536][T15816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  817.163793][T17863] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4097'.
[  817.576945][T13480] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  817.828390][T17875] loop0: detected capacity change from 0 to 128
[  818.246335][T17882] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4105'.
[  818.248146][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  818.263180][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  818.392919][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  818.399042][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  818.472736][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  818.478865][T17850] Bluetooth: hci0: command 0x0c1a tx timeout
[  818.485116][T17850] Bluetooth: hci2: command 0x0c1a tx timeout
[  819.352421][T17895] loop3: detected capacity change from 0 to 512
[  819.372117][T17895] EXT4-fs: Ignoring removed bh option
[  819.405042][T17895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  819.426043][T17895] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  819.872011][T17892] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  819.899249][T17892] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  819.932380][T17892] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  819.961847][T17892] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  819.987053][T17892] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  820.009614][T17892] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  820.407354][T17907] netlink: 'syz.4.4113': attribute type 4 has an invalid length.
[  820.425865][T17907] netlink: 'syz.4.4113': attribute type 4 has an invalid length.
[  820.537411][T17908] loop5: detected capacity change from 0 to 2048
[  821.160757][T15816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.292826][ T5829] Bluetooth: hci6: command 0x0405 tx timeout
[  821.414734][T17908] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  821.438961][T17914] loop4: detected capacity change from 0 to 2048
[  821.625091][T17914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.694321][T17920] loop1: detected capacity change from 0 to 128
[  821.852669][   T30] audit: type=1800 audit(1760491443.430:1740): pid=17914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4115" name="file1" dev="loop4" ino=15 res=0 errno=0
[  821.883358][T17925] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4116'.
[  821.942833][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  821.993032][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  821.993944][T17920] bio_check_eod: 12 callbacks suppressed
[  821.993967][T17920] syz.1.4117: attempt to access beyond end of device
[  821.993967][T17920] loop1: rw=2049, sector=145, nr_sectors = 24 limit=128
[  822.001269][T17850] Bluetooth: hci2: command 0x0c1a tx timeout
[  822.006699][T16899] Bluetooth: hci4: command 0x0c1a tx timeout
[  822.991464][T16899] Bluetooth: hci1: command 0x0c1a tx timeout
[  823.014037][T17929] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  823.031100][T17929] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  823.043472][T17929] EXT4-fs (loop5): This should not happen!! Data will be lost
[  823.043472][T17929] 
[  823.053143][T17929] EXT4-fs (loop5): Total free blocks count 0
[  823.059131][T17929] EXT4-fs (loop5): Free/Dirty block details
[  823.065070][T17929] EXT4-fs (loop5): free_blocks=2415919504
[  823.070798][T17929] EXT4-fs (loop5): dirty_blocks=80
[  823.075962][T17929] EXT4-fs (loop5): Block reservation details
[  823.081946][T17929] EXT4-fs (loop5): i_reserved_data_blocks=5
[  823.093807][T17914] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4115: bg 0: block 234: padding at end of block bitmap is not set
[  823.190473][T17920] syz.1.4117: attempt to access beyond end of device
[  823.190473][T17920] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[  823.232817][T17914] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 578 with error 117
[  823.275990][T17920] syz.1.4117: attempt to access beyond end of device
[  823.275990][T17920] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  823.299435][T17914] EXT4-fs (loop4): This should not happen!! Data will be lost
[  823.299435][T17914] 
[  823.373079][T17920] syz.1.4117: attempt to access beyond end of device
[  823.373079][T17920] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  823.441066][T17920] syz.1.4117: attempt to access beyond end of device
[  823.441066][T17920] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  823.509442][T17920] syz.1.4117: attempt to access beyond end of device
[  823.509442][T17920] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  823.570863][T17920] syz.1.4117: attempt to access beyond end of device
[  823.570863][T17920] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  823.609659][T17002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.639547][T17920] syz.1.4117: attempt to access beyond end of device
[  823.639547][T17920] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  823.676545][T17920] syz.1.4117: attempt to access beyond end of device
[  823.676545][T17920] loop1: rw=2049, sector=289, nr_sectors = 9 limit=128
[  824.182889][T17937] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4119'.
[  824.205162][T17939] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4121'.
[  824.574585][T13491] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  824.995865][T17952] netlink: 'syz.4.4127': attribute type 4 has an invalid length.
[  825.013503][T17952] netlink: 'syz.4.4127': attribute type 4 has an invalid length.
[  825.231200][T17955] loop6: detected capacity change from 0 to 512
[  825.243197][T17955] EXT4-fs: Ignoring removed bh option
[  825.510298][T17955] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.534589][T17965] program syz.4.4131 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  825.588409][T17955] ext4 filesystem being mounted at /519/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  825.637799][T17947] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  825.763644][T17947] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  825.960528][T17947] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  826.262196][T17947] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  826.294714][T17947] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  826.306373][T17968] loop5: detected capacity change from 0 to 128
[  826.345736][T17947] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  826.461721][T17968] syz.5.4132: attempt to access beyond end of device
[  826.461721][T17968] loop5: rw=2049, sector=145, nr_sectors = 24 limit=128
[  826.630851][T17977] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4136'.
[  826.701775][T17979] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4135'.
[  826.869069][ T7731] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  826.954700][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  827.017091][T17988] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4140'.
[  827.809799][T17994] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  827.822829][T17994] loop9: detected capacity change from 0 to 8
[  827.845998][    C0] blk_print_req_error: 5 callbacks suppressed
[  827.846026][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.862375][    C0] buffer_io_error: 6 callbacks suppressed
[  827.862399][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.881157][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.891408][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.901977][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.905667][T17997] netlink: 'syz.4.4142': attribute type 4 has an invalid length.
[  827.912244][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.920138][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  827.928750][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.943932][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.944328][T17988] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  827.956698][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.956748][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.976097][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.976146][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.986515][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.986564][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.990557][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.990606][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.990698][T17994] ldm_validate_partition_table(): Disk read failed.
[  827.990861][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.990907][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.991115][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  827.991162][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  827.991719][T17994] Dev loop9: unable to read RDB block 0
[  827.992359][T17994]  loop9: unable to read partition table
[  827.992813][T17994] loop9: partition table beyond EOD, truncated
[  827.992843][T17994] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  827.992843][T17994] 
) failed (rc=-5)
[  827.997461][T17999] netlink: 'syz.4.4142': attribute type 4 has an invalid length.
[  828.060447][T17850] Bluetooth: hci4: command 0x0c1a tx timeout
[  828.127761][T17988] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  828.250466][T17988] bond0 (unregistering): Released all slaves
[  828.332732][T17850] Bluetooth: hci0: command 0x0c1a tx timeout
[  828.338852][T16899] Bluetooth: hci2: command 0x0c1a tx timeout
[  828.392690][T17850] Bluetooth: hci1: command 0x0c1a tx timeout
[  828.743451][T18012] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4146'.
[  828.752743][T18012] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4146'.
[  828.836834][   T30] audit: type=1326 audit(1760491450.420:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18008 comm="syz.5.4146" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6375f8eec9 code=0x0
[  829.531870][T18019] loop5: detected capacity change from 0 to 128
[  829.597594][T18019] bio_check_eod: 8 callbacks suppressed
[  829.597620][T18019] syz.5.4149: attempt to access beyond end of device
[  829.597620][T18019] loop5: rw=2049, sector=145, nr_sectors = 24 limit=128
[  829.640508][T18019] syz.5.4149: attempt to access beyond end of device
[  829.640508][T18019] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[  829.691137][T18019] syz.5.4149: attempt to access beyond end of device
[  829.691137][T18019] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  829.729793][T18016] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  829.748049][T18016] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  829.768379][T18016] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  829.792867][T18019] syz.5.4149: attempt to access beyond end of device
[  829.792867][T18019] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  829.792984][T18016] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  829.813206][T18019] syz.5.4149: attempt to access beyond end of device
[  829.813206][T18019] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  829.829648][T18019] syz.5.4149: attempt to access beyond end of device
[  829.829648][T18019] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  829.843747][T18019] syz.5.4149: attempt to access beyond end of device
[  829.843747][T18019] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  829.859756][T18019] syz.5.4149: attempt to access beyond end of device
[  829.859756][T18019] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  829.862950][T18016] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  829.873632][T18019] syz.5.4149: attempt to access beyond end of device
[  829.873632][T18019] loop5: rw=2049, sector=289, nr_sectors = 9 limit=128
[  829.885034][T18023] syz.5.4149: attempt to access beyond end of device
[  829.885034][T18023] loop5: rw=2049, sector=305, nr_sectors = 80 limit=128
[  829.925154][T18016] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  830.136815][T18027] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4152'.
[  830.165733][T18029] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4153'.
[  830.375246][T18031] loop4: detected capacity change from 0 to 1024
[  830.394936][T18031] EXT4-fs: inline encryption not supported
[  830.405666][T18031] EXT4-fs: Ignoring removed nobh option
[  830.411324][T18031] EXT4-fs: Ignoring removed bh option
[  830.467904][T18031] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  830.577648][T18041] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  830.607368][T17002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  830.844331][T18043] loop4: detected capacity change from 0 to 2048
[  830.892754][T18043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  830.948532][   T30] audit: type=1800 audit(1760491452.540:1742): pid=18043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4158" name="file1" dev="loop4" ino=15 res=0 errno=0
[  830.978438][T17900] Set syz1 is full, maxelem 65536 reached
[  831.112692][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  831.236255][T18047] netlink: 'syz.0.4159': attribute type 4 has an invalid length.
[  831.283662][T18047] netlink: 'syz.0.4159': attribute type 4 has an invalid length.
[  831.534513][T18056] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4161'.
[  831.583098][T18056] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4161'.
[  831.674403][   T30] audit: type=1326 audit(1760491453.270:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18050 comm="syz.5.4161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6375f8eec9 code=0x0
[  831.759514][T18043] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4158: bg 0: block 234: padding at end of block bitmap is not set
[  831.839425][T18043] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  831.842763][T17850] Bluetooth: hci2: command 0x0c1a tx timeout
[  831.852123][T16899] Bluetooth: hci4: command 0x0c1a tx timeout
[  831.858341][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  831.956215][T16899] Bluetooth: hci0: command 0x0c1a tx timeout
[  831.992756][T16899] Bluetooth: hci1: command 0x0c1a tx timeout
[  832.209548][T18043] EXT4-fs (loop4): This should not happen!! Data will be lost
[  832.209548][T18043] 
[  832.758845][T18068] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4167'.
[  832.788197][T18068] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4167'.
[  833.120494][T13463] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1006 with error 28
[  833.197213][T13463] EXT4-fs (loop4): This should not happen!! Data will be lost
[  833.197213][T13463] 
[  833.207132][T13463] EXT4-fs (loop4): Total free blocks count 0
[  833.213200][T13463] EXT4-fs (loop4): Free/Dirty block details
[  833.219232][T13463] EXT4-fs (loop4): free_blocks=0
[  833.224625][T18077] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4168'.
[  833.233771][T13463] EXT4-fs (loop4): dirty_blocks=1024
[  833.239133][T13463] EXT4-fs (loop4): Block reservation details
[  833.523016][T18083] program syz.4.4170 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  833.572403][T18067] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  833.578674][T18067] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  833.617835][T18067] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  833.646602][T18067] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  833.674031][T18067] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  833.712705][T18067] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  833.998063][T18094] netlink: 'syz.3.4175': attribute type 4 has an invalid length.
[  834.016343][T18093] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4176'.
[  834.031703][T18094] netlink: 'syz.3.4175': attribute type 4 has an invalid length.
[  835.186632][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  835.391601][T18105] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4178'.
[  835.559081][T18105] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4178'.
[  835.633539][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  835.673031][T17850] Bluetooth: hci4: command 0x0c1a tx timeout
[  835.679897][T17850] Bluetooth: hci0: command 0x0c1a tx timeout
[  835.686526][T17850] Bluetooth: hci2: command 0x0c1a tx timeout
[  835.811725][T16899] Bluetooth: hci1: command 0x0c1a tx timeout
[  835.874404][   T30] audit: type=1326 audit(1760491457.480:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18099 comm="syz.6.4178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0defb8eec9 code=0x0
[  836.339094][T18118] loop3: detected capacity change from 0 to 2048
[  836.457518][T18122] loop4: detected capacity change from 0 to 128
[  836.524190][T18126] program syz.6.4187 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  836.528329][T18118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  836.590868][T18122] bio_check_eod: 798 callbacks suppressed
[  836.590894][T18122] syz.4.4185: attempt to access beyond end of device
[  836.590894][T18122] loop4: rw=2049, sector=145, nr_sectors = 24 limit=128
[  836.610581][T18122] syz.4.4185: attempt to access beyond end of device
[  836.610581][T18122] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128
[  836.624280][T18122] syz.4.4185: attempt to access beyond end of device
[  836.624280][T18122] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[  836.656027][T18122] syz.4.4185: attempt to access beyond end of device
[  836.656027][T18122] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  836.681150][   T30] audit: type=1800 audit(1760491458.280:1745): pid=18118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4183" name="file1" dev="loop3" ino=15 res=0 errno=0
[  836.775469][T18134] syz.4.4185: attempt to access beyond end of device
[  836.775469][T18134] loop4: rw=2049, sector=305, nr_sectors = 80 limit=128
[  836.781217][T18122] syz.4.4185: attempt to access beyond end of device
[  836.781217][T18122] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  836.834547][T18122] syz.4.4185: attempt to access beyond end of device
[  836.834547][T18122] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  836.850361][T18122] syz.4.4185: attempt to access beyond end of device
[  836.850361][T18122] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  836.867719][T18122] syz.4.4185: attempt to access beyond end of device
[  836.867719][T18122] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  836.881511][T18122] syz.4.4185: attempt to access beyond end of device
[  836.881511][T18122] loop4: rw=2049, sector=289, nr_sectors = 9 limit=128
[  836.913639][T18121] buffer_io_error: 741 callbacks suppressed
[  836.913664][T18121] Buffer I/O error on dev loop4, logical block 305, async page read
[  836.948504][T18121] Buffer I/O error on dev loop4, logical block 306, async page read
[  836.960763][T18141] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4188'.
[  836.981332][T18121] Buffer I/O error on dev loop4, logical block 307, async page read
[  836.999458][T18121] Buffer I/O error on dev loop4, logical block 308, async page read
[  837.024403][T18121] Buffer I/O error on dev loop4, logical block 309, async page read
[  837.042908][T18121] Buffer I/O error on dev loop4, logical block 310, async page read
[  837.064349][T18121] Buffer I/O error on dev loop4, logical block 311, async page read
[  837.143006][T18121] Buffer I/O error on dev loop4, logical block 312, async page read
[  837.144616][T18118] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.4183: bg 0: block 234: padding at end of block bitmap is not set
[  837.168552][T18121] Buffer I/O error on dev loop4, logical block 305, async page read
[  837.181347][T18121] Buffer I/O error on dev loop4, logical block 306, async page read
[  837.182804][T18118] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1452 with error 117
[  837.232776][T18118] EXT4-fs (loop3): This should not happen!! Data will be lost
[  837.232776][T18118] 
[  837.597744][T15816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.621802][T18145] loop6: detected capacity change from 0 to 2048
[  837.721095][T18145] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  837.753842][T18150] netlink: 'syz.3.4193': attribute type 4 has an invalid length.
[  837.828981][T18150] netlink: 'syz.3.4193': attribute type 4 has an invalid length.
[  839.142195][T18163] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  839.157331][T18163] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 28
[  839.169711][T18163] EXT4-fs (loop6): This should not happen!! Data will be lost
[  839.169711][T18163] 
[  839.179432][T18163] EXT4-fs (loop6): Total free blocks count 0
[  839.185453][T18163] EXT4-fs (loop6): Free/Dirty block details
[  839.191356][T18163] EXT4-fs (loop6): free_blocks=2415919504
[  839.197180][T18163] EXT4-fs (loop6): dirty_blocks=144
[  839.203414][T18163] EXT4-fs (loop6): Block reservation details
[  839.209402][T18163] EXT4-fs (loop6): i_reserved_data_blocks=9
[  840.614209][ T6564] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  840.949087][T18177] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4200'.
[  840.958146][T18177] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4200'.
[  841.043397][   T30] audit: type=1326 audit(1760491462.640:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18175 comm="syz.6.4200" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0defb8eec9 code=0x0
[  841.294978][T18180] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4201'.
[  841.353258][T18180] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4201'.
[  841.787758][T18202] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4208'.
[  841.802703][T18203] netlink: 'syz.0.4209': attribute type 4 has an invalid length.
[  842.053067][T18205] netlink: 'syz.0.4209': attribute type 4 has an invalid length.
[  842.332909][T18193] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  842.339093][T18193] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  842.378913][T18193] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  842.401933][T18193] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  842.417609][T18193] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  842.436567][T18193] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  842.597713][T18200] warn_alloc: 1 callbacks suppressed
[  842.597738][T18200] syz.6.4207: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  842.726753][T18200] CPU: 0 UID: 0 PID: 18200 Comm: syz.6.4207 Not tainted syzkaller #0 PREEMPT(full) 
[  842.726800][T18200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  842.726823][T18200] Call Trace:
[  842.726835][T18200]  <TASK>
[  842.726850][T18200]  dump_stack_lvl+0x16c/0x1f0
[  842.726914][T18200]  warn_alloc+0x248/0x3a0
[  842.726980][T18200]  ? __pfx_warn_alloc+0x10/0x10
[  842.727068][T18200]  ? xskq_create+0xfb/0x1d0
[  842.727114][T18200]  ? srso_alias_return_thunk+0x5/0xfbef5
[  842.727159][T18200]  ? __vmalloc_node_noprof+0xad/0xf0
[  842.727221][T18200]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  842.727292][T18200]  ? xskq_create+0xfb/0x1d0
[  842.727352][T18200]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  842.727426][T18200]  ? xskq_create+0xfb/0x1d0
[  842.727474][T18200]  vmalloc_user_noprof+0x9e/0xe0
[  842.727530][T18200]  ? xskq_create+0xfb/0x1d0
[  842.727581][T18200]  xskq_create+0xfb/0x1d0
[  842.727633][T18200]  xsk_setsockopt+0x792/0x9a0
[  842.727683][T18200]  ? __pfx_xsk_setsockopt+0x10/0x10
[  842.727727][T18200]  ? srso_alias_return_thunk+0x5/0xfbef5
[  842.727771][T18200]  ? find_held_lock+0x2b/0x80
[  842.727837][T18200]  ? srso_alias_return_thunk+0x5/0xfbef5
[  842.727882][T18200]  ? aa_sock_opt_perm+0xfd/0x1c0
[  842.727946][T18200]  ? __pfx_xsk_setsockopt+0x10/0x10
[  842.727994][T18200]  do_sock_setsockopt+0xf3/0x1d0
[  842.728044][T18200]  __sys_setsockopt+0x1a0/0x230
[  842.728108][T18200]  __x64_sys_setsockopt+0xbd/0x160
[  842.728160][T18200]  ? do_syscall_64+0x91/0xfa0
[  842.728215][T18200]  ? srso_alias_return_thunk+0x5/0xfbef5
[  842.728259][T18200]  ? lockdep_hardirqs_on+0x7c/0x110
[  842.728316][T18200]  do_syscall_64+0xcd/0xfa0
[  842.728377][T18200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.728414][T18200] RIP: 0033:0x7f0defb8eec9
[  842.728443][T18200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  842.728480][T18200] RSP: 002b:00007f0df09f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  842.728515][T18200] RAX: ffffffffffffffda RBX: 00007f0defde6090 RCX: 00007f0defb8eec9
[  842.728541][T18200] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000008
[  842.728564][T18200] RBP: 00007f0defc11f91 R08: 0000000000000004 R09: 0000000000000000
[  842.728589][T18200] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000
[  842.728613][T18200] R13: 00007f0defde6128 R14: 00007f0defde6090 R15: 00007ffee6042d28
[  842.728667][T18200]  </TASK>
[  842.728688][T18200] Mem-Info:
[  843.032616][T18200] active_anon:7021 inactive_anon:0 isolated_anon:0
[  843.032616][T18200]  active_file:13385 inactive_file:40186 isolated_file:0
[  843.032616][T18200]  unevictable:768 dirty:159 writeback:0
[  843.032616][T18200]  slab_reclaimable:11994 slab_unreclaimable:103908
[  843.032616][T18200]  mapped:34945 shmem:1372 pagetables:1515
[  843.032616][T18200]  sec_pagetables:0 bounce:0
[  843.032616][T18200]  kernel_misc_reclaimable:0
[  843.032616][T18200]  free:1271322 free_pcp:22157 free_cma:0
[  843.219869][T18200] Node 0 active_anon:27676kB inactive_anon:0kB active_file:53540kB inactive_file:160544kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:139768kB dirty:648kB writeback:0kB shmem:3952kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13684kB pagetables:5968kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  843.302656][T18200] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  843.417231][T18237] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4216'.
[  843.465468][T18237] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4216'.
[  843.502806][T18200] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  843.594503][T16899] Bluetooth: hci6: command 0x0405 tx timeout
[  843.608259][T18242] loop0: detected capacity change from 0 to 1024
[  843.641362][   T30] audit: type=1326 audit(1760491465.240:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18232 comm="syz.5.4216" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6375f8eec9 code=0x0
[  843.664547][T18242] EXT4-fs: inline encryption not supported
[  843.670450][T18242] EXT4-fs: Ignoring removed nobh option
[  843.681817][T18247] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4218'.
[  843.691167][T18200] lowmem_reserve[]: 0 2483 2485 2485 2485
[  843.730181][T18200] Node 0 DMA32 free:1157220kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:39976kB inactive_anon:0kB active_file:53540kB inactive_file:160544kB unevictable:1536kB writepending:648kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:77376kB local_pcp:46588kB free_cma:0kB
[  843.834199][T18242] EXT4-fs: Ignoring removed bh option
[  844.147493][T18242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  844.322333][T18240] Can't find ip_set type hash:m
[  844.403289][T16899] Bluetooth: hci4: command 0x0c1a tx timeout
[  844.409805][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  844.459267][T18200] lowmem_reserve[]: 0 0 1
[  844.473558][T17850] Bluetooth: hci1: command 0x0c1a tx timeout
[  844.484205][T16899] Bluetooth: hci0: command 0x0c1a tx timeout
[  844.490222][T16899] Bluetooth: hci2: command 0x0c1a tx timeout
[  844.515147][T18200]  1 1
[  844.534598][T18253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4221'.
[  844.552993][T18200] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  844.582978][T18200] lowmem_reserve[]: 0 0 0 0 0
[  844.587750][T18200] Node 1 Normal free:3905260kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:12900kB local_pcp:5796kB free_cma:0kB
[  844.623234][T18253] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4221'.
[  844.623258][T18200] lowmem_reserve[]: 0
[  844.665002][T16599] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.668596][T18200]  0 0 0 0
[  844.791333][T18200] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  844.895617][T18200] Node 0 DMA32: 616*4kB (UME) 222*8kB (UME) 603*16kB (UME) 1253*32kB (UME) 238*64kB (UME) 818*128kB (UME) 603*256kB (UME) 310*512kB (UME) 90*1024kB (UM) 65*2048kB (UME) 111*4096kB (UME) = 1166944kB
[  844.905604][T18262] netlink: 'syz.0.4224': attribute type 4 has an invalid length.
[  845.012656][T18200] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  845.054030][T18262] netlink: 'syz.0.4224': attribute type 4 has an invalid length.
[  845.131310][T18200] Node 1 Normal: 165*4kB (UME) 41*8kB (UME) 49*16kB (UME) 262*32kB (UME) 109*64kB (UME) 26*128kB (UME) 9*256kB (UME) 3*512kB (ME) 2*1024kB (UM) 2*2048kB (UE) 946*4096kB (M) = 3905260kB
[  845.215662][T18200] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  845.225667][T18200] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  845.235051][T18200] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  845.250712][T18200] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  845.288099][T18200] 54942 total pagecache pages
[  845.304107][T18200] 0 pages in swap cache
[  845.308369][T18200] Free swap  = 124996kB
[  845.384306][T18200] Total swap = 124996kB
[  845.388482][T18200] 2097051 pages RAM
[  845.392290][T18200] 0 pages HighMem/MovableOnly
[  845.417614][T18200] 429080 pages reserved
[  845.469390][T18200] 0 pages cma reserved
[  846.048865][T18268] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  846.082921][T18268] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  846.089058][T18268] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  846.123211][T18268] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  846.129342][T18268] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  846.172935][T18268] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  846.576325][T18287] loop0: detected capacity change from 0 to 2048
[  846.591153][T18289] loop1: detected capacity change from 0 to 2048
[  846.645708][T18287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  846.662678][T18289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  846.746789][   T30] audit: type=1800 audit(1760491468.350:1748): pid=18287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4235" name="file1" dev="loop0" ino=15 res=0 errno=0
[  846.830842][T18298] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4236'.
[  847.260753][T18302] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  847.275665][T18302] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 96 with error 28
[  847.290398][T18302] EXT4-fs (loop1): This should not happen!! Data will be lost
[  847.290398][T18302] 
[  847.300104][T18302] EXT4-fs (loop1): Total free blocks count 0
[  847.306128][T18302] EXT4-fs (loop1): Free/Dirty block details
[  847.312064][T18302] EXT4-fs (loop1): free_blocks=2415919504
[  847.317873][T18302] EXT4-fs (loop1): dirty_blocks=112
[  847.323359][T18302] EXT4-fs (loop1): Block reservation details
[  847.329348][T18302] EXT4-fs (loop1): i_reserved_data_blocks=7
[  847.426363][T18287] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.4235: bg 0: block 234: padding at end of block bitmap is not set
[  847.452648][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  847.473164][T18287] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1352 with error 117
[  847.525160][T18287] EXT4-fs (loop0): This should not happen!! Data will be lost
[  847.525160][T18287] 
[  847.620912][T18295] Can't find ip_set type hash:m
[  847.959639][T13486] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 96 with max blocks 896 with error 28
[  847.976668][T16599] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  848.024093][T18309] program syz.4.4239 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  848.083245][T18311] netlink: 'syz.6.4241': attribute type 4 has an invalid length.
[  848.114450][T18311] netlink: 'syz.6.4241': attribute type 4 has an invalid length.
[  848.152728][T17850] Bluetooth: hci4: command 0x0c1a tx timeout
[  848.159248][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  848.162680][T16899] Bluetooth: hci0: command 0x0c1a tx timeout
[  848.165800][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  848.197341][T18314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4240'.
[  848.206436][T18314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4240'.
[  848.234284][T17850] Bluetooth: hci1: command 0x0c1a tx timeout
[  848.507136][T18328] loop6: detected capacity change from 0 to 128
[  848.531907][T18328] /dev/loop6: Can't open blockdev
[  848.659789][T18334] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  848.694994][T18334] loop9: detected capacity change from 0 to 8
[  848.712917][    C0] blk_print_req_error: 5 callbacks suppressed
[  848.712942][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.729234][    C0] buffer_io_error: 726 callbacks suppressed
[  848.729258][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.745915][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.756144][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.772634][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.782867][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.783884][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.783931][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.787510][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.787559][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.787809][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.787860][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.788115][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.788164][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.788392][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.788440][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.788537][T18334] ldm_validate_partition_table(): Disk read failed.
[  848.788690][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.788738][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.788961][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  848.789009][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  848.789512][T18334] Dev loop9: unable to read RDB block 0
[  848.790133][T18334]  loop9: unable to read partition table
[  848.790374][T18334] loop9: partition table beyond EOD, truncated
[  848.790404][T18334] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  848.790404][T18334] 
) failed (rc=-5)
[  850.924689][T18363] program syz.3.4257 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  851.188717][T18368] netlink: 'syz.3.4258': attribute type 4 has an invalid length.
[  851.188919][T18366] loop1: detected capacity change from 0 to 1024
[  851.197970][T18369] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4260'.
[  851.243425][T18369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4260'.
[  851.257459][T18368] netlink: 'syz.3.4258': attribute type 4 has an invalid length.
[  851.267789][T18366] EXT4-fs: inline encryption not supported
[  851.285646][T18366] EXT4-fs: Ignoring removed nobh option
[  851.291220][T18366] EXT4-fs: Ignoring removed bh option
[  851.399918][T18366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.628499][T15331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.185548][T18388] loop4: detected capacity change from 0 to 128
[  852.270645][T18388] bio_check_eod: 748 callbacks suppressed
[  852.270670][T18388] syz.4.4264: attempt to access beyond end of device
[  852.270670][T18388] loop4: rw=2049, sector=145, nr_sectors = 24 limit=128
[  852.342132][T18388] syz.4.4264: attempt to access beyond end of device
[  852.342132][T18388] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128
[  852.394430][T18393] syz.4.4264: attempt to access beyond end of device
[  852.394430][T18393] loop4: rw=2049, sector=305, nr_sectors = 80 limit=128
[  852.442852][T18388] syz.4.4264: attempt to access beyond end of device
[  852.442852][T18388] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[  852.505867][T18393] syz.4.4264: attempt to access beyond end of device
[  852.505867][T18393] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  852.549899][T18388] syz.4.4264: attempt to access beyond end of device
[  852.549899][T18388] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  852.662882][T18388] syz.4.4264: attempt to access beyond end of device
[  852.662882][T18388] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  852.768625][T18388] syz.4.4264: attempt to access beyond end of device
[  852.768625][T18388] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  852.845977][T18388] syz.4.4264: attempt to access beyond end of device
[  852.845977][T18388] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  852.929514][T18388] syz.4.4264: attempt to access beyond end of device
[  852.929514][T18388] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  853.773869][T18409] program syz.0.4271 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  853.798186][ T6574] buffer_io_error: 5 callbacks suppressed
[  853.798210][ T6574] Buffer I/O error on dev loop4, logical block 305, lost async page write
[  853.995818][T18415] netlink: 'syz.4.4273': attribute type 4 has an invalid length.
[  853.998734][T18414] loop1: detected capacity change from 0 to 1024
[  854.011235][T18414] EXT4-fs: inline encryption not supported
[  854.050135][T18414] EXT4-fs: Ignoring removed nobh option
[  854.060414][T18415] netlink: 'syz.4.4273': attribute type 4 has an invalid length.
[  854.066061][T18414] EXT4-fs: Ignoring removed bh option
[  854.151594][T18425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4277'.
[  854.162805][T18425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4277'.
[  854.177702][T18414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  854.317148][T18429] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  854.351301][T18429] loop9: detected capacity change from 0 to 8
[  854.403306][    C0] blk_print_req_error: 5 callbacks suppressed
[  854.403338][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.419681][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.433660][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.443937][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.457937][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.468192][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.478529][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.488775][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.511914][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.522187][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.532894][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.536781][T15331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  854.543127][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.552720][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.571804][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.579931][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.590171][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.598066][T18429] ldm_validate_partition_table(): Disk read failed.
[  854.614970][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.625233][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  854.650297][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  854.669594][T18429] Dev loop9: unable to read RDB block 0
[  854.686641][T18429]  loop9: unable to read partition table
[  854.693461][T18429] loop9: partition table beyond EOD, truncated
[  854.714828][T18429] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  854.714828][T18429] 
) failed (rc=-5)
[  855.047951][T18446] loop3: detected capacity change from 0 to 128
[  855.649113][T18442] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  855.691670][T18442] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  855.732961][T18442] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  855.779656][T18442] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  855.826419][T18442] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  855.868029][T18442] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  856.393065][T18468] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4293'.
[  856.433753][T18471] netlink: 'syz.3.4292': attribute type 4 has an invalid length.
[  856.553261][T18450] warn_alloc: 1 callbacks suppressed
[  856.553289][T18450] syz.5.4287: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  856.553637][T18474] netlink: 'syz.3.4292': attribute type 4 has an invalid length.
[  856.562027][T18450] ,cpuset=/,mems_allowed=0-1
[  856.631493][T18450] CPU: 1 UID: 0 PID: 18450 Comm: syz.5.4287 Not tainted syzkaller #0 PREEMPT(full) 
[  856.631547][T18450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  856.631569][T18450] Call Trace:
[  856.631581][T18450]  <TASK>
[  856.631596][T18450]  dump_stack_lvl+0x16c/0x1f0
[  856.631658][T18450]  warn_alloc+0x248/0x3a0
[  856.631723][T18450]  ? __pfx_warn_alloc+0x10/0x10
[  856.631810][T18450]  ? xskq_create+0xfb/0x1d0
[  856.631855][T18450]  ? srso_alias_return_thunk+0x5/0xfbef5
[  856.631900][T18450]  ? __vmalloc_node_noprof+0xad/0xf0
[  856.631963][T18450]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  856.632035][T18450]  ? xskq_create+0xfb/0x1d0
[  856.632096][T18450]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  856.632169][T18450]  ? xskq_create+0xfb/0x1d0
[  856.632215][T18450]  vmalloc_user_noprof+0x9e/0xe0
[  856.632268][T18450]  ? xskq_create+0xfb/0x1d0
[  856.632317][T18450]  xskq_create+0xfb/0x1d0
[  856.632369][T18450]  xsk_setsockopt+0x792/0x9a0
[  856.632416][T18450]  ? __pfx_xsk_setsockopt+0x10/0x10
[  856.632459][T18450]  ? srso_alias_return_thunk+0x5/0xfbef5
[  856.632503][T18450]  ? find_held_lock+0x2b/0x80
[  856.632568][T18450]  ? srso_alias_return_thunk+0x5/0xfbef5
[  856.632614][T18450]  ? aa_sock_opt_perm+0xfd/0x1c0
[  856.632678][T18450]  ? __pfx_xsk_setsockopt+0x10/0x10
[  856.632725][T18450]  do_sock_setsockopt+0xf3/0x1d0
[  856.632771][T18450]  __sys_setsockopt+0x1a0/0x230
[  856.632838][T18450]  __x64_sys_setsockopt+0xbd/0x160
[  856.632890][T18450]  ? do_syscall_64+0x91/0xfa0
[  856.632946][T18450]  ? srso_alias_return_thunk+0x5/0xfbef5
[  856.632989][T18450]  ? lockdep_hardirqs_on+0x7c/0x110
[  856.633047][T18450]  do_syscall_64+0xcd/0xfa0
[  856.633109][T18450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.633146][T18450] RIP: 0033:0x7f6375f8eec9
[  856.633175][T18450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.633212][T18450] RSP: 002b:00007f6376e5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  856.633247][T18450] RAX: ffffffffffffffda RBX: 00007f63761e5fa0 RCX: 00007f6375f8eec9
[  856.633273][T18450] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000007
[  856.633298][T18450] RBP: 00007f6376011f91 R08: 0000000000000004 R09: 0000000000000000
[  856.633322][T18450] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000
[  856.633346][T18450] R13: 00007f63761e6038 R14: 00007f63761e5fa0 R15: 00007ffc2e3ecbd8
[  856.633400][T18450]  </TASK>
[  856.901912][T18450] Mem-Info:
[  856.906112][T18450] active_anon:6969 inactive_anon:0 isolated_anon:0
[  856.906112][T18450]  active_file:13385 inactive_file:40208 isolated_file:0
[  856.906112][T18450]  unevictable:768 dirty:238 writeback:0
[  856.906112][T18450]  slab_reclaimable:11972 slab_unreclaimable:106076
[  856.906112][T18450]  mapped:34990 shmem:1402 pagetables:1483
[  856.906112][T18450]  sec_pagetables:0 bounce:0
[  856.906112][T18450]  kernel_misc_reclaimable:0
[  856.906112][T18450]  free:1265444 free_pcp:26106 free_cma:0
[  856.989152][T18450] Node 0 active_anon:27776kB inactive_anon:0kB active_file:53540kB inactive_file:160632kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:139960kB dirty:952kB writeback:0kB shmem:4072kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13720kB pagetables:5780kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  857.069933][T18450] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  857.112917][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  857.140159][T18450] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  857.178464][   T30] audit: type=1326 audit(1760491478.780:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.192952][T18450] lowmem_reserve[]: 0 2483 2485 2485 2485
[  857.207089][T18480] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  857.216460][T18450] Node 0 DMA32 free:1147880kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27624kB inactive_anon:0kB active_file:53540kB inactive_file:160568kB unevictable:1536kB writepending:924kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:87428kB local_pcp:33500kB free_cma:0kB
[  857.258161][T18483] loop9: detected capacity change from 0 to 8
[  857.280756][T18483] ldm_validate_partition_table(): Disk read failed.
[  857.293467][   T30] audit: type=1326 audit(1760491478.780:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.328809][T18483] Dev loop9: unable to read RDB block 0
[  857.342773][   T30] audit: type=1326 audit(1760491478.780:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.361402][T18492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4301'.
[  857.365515][T18483]  loop9: unable to read partition table
[  857.374508][T18450] lowmem_reserve[]: 0 0 1 1 1
[  857.399070][T18450] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  857.412649][   T30] audit: type=1326 audit(1760491478.780:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.440441][T18492] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4301'.
[  857.461484][T18483] loop9: partition table beyond EOD, truncated
[  857.461515][T18483] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  857.461515][T18483] 
) failed (rc=-5)
[  857.502314][   T30] audit: type=1326 audit(1760491478.780:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.542915][T18450] lowmem_reserve[]: 0 0 0 0 0
[  857.547702][T18450] Node 1 Normal free:3905260kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:12900kB local_pcp:7104kB free_cma:0kB
[  857.561615][   T30] audit: type=1326 audit(1760491478.780:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.634942][   T30] audit: type=1326 audit(1760491478.780:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.659319][   T30] audit: type=1326 audit(1760491478.910:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.682185][T18450] lowmem_reserve[]: 0 0 0 0 0
[  857.717449][T18450] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  857.761802][T17850] Bluetooth: hci4: command 0x0c1a tx timeout
[  857.761859][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  857.788296][T18450] Node 0 DMA32: 677*4kB (UME) 352*8kB (UME) 532*16kB (UME) 495*32kB (UME) 262*64kB (UME) 847*128kB (UME) 605*256kB (UME) 310*512kB (UME) 90*1024kB (UM) 65*2048kB (UME) 111*4096kB (UME) = 1148596kB
[  857.808083][   T30] audit: type=1326 audit(1760491478.910:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92278eec9 code=0x7ffc0000
[  857.838420][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  857.845415][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  857.851602][   T30] audit: type=1326 audit(1760491478.940:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18488 comm="syz.1.4297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff9227c1785 code=0x7ffc0000
[  857.892720][T18450] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  857.911077][T18450] Node 1 Normal: 165*4kB (UME) 41*8kB (UME) 49*16kB (UME) 262*32kB (UME) 109*64kB (UME) 26*128kB (UME) 9*256kB (UME) 3*512kB (ME) 2*1024kB (UM) 2*2048kB (UE) 946*4096kB (M) = 3905260kB
[  857.932661][T17850] Bluetooth: hci1: command 0x0c1a tx timeout
[  857.937194][T18450] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  858.001016][T18505] loop0: detected capacity change from 0 to 128
[  858.009174][T18450] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  858.018744][T18450] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  858.034335][T18450] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  858.046924][T18450] 55244 total pagecache pages
[  858.069988][T18505] bio_check_eod: 749 callbacks suppressed
[  858.070012][T18505] syz.0.4305: attempt to access beyond end of device
[  858.070012][T18505] loop0: rw=2049, sector=145, nr_sectors = 24 limit=128
[  858.091339][T18505] syz.0.4305: attempt to access beyond end of device
[  858.091339][T18505] loop0: rw=2049, sector=177, nr_sectors = 8 limit=128
[  858.120978][T18450] 0 pages in swap cache
[  858.125228][T18450] Free swap  = 124996kB
[  858.139533][T18450] Total swap = 124996kB
[  858.146136][T18505] syz.0.4305: attempt to access beyond end of device
[  858.146136][T18505] loop0: rw=2049, sector=193, nr_sectors = 8 limit=128
[  858.159712][T18450] 2097051 pages RAM
[  858.169822][T18450] 0 pages HighMem/MovableOnly
[  858.179930][T18450] 429080 pages reserved
[  858.190042][T18450] 0 pages cma reserved
[  858.194347][T18505] syz.0.4305: attempt to access beyond end of device
[  858.194347][T18505] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  858.262405][T18511] syz.0.4305: attempt to access beyond end of device
[  858.262405][T18511] loop0: rw=2049, sector=305, nr_sectors = 80 limit=128
[  858.268676][T18505] syz.0.4305: attempt to access beyond end of device
[  858.268676][T18505] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[  858.297427][T18511] syz.0.4305: attempt to access beyond end of device
[  858.297427][T18511] loop0: rw=2049, sector=393, nr_sectors = 8 limit=128
[  858.325823][T18511] syz.0.4305: attempt to access beyond end of device
[  858.325823][T18511] loop0: rw=2049, sector=409, nr_sectors = 8 limit=128
[  858.386961][T18511] syz.0.4305: attempt to access beyond end of device
[  858.386961][T18511] loop0: rw=2049, sector=425, nr_sectors = 8 limit=128
[  858.453804][T18505] syz.0.4305: attempt to access beyond end of device
[  858.453804][T18505] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[  858.617915][T18500] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  858.625332][T18500] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  858.651119][T18500] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  858.686373][T18500] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  858.702958][T18500] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  858.726554][T18500] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  858.845286][T18526] netlink: 'syz.5.4312': attribute type 4 has an invalid length.
[  858.874150][T18526] netlink: 'syz.5.4312': attribute type 4 has an invalid length.
[  858.886692][T18524] loop0: detected capacity change from 0 to 2048
[  858.958561][T18524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  859.071545][T18534] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4314'.
[  859.165084][T18536] loop5: detected capacity change from 0 to 1024
[  859.200119][T18536] EXT4-fs: Ignoring removed nobh option
[  859.208648][T18536] EXT4-fs: Ignoring removed bh option
[  859.263443][T18536] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  859.333883][T18540] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  859.348375][T18540] loop9: detected capacity change from 0 to 8
[  859.360770][    C1] buffer_io_error: 758 callbacks suppressed
[  859.360796][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.397244][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.443853][T16138] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  859.454254][    C1] blk_print_req_error: 22 callbacks suppressed
[  859.454278][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.470673][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.478832][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.489086][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.501331][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.511571][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.520871][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.531101][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.542606][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.552858][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.562665][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.572914][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.584676][T18540] ldm_validate_partition_table(): Disk read failed.
[  859.592619][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.602871][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.612898][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.623147][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  859.637726][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.656953][T18524] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.4310: bg 0: block 234: padding at end of block bitmap is not set
[  859.682202][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  859.693360][T18540] Dev loop9: unable to read RDB block 0
[  859.720671][T18540]  loop9: unable to read partition table
[  859.721898][T18524] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  859.737447][T18540] loop9: partition table beyond EOD, truncated
[  859.761383][T18524] EXT4-fs (loop0): This should not happen!! Data will be lost
[  859.761383][T18524] 
[  859.781581][T18540] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  859.781581][T18540] 
) failed (rc=-5)
[  859.869752][T18550] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4317'.
[  859.897434][T18550] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4317'.
[  859.912788][T17850] Bluetooth: hci6: command 0x0405 tx timeout
[  860.013145][T18557] loop4: detected capacity change from 0 to 128
[  860.158110][ T6574] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1336 with error 28
[  860.226029][ T6574] EXT4-fs (loop0): This should not happen!! Data will be lost
[  860.226029][ T6574] 
[  860.256638][ T6574] EXT4-fs (loop0): Total free blocks count 0
[  860.272621][ T6574] EXT4-fs (loop0): Free/Dirty block details
[  860.298825][ T6574] EXT4-fs (loop0): free_blocks=0
[  860.312918][ T6574] EXT4-fs (loop0): dirty_blocks=1344
[  860.318224][ T6574] EXT4-fs (loop0): Block reservation details
[  860.636632][T17850] Bluetooth: hci3: command 0x0c1a tx timeout
[  860.660073][T18570] netlink: 'syz.3.4327': attribute type 4 has an invalid length.
[  860.726046][T17850] Bluetooth: hci0: command 0x0c1a tx timeout
[  860.732116][T17850] Bluetooth: hci2: command 0x0c1a tx timeout
[  860.738405][T17850] Bluetooth: hci4: command 0x0c1a tx timeout
[  860.797480][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  860.815477][T18572] netlink: 'syz.3.4327': attribute type 4 has an invalid length.
[  862.283441][T18588] program syz.1.4332 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  862.600853][T18594] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4335'.
[  862.885421][T18596] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  862.915763][T18596] loop9: detected capacity change from 0 to 8
[  862.944563][T18596] ldm_validate_partition_table(): Disk read failed.
[  862.958692][T18596] Dev loop9: unable to read RDB block 0
[  862.978515][T18596]  loop9: unable to read partition table
[  863.012433][T18596] loop9: partition table beyond EOD, truncated
[  863.012466][T18596] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  863.012466][T18596] 
) failed (rc=-5)
[  863.082235][T18603] loop4: detected capacity change from 0 to 2048
[  863.192044][T18603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  863.243892][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  863.243917][   T30] audit: type=1800 audit(1760491484.840:1763): pid=18603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4338" name="file1" dev="loop4" ino=15 res=0 errno=0
[  863.586404][T18610] loop1: detected capacity change from 0 to 1024
[  863.625835][T18610] EXT4-fs: Ignoring removed orlov option
[  863.674985][T18610] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  863.821039][   T30] audit: type=1800 audit(1760491485.410:1764): pid=18610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4340" name="bus" dev="loop1" ino=18 res=0 errno=0
[  863.833705][T18615] loop3: detected capacity change from 0 to 128
[  863.850580][T18613] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[  863.870605][   T30] audit: type=1804 audit(1760491485.420:1765): pid=18610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4340" name="/newroot/177/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  863.932696][T18603] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4338: bg 0: block 234: padding at end of block bitmap is not set
[  863.984193][T18618] netlink: 'syz.1.4340': attribute type 12 has an invalid length.
[  863.995237][T18615] bio_check_eod: 756 callbacks suppressed
[  863.995260][T18615] syz.3.4342: attempt to access beyond end of device
[  863.995260][T18615] loop3: rw=2049, sector=145, nr_sectors = 24 limit=128
[  864.028471][   T30] audit: type=1326 audit(1760491485.630:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18609 comm="syz.1.4340" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff92278eec9 code=0x0
[  864.063004][T18603] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  864.077931][T18620] syz.3.4342: attempt to access beyond end of device
[  864.077931][T18620] loop3: rw=2049, sector=297, nr_sectors = 80 limit=128
[  864.120622][T18603] EXT4-fs (loop4): This should not happen!! Data will be lost
[  864.120622][T18603] 
[  864.149953][T18615] syz.3.4342: attempt to access beyond end of device
[  864.149953][T18615] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[  864.249523][T18620] syz.3.4342: attempt to access beyond end of device
[  864.249523][T18620] loop3: rw=2049, sector=385, nr_sectors = 8 limit=128
[  864.339747][T18615] syz.3.4342: attempt to access beyond end of device
[  864.339747][T18615] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[  864.353719][T18615] syz.3.4342: attempt to access beyond end of device
[  864.353719][T18615] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[  864.367909][T18615] syz.3.4342: attempt to access beyond end of device
[  864.367909][T18615] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[  864.382144][T18615] syz.3.4342: attempt to access beyond end of device
[  864.382144][T18615] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[  864.398340][T18615] syz.3.4342: attempt to access beyond end of device
[  864.398340][T18615] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[  864.411961][T18615] syz.3.4342: attempt to access beyond end of device
[  864.411961][T18615] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[  865.229731][T15331] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  865.251226][T13463] buffer_io_error: 756 callbacks suppressed
[  865.251249][T13463] Buffer I/O error on dev loop3, logical block 297, lost async page write
[  865.269421][ T6574] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2024 with error 28
[  865.277770][T18632] program syz.6.4347 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  865.289348][ T6574] EXT4-fs (loop4): This should not happen!! Data will be lost
[  865.289348][ T6574] 
[  865.356257][ T6574] EXT4-fs (loop4): Total free blocks count 0
[  865.362266][ T6574] EXT4-fs (loop4): Free/Dirty block details
[  865.374514][ T6574] EXT4-fs (loop4): free_blocks=0
[  865.379471][ T6574] EXT4-fs (loop4): dirty_blocks=2032
[  865.402664][ T6574] EXT4-fs (loop4): Block reservation details
[  865.486640][T18638] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4349'.
[  865.499479][T18635] loop3: detected capacity change from 0 to 2048
[  865.554035][T18638] loop1: detected capacity change from 0 to 512
[  865.561124][T18635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  865.588824][T18638] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  865.711517][T18638] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  865.732717][T18638] FAT-fs (loop1): Filesystem has been set read-only
[  865.826003][T18638] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4349'.
[  865.863237][T18638] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4349'.
[  865.903472][T18638] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4349'.
[  866.248867][T18654] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  866.263816][T18654] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 28
[  866.276268][T18654] EXT4-fs (loop3): This should not happen!! Data will be lost
[  866.276268][T18654] 
[  866.285953][T18654] EXT4-fs (loop3): Total free blocks count 0
[  866.291940][T18654] EXT4-fs (loop3): Free/Dirty block details
[  866.297894][T18654] EXT4-fs (loop3): free_blocks=2415919504
[  866.303683][T18654] EXT4-fs (loop3): dirty_blocks=144
[  866.308887][T18654] EXT4-fs (loop3): Block reservation details
[  866.315095][T18654] EXT4-fs (loop3): i_reserved_data_blocks=9
[  866.606291][T18661] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4355'.
[  866.670672][T18661] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4355'.
[  866.703962][   T30] audit: type=1326 audit(1760491488.270:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18656 comm="syz.6.4355" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0defb8eec9 code=0x0
[  868.496867][T13463] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 128 with max blocks 224 with error 28
[  868.741057][T18678] loop6: detected capacity change from 0 to 2048
[  868.856430][T18678] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.916533][   T30] audit: type=1800 audit(1760491490.500:1768): pid=18678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4361" name="file1" dev="loop6" ino=15 res=0 errno=0
[  868.945309][T18680] loop5: detected capacity change from 0 to 128
[  868.958214][T18685] loop3: detected capacity change from 0 to 1024
[  868.965735][T18685] EXT4-fs: Ignoring removed orlov option
[  869.046922][T18687] program syz.4.4364 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  869.060464][T18685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  869.116866][T18680] bio_check_eod: 4 callbacks suppressed
[  869.116890][T18680] syz.5.4363: attempt to access beyond end of device
[  869.116890][T18680] loop5: rw=2049, sector=145, nr_sectors = 24 limit=128
[  869.162115][   T30] audit: type=1800 audit(1760491490.760:1769): pid=18685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4362" name="bus" dev="loop3" ino=18 res=0 errno=0
[  869.186167][T18680] syz.5.4363: attempt to access beyond end of device
[  869.186167][T18680] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[  869.223529][   T30] audit: type=1804 audit(1760491490.810:1770): pid=18685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4362" name="/newroot/160/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  869.251916][T18680] syz.5.4363: attempt to access beyond end of device
[  869.251916][T18680] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  869.292971][T18691] syz.5.4363: attempt to access beyond end of device
[  869.292971][T18691] loop5: rw=2049, sector=305, nr_sectors = 80 limit=128
[  869.324469][T18692] netlink: 'syz.3.4362': attribute type 12 has an invalid length.
[  869.363521][   T30] audit: type=1326 audit(1760491490.970:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18684 comm="syz.3.4362" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f494dd8eec9 code=0x0
[  869.387522][T18680] syz.5.4363: attempt to access beyond end of device
[  869.387522][T18680] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  869.418454][T18678] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.4361: bg 0: block 234: padding at end of block bitmap is not set
[  869.459783][T18678] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1804 with error 117
[  869.461134][T18665] warn_alloc: 1 callbacks suppressed
[  869.461156][T18665] syz.1.4356: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  869.490988][T18678] EXT4-fs (loop6): This should not happen!! Data will be lost
[  869.490988][T18678] 
[  869.501658][T18680] syz.5.4363: attempt to access beyond end of device
[  869.501658][T18680] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  869.562905][T18680] syz.5.4363: attempt to access beyond end of device
[  869.562905][T18680] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  869.576410][T18665] ,cpuset=/,mems_allowed=0-1
[  869.581060][T18665] CPU: 0 UID: 0 PID: 18665 Comm: syz.1.4356 Not tainted syzkaller #0 PREEMPT(full) 
[  869.581106][T18665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  869.581128][T18665] Call Trace:
[  869.581140][T18665]  <TASK>
[  869.581154][T18665]  dump_stack_lvl+0x16c/0x1f0
[  869.581217][T18665]  warn_alloc+0x248/0x3a0
[  869.581283][T18665]  ? __pfx_warn_alloc+0x10/0x10
[  869.581365][T18665]  ? xskq_create+0xfb/0x1d0
[  869.581410][T18665]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.581456][T18665]  ? __vmalloc_node_noprof+0xad/0xf0
[  869.581518][T18665]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  869.581589][T18665]  ? xskq_create+0xfb/0x1d0
[  869.581648][T18665]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  869.581720][T18665]  ? xskq_create+0xfb/0x1d0
[  869.581767][T18665]  vmalloc_user_noprof+0x9e/0xe0
[  869.581826][T18665]  ? xskq_create+0xfb/0x1d0
[  869.581875][T18665]  xskq_create+0xfb/0x1d0
[  869.581927][T18665]  xsk_setsockopt+0x792/0x9a0
[  869.581974][T18665]  ? __pfx_xsk_setsockopt+0x10/0x10
[  869.582017][T18665]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.582062][T18665]  ? find_held_lock+0x2b/0x80
[  869.582126][T18665]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.582168][T18665]  ? aa_sock_opt_perm+0xfd/0x1c0
[  869.582234][T18665]  ? __pfx_xsk_setsockopt+0x10/0x10
[  869.582281][T18665]  do_sock_setsockopt+0xf3/0x1d0
[  869.582329][T18665]  __sys_setsockopt+0x1a0/0x230
[  869.582391][T18665]  __x64_sys_setsockopt+0xbd/0x160
[  869.582444][T18665]  ? do_syscall_64+0x91/0xfa0
[  869.582497][T18665]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.582539][T18665]  ? lockdep_hardirqs_on+0x7c/0x110
[  869.582600][T18665]  do_syscall_64+0xcd/0xfa0
[  869.582660][T18665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.582697][T18665] RIP: 0033:0x7ff92278eec9
[  869.582726][T18665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  869.582763][T18665] RSP: 002b:00007ff923587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  869.582796][T18665] RAX: ffffffffffffffda RBX: 00007ff9229e6090 RCX: 00007ff92278eec9
[  869.582827][T18665] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000008
[  869.582851][T18665] RBP: 00007ff922811f91 R08: 0000000000000004 R09: 0000000000000000
[  869.582875][T18665] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000
[  869.582899][T18665] R13: 00007ff9229e6128 R14: 00007ff9229e6090 R15: 00007ffd3487d6a8
[  869.582952][T18665]  </TASK>
[  869.863257][T18680] syz.5.4363: attempt to access beyond end of device
[  869.863257][T18680] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  869.902873][T18680] syz.5.4363: attempt to access beyond end of device
[  869.902873][T18680] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  869.948674][T15816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  869.961781][T18665] Mem-Info:
[  869.977582][T18665] active_anon:7351 inactive_anon:0 isolated_anon:0
[  869.977582][T18665]  active_file:13450 inactive_file:41129 isolated_file:0
[  869.977582][T18665]  unevictable:768 dirty:514 writeback:1
[  869.977582][T18665]  slab_reclaimable:12474 slab_unreclaimable:105889
[  869.977582][T18665]  mapped:36026 shmem:1787 pagetables:1473
[  869.977582][T18665]  sec_pagetables:0 bounce:0
[  869.977582][T18665]  kernel_misc_reclaimable:0
[  869.977582][T18665]  free:1270433 free_pcp:20523 free_cma:0
[  870.025799][T18665] Node 0 active_anon:29404kB inactive_anon:0kB active_file:53800kB inactive_file:164316kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:144104kB dirty:2056kB writeback:4kB shmem:5612kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13796kB pagetables:5740kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  870.058172][T18665] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  870.088511][T18665] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  870.118628][T18665] lowmem_reserve[]: 0 2483 2485 2485 2485
[  870.129418][T18665] Node 0 DMA32 free:1160984kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29404kB inactive_anon:0kB active_file:53800kB inactive_file:164316kB unevictable:1536kB writepending:2020kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:69628kB local_pcp:44336kB free_cma:0kB
[  870.166433][T18680] syz.5.4363: attempt to access beyond end of device
[  870.166433][T18680] loop5: rw=2049, sector=289, nr_sectors = 9 limit=128
[  870.197802][T18665] lowmem_reserve[]: 0 0 1 1 1
[  870.260023][T18665] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  870.343617][T18665] lowmem_reserve[]: 0 0 0 0 0
[  870.348423][T18665] Node 1 Normal free:3905260kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:12900kB local_pcp:7104kB free_cma:0kB
[  870.382167][T18665] lowmem_reserve[]: 0 0 0 0 0
[  870.384748][ T6574] Buffer I/O error on dev loop5, logical block 305, lost async page write
[  870.392273][T18665] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  870.524550][ T7731] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  870.577535][T18665] Node 0 DMA32: 1057*4kB (UME) 809*8kB (UM) 391*16kB (UME) 1092*32kB (UME) 259*64kB (UME) 803*128kB (UME) 605*256kB (UME) 310*512kB (UME) 90*1024kB (UM) 65*2048kB (UME) 111*4096kB (UME) = 1164796kB
[  870.665387][T18665] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  870.772964][T18665] Node 1 Normal: 165*4kB (UME) 41*8kB (UME) 49*16kB (UME) 262*32kB (UME) 109*64kB (UME) 26*128kB (UME) 9*256kB (UME) 3*512kB (ME) 2*1024kB (UM) 2*2048kB (UE) 946*4096kB (M) = 3905260kB
[  870.874957][   T30] audit: type=1326 audit(1760491492.470:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18713 comm="syz.6.4371" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0defb8eec9 code=0x0
[  870.921741][T18665] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  870.972681][T18665] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  871.018933][T18665] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  871.066654][T18720] loop5: detected capacity change from 0 to 2048
[  871.076253][T18665] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  871.086017][T18665] 55271 total pagecache pages
[  871.090695][T18665] 0 pages in swap cache
[  871.094893][T18665] Free swap  = 124996kB
[  871.099162][T18665] Total swap = 124996kB
[  871.103345][T18665] 2097051 pages RAM
[  871.107149][T18665] 0 pages HighMem/MovableOnly
[  871.111935][T18665] 429080 pages reserved
[  871.118201][T18665] 0 pages cma reserved
[  871.153350][T18720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  872.382735][T18729] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  872.397682][T18729] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  872.409945][T18729] EXT4-fs (loop5): This should not happen!! Data will be lost
[  872.409945][T18729] 
[  872.419618][T18729] EXT4-fs (loop5): Total free blocks count 0
[  872.425650][T18729] EXT4-fs (loop5): Free/Dirty block details
[  872.431549][T18729] EXT4-fs (loop5): free_blocks=2415919504
[  872.437365][T18729] EXT4-fs (loop5): dirty_blocks=32
[  872.442483][T18729] EXT4-fs (loop5): Block reservation details
[  872.448667][T18729] EXT4-fs (loop5): i_reserved_data_blocks=2
[  873.993462][ T6088] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  874.055709][T18746] loop4: detected capacity change from 0 to 1024
[  874.087659][T18746] EXT4-fs: Ignoring removed orlov option
[  874.113950][T18749] loop1: detected capacity change from 0 to 128
[  874.133578][T18746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  874.187380][T18745] loop3: detected capacity change from 0 to 8192
[  874.231112][T18749] bio_check_eod: 1 callbacks suppressed
[  874.231134][T18749] syz.1.4383: attempt to access beyond end of device
[  874.231134][T18749] loop1: rw=2049, sector=145, nr_sectors = 24 limit=128
[  874.260745][T18754] loop5: detected capacity change from 0 to 2048
[  874.292424][T18749] syz.1.4383: attempt to access beyond end of device
[  874.292424][T18749] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[  874.329932][T18754] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  874.347125][T18749] syz.1.4383: attempt to access beyond end of device
[  874.347125][T18749] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  874.379091][T18758] netlink: 'syz.4.4382': attribute type 12 has an invalid length.
[  874.412708][   T30] audit: type=1326 audit(1760491496.010:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.4.4382" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4340b8eec9 code=0x0
[  874.448539][T18749] syz.1.4383: attempt to access beyond end of device
[  874.448539][T18749] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  874.505539][T18760] syz.1.4383: attempt to access beyond end of device
[  874.505539][T18760] loop1: rw=2049, sector=305, nr_sectors = 80 limit=128
[  874.533767][   T30] audit: type=1800 audit(1760491496.000:1773): pid=18746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4382" name="bus" dev="loop4" ino=18 res=0 errno=0
[  874.598417][T18760] syz.1.4383: attempt to access beyond end of device
[  874.598417][T18760] loop1: rw=2049, sector=393, nr_sectors = 8 limit=128
[  874.633900][T18749] syz.1.4383: attempt to access beyond end of device
[  874.633900][T18749] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  874.666468][T18749] syz.1.4383: attempt to access beyond end of device
[  874.666468][T18749] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  874.684587][T18749] syz.1.4383: attempt to access beyond end of device
[  874.684587][T18749] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  874.745092][   T30] audit: type=1800 audit(1760491496.090:1775): pid=18754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4384" name="file1" dev="loop5" ino=15 res=0 errno=0
[  874.774742][T18749] syz.1.4383: attempt to access beyond end of device
[  874.774742][T18749] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  874.945342][T17002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  875.058168][ T6088] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  875.093720][T18754] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.4384: bg 0: block 234: padding at end of block bitmap is not set
[  875.172815][T18754] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117
[  875.202715][T18754] EXT4-fs (loop5): This should not happen!! Data will be lost
[  875.202715][T18754] 
[  875.444790][T18776] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4392'.
[  876.024206][ T6574] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  876.249345][ T6574] EXT4-fs (loop5): This should not happen!! Data will be lost
[  876.249345][ T6574] 
[  876.289709][ T6574] EXT4-fs (loop5): Total free blocks count 0
[  876.312325][ T6574] EXT4-fs (loop5): Free/Dirty block details
[  876.332961][ T6574] EXT4-fs (loop5): free_blocks=0
[  876.337919][ T6574] EXT4-fs (loop5): dirty_blocks=4592
[  876.357057][ T6574] EXT4-fs (loop5): Block reservation details
[  876.623945][T18792] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4399'.
[  876.629786][T18795] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  876.648321][T18795] loop9: detected capacity change from 0 to 8
[  876.663427][    C0] blk_print_req_error: 18 callbacks suppressed
[  876.663452][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.679825][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.692615][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.702860][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.732615][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.742844][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.762021][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.772266][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.787140][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.797380][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.806741][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.816981][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.827133][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.837368][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.846624][    C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.856863][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.869324][T18795] ldm_validate_partition_table(): Disk read failed.
[  876.878484][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.888741][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.900764][    C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  876.911013][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  876.929185][T18795] Dev loop9: unable to read RDB block 0
[  876.963242][T18795]  loop9: unable to read partition table
[  876.969106][T18795] loop9: partition table beyond EOD, truncated
[  877.022665][T18795] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  877.022665][T18795] 
) failed (rc=-5)
[  877.212775][T18805] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4403'.
[  877.250410][   T30] audit: type=1326 audit(1760491498.850:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.314321][   T30] audit: type=1326 audit(1760491498.880:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.338184][T18807] loop4: detected capacity change from 0 to 512
[  877.371769][T18810] loop0: detected capacity change from 0 to 512
[  877.388525][   T30] audit: type=1326 audit(1760491498.890:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.413225][   T30] audit: type=1326 audit(1760491498.890:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.416452][T18810] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  877.436905][   T30] audit: type=1326 audit(1760491498.890:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.456176][T18814] netlink: 'syz.1.4406': attribute type 4 has an invalid length.
[  877.469027][   T30] audit: type=1326 audit(1760491498.900:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.494652][T18807] 
[  877.500543][   T30] audit: type=1326 audit(1760491498.900:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.4.4404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4340b8eec9 code=0x7ffc0000
[  877.501338][T18807] ======================================================
[  877.530696][T18807] WARNING: possible circular locking dependency detected
[  877.537699][T18807] syzkaller #0 Not tainted
[  877.542109][T18807] ------------------------------------------------------
[  877.549113][T18807] syz.4.4404/18807 is trying to acquire lock:
[  877.555168][T18807] ffff88807daa2b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x27a/0x600
[  877.565048][T18807] 
[  877.565048][T18807] but task is already holding lock:
[  877.572399][T18807] ffff8880563343b8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x4ba/0x870
[  877.582276][T18807] 
[  877.582276][T18807] which lock already depends on the new lock.
[  877.582276][T18807] 
[  877.592666][T18807] 
[  877.592666][T18807] the existing dependency chain (in reverse order) is:
[  877.601672][T18807] 
[  877.601672][T18807] -> #1 (&ei->xattr_sem){++++}-{4:4}:
[  877.609247][T18807]        down_write+0x92/0x200
[  877.614017][T18807]        ext4_destroy_inline_data+0x2d/0xe0
[  877.619920][T18807]        ext4_do_writepages+0x1154/0x3cf0
[  877.625663][T18807]        ext4_writepages+0x37a/0x7d0
[  877.630969][T18807]        do_writepages+0x27a/0x600
[  877.636096][T18807]        filemap_fdatawrite_wbc+0x104/0x160
[  877.642004][T18807]        __filemap_fdatawrite_range+0xb9/0x100
[  877.648158][T18807]        ext4_convert_inline_data+0x1a7/0x610
[  877.654231][T18807]        ext4_fallocate+0x1f5/0x37a0
[  877.659519][T18807]        vfs_fallocate+0x5b4/0x10e0
[  877.664719][T18807]        ioctl_preallocate+0x1a0/0x210
[  877.670196][T18807]        do_vfs_ioctl+0x11da/0x14f0
[  877.675413][T18807]        __x64_sys_ioctl+0x114/0x210
[  877.680717][T18807]        do_syscall_64+0xcd/0xfa0
[  877.685762][T18807]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.692180][T18807] 
[  877.692180][T18807] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  877.700625][T18807]        __lock_acquire+0x126f/0x1c90
[  877.706014][T18807]        lock_acquire+0x179/0x350
[  877.711055][T18807]        ext4_writepages+0x224/0x7d0
[  877.716366][T18807]        do_writepages+0x27a/0x600
[  877.721488][T18807]        __writeback_single_inode+0x160/0xfb0
[  877.727574][T18807]        writeback_single_inode+0x2bc/0x550
[  877.733492][T18807]        write_inode_now+0x170/0x1e0
[  877.738773][T18807]        iput.part.0+0x487/0xb00
[  877.743723][T18807]        iput+0x35/0x40
[  877.747891][T18807]        ext4_xattr_block_set+0x67c/0x3650
[  877.753716][T18807]        ext4_expand_extra_isize_ea+0x1442/0x1ab0
[  877.760147][T18807]        __ext4_expand_extra_isize+0x346/0x480
[  877.766307][T18807]        __ext4_mark_inode_dirty+0x544/0x870
[  877.772310][T18807]        ext4_evict_inode+0x74e/0x18e0
[  877.777763][T18807]        evict+0x3e6/0x920
[  877.782198][T18807]        iput.part.0+0x6a9/0xb00
[  877.787149][T18807]        iput+0x35/0x40
[  877.791319][T18807]        ext4_orphan_cleanup+0x731/0x11e0
[  877.797060][T18807]        ext4_fill_super+0x8db7/0xaf70
[  877.802525][T18807]        get_tree_bdev_flags+0x38c/0x620
[  877.808163][T18807]        vfs_get_tree+0x8e/0x340
[  877.813123][T18807]        path_mount+0x7b9/0x23a0
[  877.818086][T18807]        __x64_sys_mount+0x293/0x310
[  877.823384][T18807]        do_syscall_64+0xcd/0xfa0
[  877.828427][T18807]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.834843][T18807] 
[  877.834843][T18807] other info that might help us debug this:
[  877.834843][T18807] 
[  877.845056][T18807]  Possible unsafe locking scenario:
[  877.845056][T18807] 
[  877.852493][T18807]        CPU0                    CPU1
[  877.857847][T18807]        ----                    ----
[  877.863198][T18807]   lock(&ei->xattr_sem);
[  877.867529][T18807]                                lock(&sbi->s_writepages_rwsem);
[  877.875246][T18807]                                lock(&ei->xattr_sem);
[  877.882096][T18807]   rlock(&sbi->s_writepages_rwsem);
[  877.887379][T18807] 
[  877.887379][T18807]  *** DEADLOCK ***
[  877.887379][T18807] 
[  877.895506][T18807] 3 locks held by syz.4.4404/18807:
[  877.900694][T18807]  #0: ffff88807daa40e0 (&type->s_umount_key#27/1){+.+.}-{4:4}, at: alloc_super+0x1e3/0xb60
[  877.910851][T18807]  #1: ffff88807daa4610 (sb_internal){.+.+}-{0:0}, at: evict+0x3e6/0x920
[  877.919347][T18807]  #2: ffff8880563343b8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x4ba/0x870
[  877.929679][T18807] 
[  877.929679][T18807] stack backtrace:
[  877.935557][T18807] CPU: 0 UID: 0 PID: 18807 Comm: syz.4.4404 Not tainted syzkaller #0 PREEMPT(full) 
[  877.935598][T18807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  877.935619][T18807] Call Trace:
[  877.935631][T18807]  <TASK>
[  877.935644][T18807]  dump_stack_lvl+0x116/0x1f0
[  877.935698][T18807]  print_circular_bug+0x275/0x350
[  877.935741][T18807]  check_noncircular+0x14c/0x170
[  877.935787][T18807]  __lock_acquire+0x126f/0x1c90
[  877.935832][T18807]  ? __lock_acquire+0x622/0x1c90
[  877.935876][T18807]  lock_acquire+0x179/0x350
[  877.935916][T18807]  ? do_writepages+0x27a/0x600
[  877.935963][T18807]  ? __pfx___might_resched+0x10/0x10
[  877.936022][T18807]  ext4_writepages+0x224/0x7d0
[  877.936074][T18807]  ? do_writepages+0x27a/0x600
[  877.936122][T18807]  ? __pfx_ext4_writepages+0x10/0x10
[  877.936174][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936214][T18807]  ? __lock_acquire+0xb8a/0x1c90
[  877.936263][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936305][T18807]  ? __pfx_ext4_writepages+0x10/0x10
[  877.936360][T18807]  do_writepages+0x27a/0x600
[  877.936407][T18807]  ? __pfx_do_writepages+0x10/0x10
[  877.936455][T18807]  __writeback_single_inode+0x160/0xfb0
[  877.936512][T18807]  ? __pfx___writeback_single_inode+0x10/0x10
[  877.936565][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936604][T18807]  ? do_raw_spin_unlock+0x172/0x230
[  877.936654][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936697][T18807]  writeback_single_inode+0x2bc/0x550
[  877.936754][T18807]  write_inode_now+0x170/0x1e0
[  877.936784][T18807]  ? __pfx_write_inode_now+0x10/0x10
[  877.936840][T18807]  ? find_held_lock+0x2b/0x80
[  877.936894][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936936][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.936978][T18807]  iput.part.0+0x487/0xb00
[  877.937029][T18807]  iput+0x35/0x40
[  877.937073][T18807]  ext4_xattr_block_set+0x67c/0x3650
[  877.937130][T18807]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  877.937176][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.937216][T18807]  ? xattr_find_entry+0x289/0x330
[  877.937258][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.937298][T18807]  ? ext4_xattr_block_find+0x59/0x430
[  877.937342][T18807]  ext4_expand_extra_isize_ea+0x1442/0x1ab0
[  877.937404][T18807]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  877.937458][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.937498][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.937541][T18807]  ? dquot_initialize_needed+0x183/0x2a0
[  877.937592][T18807]  __ext4_expand_extra_isize+0x346/0x480
[  877.937637][T18807]  __ext4_mark_inode_dirty+0x544/0x870
[  877.937695][T18807]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  877.937751][T18807]  ? __pfx___might_resched+0x10/0x10
[  877.937809][T18807]  ? ext4_journal_check_start+0x22b/0x340
[  877.937861][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.937901][T18807]  ? __ext4_journal_start_sb+0x19e/0x690
[  877.937950][T18807]  ? ext4_evict_inode+0x5cf/0x18e0
[  877.937984][T18807]  ext4_evict_inode+0x74e/0x18e0
[  877.938018][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  877.938049][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938097][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  877.938128][T18807]  evict+0x3e6/0x920
[  877.938174][T18807]  ? __pfx_evict+0x10/0x10
[  877.938217][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938263][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938308][T18807]  iput.part.0+0x6a9/0xb00
[  877.938354][T18807]  ? __pfx_ext4_drop_inode+0x10/0x10
[  877.938402][T18807]  iput+0x35/0x40
[  877.938446][T18807]  ext4_orphan_cleanup+0x731/0x11e0
[  877.938507][T18807]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  877.938566][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938606][T18807]  ? ext4_register_li_request+0xec/0x9b0
[  877.938645][T18807]  ext4_fill_super+0x8db7/0xaf70
[  877.938696][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  877.938730][T18807]  ? do_raw_spin_lock+0x12c/0x2b0
[  877.938776][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938816][T18807]  ? find_held_lock+0x2b/0x80
[  877.938873][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938912][T18807]  ? sb_set_blocksize+0x176/0x1d0
[  877.938952][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.938991][T18807]  ? setup_bdev_super+0x369/0x730
[  877.939024][T18807]  get_tree_bdev_flags+0x38c/0x620
[  877.939060][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  877.939100][T18807]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  877.939137][T18807]  ? apparmor_capable+0x114/0x1d0
[  877.939174][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.939213][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.939253][T18807]  ? security_capable+0x7e/0x260
[  877.939308][T18807]  vfs_get_tree+0x8e/0x340
[  877.939359][T18807]  path_mount+0x7b9/0x23a0
[  877.939406][T18807]  ? __pfx_path_mount+0x10/0x10
[  877.939451][T18807]  ? putname+0x154/0x1a0
[  877.939498][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.939537][T18807]  ? putname+0x154/0x1a0
[  877.939584][T18807]  ? __x64_sys_mount+0x293/0x310
[  877.939625][T18807]  __x64_sys_mount+0x293/0x310
[  877.939670][T18807]  ? __pfx___x64_sys_mount+0x10/0x10
[  877.939714][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  877.939754][T18807]  ? __secure_computing+0x28e/0x3b0
[  877.939801][T18807]  do_syscall_64+0xcd/0xfa0
[  877.939855][T18807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.939888][T18807] RIP: 0033:0x7f4340b9066a
[  877.939914][T18807] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.939948][T18807] RSP: 002b:00007f4341996e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  877.939978][T18807] RAX: ffffffffffffffda RBX: 00007f4341996ef0 RCX: 00007f4340b9066a
[  877.940001][T18807] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4341996eb0
[  877.940023][T18807] RBP: 0000200000000180 R08: 00007f4341996ef0 R09: 0000000000800718
[  877.940045][T18807] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[  877.940067][T18807] R13: 00007f4341996eb0 R14: 0000000000000473 R15: 0000200000000680
[  877.940105][T18807]  </TASK>
[  878.057692][T18814] netlink: 'syz.1.4406': attribute type 4 has an invalid length.
[  878.244454][T18810] EXT4-fs (loop0): 1 truncate cleaned up
[  878.273463][T18807] ------------[ cut here ]------------
[  878.387178][T18810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  878.390362][T18807] EA inode 11 i_nlink=2
[  878.391131][T18807] WARNING: CPU: 1 PID: 18807 at fs/ext4/xattr.c:1056 ext4_xattr_inode_update_ref+0x4ec/0x610
[  878.422975][T18811] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  878.424996][T18807] Modules linked in:
[  878.430002][T18811] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  878.434230][T18807] 
[  878.434249][T18807] CPU: 1 UID: 0 PID: 18807 Comm: syz.4.4404 Not tainted syzkaller #0 PREEMPT(full) 
[  878.434296][T18807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  878.465019][T18811] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  878.479664][T18807] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610
[  878.539423][T18810] EXT4-fs error (device loop0): ext4_read_inline_dir:1475: inode #12: block 7: comm syz.0.4405: path /96/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  878.540636][T18807] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 c0 5d a8 8b e8 35 00 ed fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 36 cb 2e ff 44 0f b6 2d 22 8b dd 0d
[  878.604118][T18811] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  878.605389][T18807] RSP: 0018:ffffc90003097178 EFLAGS: 00010282
[  878.681071][T18811] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  878.683218][T18807] RAX: 0000000000000000 RBX: ffff8880563b0298 RCX: ffffc9000b759000
[  878.683247][T18807] RDX: 0000000000080000 RSI: ffffffff817b5ef5 RDI: 0000000000000001
[  878.683274][T18807] RBP: ffffc90003097240 R08: 0000000000000001 R09: 0000000000000000
[  878.683299][T18807] R10: 0000000000000001 R11: 7275636573203f20 R12: 0000000000000002
[  878.683324][T18807] R13: 0000000000000000 R14: 1ffff92000612e32 R15: ffff8880563b0488
[  878.683353][T18807] FS:  00007f43419976c0(0000) GS:ffff888124ada000(0000) knlGS:0000000000000000
[  878.683387][T18807] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  878.683414][T18807] CR2: 000055557b7a5588 CR3: 0000000063085000 CR4: 0000000000350ef0
[  878.699555][T18811] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  878.705254][T18807] Call Trace:
[  878.705269][T18807]  <TASK>
[  878.705287][T18807]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  878.772854][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.778520][T18807]  ? ext4_xattr_inode_iget+0x1ee/0x400
[  878.782947][T18815] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[  878.784052][T18807]  ext4_xattr_set_entry+0x158f/0x1f00
[  878.803983][T18807]  ? __pfx_ext4_xattr_set_entry+0x10/0x10
[  878.809732][T18807]  ? xattr_find_entry+0x289/0x330
[  878.814837][T18807]  ext4_xattr_ibody_set+0x3d6/0x5d0
[  878.820089][T18807]  ext4_expand_extra_isize_ea+0x148c/0x1ab0
[  878.826106][T18807]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  878.833354][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.839015][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.845559][T18807]  ? dquot_initialize_needed+0x183/0x2a0
[  878.851239][T18807]  __ext4_expand_extra_isize+0x346/0x480
[  878.856937][T18807]  __ext4_mark_inode_dirty+0x544/0x870
[  878.862450][T18807]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  878.868496][T18807]  ? __pfx___might_resched+0x10/0x10
[  878.873841][T18807]  ? ext4_journal_check_start+0x22b/0x340
[  878.879575][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.885231][T18807]  ? __ext4_journal_start_sb+0x19e/0x690
[  878.890875][T18807]  ? ext4_evict_inode+0x5cf/0x18e0
[  878.896118][T18807]  ext4_evict_inode+0x74e/0x18e0
[  878.901056][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  878.906454][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.912097][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  878.917526][T18807]  evict+0x3e6/0x920
[  878.921453][T18807]  ? __pfx_evict+0x10/0x10
[  878.925896][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.932285][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.938736][T18807]  iput.part.0+0x6a9/0xb00
[  878.943206][T18807]  ? __pfx_ext4_drop_inode+0x10/0x10
[  878.948516][T18807]  iput+0x35/0x40
[  878.952157][T18807]  ext4_orphan_cleanup+0x731/0x11e0
[  878.957490][T18807]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  878.963212][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.968849][T18807]  ? ext4_register_li_request+0xec/0x9b0
[  878.974518][T18807]  ext4_fill_super+0x8db7/0xaf70
[  878.979500][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  878.984845][T18807]  ? do_raw_spin_lock+0x12c/0x2b0
[  878.989883][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  878.995546][T18807]  ? find_held_lock+0x2b/0x80
[  879.000242][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.005910][T18807]  ? sb_set_blocksize+0x176/0x1d0
[  879.010938][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.016601][T18807]  ? setup_bdev_super+0x369/0x730
[  879.021624][T18807]  get_tree_bdev_flags+0x38c/0x620
[  879.026766][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  879.033017][T18807]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  879.038679][T18807]  ? apparmor_capable+0x114/0x1d0
[  879.044790][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.050464][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.056132][T18807]  ? security_capable+0x7e/0x260
[  879.061093][T18807]  vfs_get_tree+0x8e/0x340
[  879.065551][T18807]  path_mount+0x7b9/0x23a0
[  879.069979][T18807]  ? __pfx_path_mount+0x10/0x10
[  879.074855][T18807]  ? putname+0x154/0x1a0
[  879.079108][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.084785][T18807]  ? putname+0x154/0x1a0
[  879.089084][T18807]  ? __x64_sys_mount+0x293/0x310
[  879.094058][T18807]  __x64_sys_mount+0x293/0x310
[  879.098859][T18807]  ? __pfx___x64_sys_mount+0x10/0x10
[  879.104200][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.109841][T18807]  ? __secure_computing+0x28e/0x3b0
[  879.115286][T18807]  do_syscall_64+0xcd/0xfa0
[  879.119836][T18807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.125745][T18807] RIP: 0033:0x7f4340b9066a
[  879.130155][T18807] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  879.150565][T18807] RSP: 002b:00007f4341996e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  879.159779][T18807] RAX: ffffffffffffffda RBX: 00007f4341996ef0 RCX: 00007f4340b9066a
[  879.167784][T18807] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4341996eb0
[  879.175772][T18807] RBP: 0000200000000180 R08: 00007f4341996ef0 R09: 0000000000800718
[  879.183754][T18807] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[  879.191717][T18807] R13: 00007f4341996eb0 R14: 0000000000000473 R15: 0000200000000680
[  879.199830][T18807]  </TASK>
[  879.202939][T18807] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  879.210219][T18807] CPU: 1 UID: 0 PID: 18807 Comm: syz.4.4404 Not tainted syzkaller #0 PREEMPT(full) 
[  879.219584][T18807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  879.229638][T18807] Call Trace:
[  879.232905][T18807]  <TASK>
[  879.235824][T18807]  dump_stack_lvl+0x3d/0x1f0
[  879.240435][T18807]  vpanic+0x640/0x6f0
[  879.244431][T18807]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  879.250415][T18807]  panic+0xca/0xd0
[  879.254139][T18807]  ? __pfx_panic+0x10/0x10
[  879.258563][T18807]  check_panic_on_warn+0xab/0xb0
[  879.263507][T18807]  __warn+0xf6/0x3c0
[  879.267413][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.273058][T18807]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  879.279056][T18807]  report_bug+0x3c3/0x580
[  879.283404][T18807]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  879.289406][T18807]  handle_bug+0x184/0x210
[  879.293741][T18807]  exc_invalid_op+0x17/0x50
[  879.298248][T18807]  asm_exc_invalid_op+0x1a/0x20
[  879.303102][T18807] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610
[  879.309702][T18807] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 c0 5d a8 8b e8 35 00 ed fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 36 cb 2e ff 44 0f b6 2d 22 8b dd 0d
[  879.329312][T18807] RSP: 0018:ffffc90003097178 EFLAGS: 00010282
[  879.335384][T18807] RAX: 0000000000000000 RBX: ffff8880563b0298 RCX: ffffc9000b759000
[  879.343354][T18807] RDX: 0000000000080000 RSI: ffffffff817b5ef5 RDI: 0000000000000001
[  879.351335][T18807] RBP: ffffc90003097240 R08: 0000000000000001 R09: 0000000000000000
[  879.359302][T18807] R10: 0000000000000001 R11: 7275636573203f20 R12: 0000000000000002
[  879.367267][T18807] R13: 0000000000000000 R14: 1ffff92000612e32 R15: ffff8880563b0488
[  879.375254][T18807]  ? __warn_printk+0x1a5/0x350
[  879.380033][T18807]  ? ext4_xattr_inode_update_ref+0x4eb/0x610
[  879.386035][T18807]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  879.392381][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.398026][T18807]  ? ext4_xattr_inode_iget+0x1ee/0x400
[  879.403505][T18807]  ext4_xattr_set_entry+0x158f/0x1f00
[  879.408898][T18807]  ? __pfx_ext4_xattr_set_entry+0x10/0x10
[  879.414630][T18807]  ? xattr_find_entry+0x289/0x330
[  879.419668][T18807]  ext4_xattr_ibody_set+0x3d6/0x5d0
[  879.424883][T18807]  ext4_expand_extra_isize_ea+0x148c/0x1ab0
[  879.430807][T18807]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  879.437072][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.442722][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.448377][T18807]  ? dquot_initialize_needed+0x183/0x2a0
[  879.454032][T18807]  __ext4_expand_extra_isize+0x346/0x480
[  879.459687][T18807]  __ext4_mark_inode_dirty+0x544/0x870
[  879.465175][T18807]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  879.471182][T18807]  ? __pfx___might_resched+0x10/0x10
[  879.476498][T18807]  ? ext4_journal_check_start+0x22b/0x340
[  879.482240][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.487882][T18807]  ? __ext4_journal_start_sb+0x19e/0x690
[  879.493536][T18807]  ? ext4_evict_inode+0x5cf/0x18e0
[  879.498652][T18807]  ext4_evict_inode+0x74e/0x18e0
[  879.503593][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  879.508980][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.514630][T18807]  ? __pfx_ext4_evict_inode+0x10/0x10
[  879.520005][T18807]  evict+0x3e6/0x920
[  879.523917][T18807]  ? __pfx_evict+0x10/0x10
[  879.528348][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.533996][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.539646][T18807]  iput.part.0+0x6a9/0xb00
[  879.544083][T18807]  ? __pfx_ext4_drop_inode+0x10/0x10
[  879.549397][T18807]  iput+0x35/0x40
[  879.553058][T18807]  ext4_orphan_cleanup+0x731/0x11e0
[  879.558294][T18807]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  879.563954][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.569598][T18807]  ? ext4_register_li_request+0xec/0x9b0
[  879.575245][T18807]  ext4_fill_super+0x8db7/0xaf70
[  879.580206][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  879.585495][T18807]  ? do_raw_spin_lock+0x12c/0x2b0
[  879.590537][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.596180][T18807]  ? find_held_lock+0x2b/0x80
[  879.600889][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.606529][T18807]  ? sb_set_blocksize+0x176/0x1d0
[  879.611565][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.617206][T18807]  ? setup_bdev_super+0x369/0x730
[  879.622237][T18807]  get_tree_bdev_flags+0x38c/0x620
[  879.627355][T18807]  ? __pfx_ext4_fill_super+0x10/0x10
[  879.632649][T18807]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  879.638289][T18807]  ? apparmor_capable+0x114/0x1d0
[  879.643319][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.648963][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.654608][T18807]  ? security_capable+0x7e/0x260
[  879.659575][T18807]  vfs_get_tree+0x8e/0x340
[  879.664017][T18807]  path_mount+0x7b9/0x23a0
[  879.668455][T18807]  ? __pfx_path_mount+0x10/0x10
[  879.673322][T18807]  ? putname+0x154/0x1a0
[  879.677582][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.683227][T18807]  ? putname+0x154/0x1a0
[  879.687492][T18807]  ? __x64_sys_mount+0x293/0x310
[  879.692442][T18807]  __x64_sys_mount+0x293/0x310
[  879.697222][T18807]  ? __pfx___x64_sys_mount+0x10/0x10
[  879.702521][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[  879.708168][T18807]  ? __secure_computing+0x28e/0x3b0
[  879.713389][T18807]  do_syscall_64+0xcd/0xfa0
[  879.717933][T18807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.723835][T18807] RIP: 0033:0x7f4340b9066a
[  879.728252][T18807] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  879.747863][T18807] RSP: 002b:00007f4341996e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  879.756287][T18807] RAX: ffffffffffffffda RBX: 00007f4341996ef0 RCX: 00007f4340b9066a
[  879.764259][T18807] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4341996eb0
[  879.772229][T18807] RBP: 0000200000000180 R08: 00007f4341996ef0 R09: 0000000000800718
[  879.780196][T18807] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[  879.788163][T18807] R13: 00007f4341996eb0 R14: 0000000000000473 R15: 0000200000000680
[  879.796147][T18807]  </TASK>
[  879.799367][T18807] Kernel Offset: disabled
[  879.803681][T18807] Rebooting in 86400 seconds..