last executing test programs:

4m55.448130162s ago: executing program 3 (id=211):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000001f80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000001600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r1, 0x2284, &(0x7f0000000080))

4m55.24465418s ago: executing program 3 (id=214):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000100)={[{@grpid}, {@auto_da_alloc}, {@lazytime}, {@journal_dev={'journal_dev', 0x3d, 0x6}}]}, 0x7, 0x4d4, &(0x7f0000000180)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpiuJN4NDEejTdNvOrRePIPwIMHE0NCDBfA05jZnWm3291ttz8p+/kk232e2WfmeZ6ZeWaffZ7OBNCzhrI/ScT/IuJORDxVjy5MMFR/e3j/+sSj+9cnYjZNz/yT1NI9yOK5Yr2deWS4FFH6MmnaYN301WsXxqvVqSt5fHTm4mej01evvX7+4vi5qXNTl8ZOnTpx/NjJN8fe6L5SLfLL6vVg/xeXD+x79+zt9yfKxfKB/L2xHm2VuyvGUIfPXuluU4+9XQ3hZPF+urGhhWHZBvLTupK1/+vVw2c3u0DAhknTNO1v//Fs2uzmoiXAlpXEZpcA2BzFF332+7d4bVDX47Fw73T9B1BW74f5q/5JOUp5mkrT79u1NBQRH8/++032ik7jEH+uUwEAgJ7zy+miJ9jc/yvF3oZ0/8/nUAYj4umI2B0Rz0TEnoh4NqKW9rmIeL45gyQi7ZD/nqb4fP4/5rMIpburrmQHWf/vrXxua2H/r+j9xWBfHtsVUXSYp47m+2Q4Kv2fnK9OHWuz/W1L5N/Y/8teWf5FXzAvx91y0wDd5PjM+Mpqu9i9mxH7y831T8rZgSumcZKI2BcR+7vY7mBD+Pxr3x2Yi1Ty96/rb0vXvyZtMaXX9XxcK+m3Ea/Wj/9sNB7/ZD7HpPP85OhAVKeOjmZnwdGWefz2+60P2uW/ZP1/+qt5lXdO/nxm1fUuZMd/R8P5H8X87fwk6mASkczN105HpH3d5XHrj/YrrPT835Z8VAsX7evz8ZmZK8citiXvLV4+Nr9uES/SZ/UfPtK6/e/O18n2xAsRkZ3EL0bESxFxMC/7oYg4HBFHOtT/17df/nTl9V9fWf0nW17/Fhz/+fn6ZQaKlbMlfRcO3XnU5uKxvON/ohYazpe0vv4lCy4Ryy3p6vYeAAAAbA2lqP3vf2lkLlwqjYzUx4D2xI5S9fL0zMGIuDRZv0dgMCqlYqSrPh5cSYrxz8GG+FhT/Hg+bvxV3/ZafGTicnVysysPPW5nrc0ni9p/5u8ux3mBLWgN5tGALWqp9r/39gYVBNhwvv+hdzW0/9k2SWb9pww8mXz/Q+9q1f5vxPcd711wzYCtL9WWoadp/9C7yvHhXLh223PLu22BJ5Hvf+hJ3d7Xv5xA8biGaxfS/tZpBqLFEwMG1rgYeWB7i7w2JZD1rNZwg5WIWF7i7SvJougCtn/CQ6m7DfbH4o/6otNaSRfPcSgC2V5ZMvG5vWt+8hfPRFnr0+aH+XZaaTgW5aWOzuoDG3oZAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWDf/BQAA//8mic8a")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x18)

4m54.740073405s ago: executing program 3 (id=215):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
syz_clone3(0x0, 0x0)
io_cancel(0x0, 0x0, 0x0)

4m54.535359033s ago: executing program 3 (id=217):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./bus\x00', 0x2, &(0x7f0000000b40)=ANY=[@ANYRES32=0x0, @ANYRES8=0x0, @ANYRES32], 0xff, 0x2e7, &(0x7f0000000280)="$eJzs3M9LG2kcx/Gvml9GNDksu+wuy37ZveyyMGj2XghFaWmgRU2pLRRGnbQh00QygyWlqD31WvpH9CDe6k1oe+jVS2899dKbhxZKqfTXlEwmGjX+oiZa836B5nGe5+vzTGYcPiNk1q48uFXIOUbOdKW7OyzdIguyLpKstkQq1W9dIhKTmi6JSKMF+bfv3cs/xiauXkhnMsOjqiPp8f9Tqjrw55Pbd5f+eub2XV4eWInKavL62tvU69WfV39d+zp+M+9o3tFiyVVTJ0uv3Mikbel03ikYqpc8z3QszRefT4j4/SXXrPbn7NLMTEXN4nR/fKZsOY6axYoWrIpKSKRcUfOGmS+qYRjaHxfsJ7o4Omqm/Wbs0MVTLVgQvtu5HSd+uZw2e0Skd8fY7GK7VgUAAE6OLfk/ptvzv68reK1u+eJ5XmO9n//fPxY5UP5fieyS/4N8X8//tlXL/45Vdg+W/92SutX8HyL/H0J2M//j1Krm/3jw9+u7d21p0G+Q/wEAAAAAAAAAAAAAAAAAAAAA+BGse17C87xE/bX+FQ0+El7/+bjXidbg+He2MQ0aqjER+/5sdjYrYodrGzeOuyWDkpDP/vkQqLVHzmeGB9WXlKf2fFA/P5vt8QvTOcmLLZYMSUKSzeuHavW6tT4s8cb6lCTkp+b1qab1Efnn74Z6QxLyYkpKYsu0f15v1s8NqZ69mNlW3+uPAwAAAADgNDB0Q9P7d8PYrb9Wn86J+PfX+/9/YNv9dUh+Cx3vvgMAAAAA0Cmcyp2CadtWuY2NmIi0fq7q3rV+d3r3HjP3X/vf3pPTSDRsqT9Euu3LCDVOGg1W0aK5fnn46MPR/cIzy79/atb1sS1v3QEuHuHWXZcAAAAAHL3N0L/7GO9NO1cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnad1TxHqCGfZ6sgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQWb4FAAD//9yVIwU=")
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
syz_pidfd_open(r1, 0x0)

4m54.156351496s ago: executing program 3 (id=220):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="06e28092c5ec1d88d05e0a6f2ce709c63de1ab461557270000fc494605c77dc874d0734eed79ecd2e373cf63d3a4e9a461877edf08af5c6c56be907e383f7a1cce50acae1ed1944d1e00f576d2365e27c059eaceee4e56e1f161effd91efedde230512ce932b03ea7ccfb1442c3d8c8954f4b9cdc4bc9dc1f14af9e5b22f9ba40774572c6992ca3e89d70fc2ab813333d71fbea6b7a7b60004285435319ebbae2cc5f343756ed4c9eb88760294047270864a6921876a953daf8b1e8dfa14c0626ce6597cd21a38b8b115ea15c3d63f4119868d4b3948cfcda7f069a9ccb0bbaa4854f0dc1092e6f0b16873951b1e521e1ce63614fc34a7cc07f154261ec71cd457229a5897a9815f7641bdf50b05aa1d5d1a8449f02cfaaeab93fe13c3d9506d0b6601af66ef870fb98b97b7b9d1c3c2790c21dbf6f7ebd3b0a85faa3288257ab2ae248865498bf0b7f23e12cfa7a3137a9903f866eb874415cf20253e94ddfb1533827d15580041", 0x168}, {&(0x7f0000001600)="c9fbe0378bef0a6749d715b5c3e27d03e68c83579553d3bd9cc08edbae86d2f95e95a3fa8ab031e21b5a47e4205c87eefc819e6ea7bd0f6772e957f739339398cd07aeb0522339dde07af5b6ee6b94221ca3494c29be340810d421808f27877885583a2c80d4331aca54533ad84a0ccc5fa28956504f2eafc0f098f878ae3caf30b7981d5e778aaa197d235aa31c4c77fdf0e1c0d31fc7c43969830f82c4b5631e47df6b9a9f59a57e0e7bd1f9e4fcdb4150f713fb9e3530650b43a92853d1e3334fe72113d518a558343615ba8d3412bda82b725855e14c29f7ed81e1cbb76f9684cc6b7fcdc2808119a0f8328b0c5d0e996e50e95605724abb1c635b0bf633f4bcca6213fef03260e56321e3270f322eb13b8ab70c726cbce78c93e4c87d7d7b363542b1b4eb90242ae9459775aa7c045233df9912fc47d6793f40bb5543b537ed6b79e0091e3c069644ce8d6ea00125815fae3c25f4d5c847e76c0c697d7df260ba36e6917f75ccd289070477665e64ac3e00c93228b72763f28104defab475f03841980110b23d02a3d1b74d25c8f2e1c8dfd9243e0bb7a583f091f829329f045f2fc0c40bb4a5205b071d4b6959663c6bfc1f04b23db627ac9fc792cd3355dbbc031d56107ea3379209a49abf03a8347fce6d48cf1968b64558e30210b02214cd0728c6743b89bd4cc2f1d1424fcedd95fa700751a4ff438469fd9e6f3a47200f3fbbde74bdbbeabfb6f96e32366d85a8e6bb6d576687634daac56c9619e4bbeea7606f223d3976c4bea9a07406b037cef4d06cc9e447dc06901c91145aeb9b9726cbf808d253cb01e0806f21d82b928173be2f5bbed1a97e725b17d1d1bd19c14935abd242ca6501c4282f5f1a3e813c68bdb88add0b6fcc14b8355a81b9ac915e5d51212438c5d2993f26456c9ecde871752c99ddbaecb3f6f5f02a0542e898b64a6d475aae01f2aca6c6013907c085ef56483c910cdf4cdcdb516533aeb97644462cd012e0407dfdeff5428e23edd335b1590641353c54f0802f45d880cb8f22ebbac0cc094a771877aac6491aa62350ccde2993826928e6614b76c15e4aae8ede6de392f4f6567f0833ced4458bca37928cc2a70ca20cd38c11138b6ba39a6374ef7f150eb2d5a500a6b9c010d13dcf7318deb8c106e2448c6b21f62051300080dcc9d87db52cefe722035f1508fff231c22bfc8f1d2e14de70a281be8eb3649ace61896f0c33357fcd838db94aaca611b228f76cb4ab983ad3ab636c7260d57bba0061574bb0876afbeb916e252572687b8d28ba7c945f07e0286bedfd7c259769016225a158bf607dd62e11c83bc686a7ab2903ddd64d4e2c44f39ac1f76b80d6be086396e7515441afcadfecb940776ee4f776d3c294dce9aab77e5c2f6c36c20b4343d80d0c3da5f838b948aa684729c578718d3a0811a1dd654e7ad5e414d892ceb3dd704632caa4dcfdc947ce9391ab9abaa0951d12d56623b0028fe78da20a65df9eabb16e4b14bbbfea7108ab4308e7cb540ab8a810cebbf0d3b64ba108d281c91b011f2a8e565c4b802448bad1a57fe6e74fd3278211a70f0767746ed1f234e8edbcb6f8a215e66849a7f10d1533ef626e31725439afd95c9b3a673041459e473d5ddbcc187f55d72d054bf16a714ee0f4bb5d14cf29b853fd6f703b54f227d20ca414b3d6314e9448d211707158ea758e04a2fe7dad468374d62ab4240bb3c9782faa9f87aec26876714b169198931cbd486c01bb2156488467cda498d0a0c62ff6cf03fc68aa3b8051fff5d68e8374796439e9cf12dae426d3692c2d50699eae00ba4b9797fe5295740d8efb64a48bda389e841254638a118337404194e440a2338e2ce0b32395874e0d5cc36c0f1231426d82636e5a7182f82ea545bf7cd5d19ff42a1e8b90193a82452a0eec6575bf7181275d5c2ba2d74a5bda47934d8c89f3225f38959c12b3a2cae85e5108439bc262b69f5bd5f73a86776525f4ecb1685175ffc05aa5faadcc3be80d0b1d1bfc34ffc2ee1cde6bdf0000000000000000000000000000000061293c817aaec775b1f08ddb2e3ce8679267", 0x5c4}], 0x2, 0x0, 0x0, 0x2c}, 0x40440c4)

4m53.604047715s ago: executing program 3 (id=224):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

4m53.113424109s ago: executing program 32 (id=224):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1m47.172066465s ago: executing program 4 (id=1905):
unshare(0x2020480)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1}})

1m46.530528182s ago: executing program 4 (id=1911):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0x0, 0x0}, 0x10)

1m46.314114951s ago: executing program 4 (id=1913):
sched_setscheduler(0x0, 0x2, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x8000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
fcntl$addseals(0xffffffffffffffff, 0x409, 0xb)
write$UHID_INPUT(r3, &(0x7f0000000440)={0xf, {"a2e3ad21e08eeb661b5d380987f70e06d038e7ff7fc6e5539b0d750e8b089b3f363b68090890e0878f0e1ac6e7049b3b48959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63da1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e6409000000000000002fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec1109110900d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e1505f6bf39ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97912507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000010000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227eabc1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b649f07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c47f8156832369c33076da865d258734dd73583df292892448839ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059ec01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c27155005e797b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02c67141a360c3ace48aee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7fdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e44e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333b25bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475fb7807fb33b72685ec37a2d3f7664fe2f0459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b6cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5dd40b0000000000005f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128060000008261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b6c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb00600000000000000dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69cce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0x0, 0x4, 0x5}})

1m45.785795958s ago: executing program 4 (id=1917):
socket$caif_stream(0x25, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = io_uring_setup(0x4a88, &(0x7f0000000300)={0x0, 0xb67e, 0x8, 0x8001002, 0x3d7})
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200890, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffc01, 0x8)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000001040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a48000000180a030000000000000000000000000708000740000000010900020073797a32000000000900020073797a31000000001400038008000140000000000800024000000000980b00000e0a010300000000000000000a0000030900010073797a31000000000900010073797a30000000000900020073797a32000000000900020073797a3000000000540b0380000100800800034000000000f4000280b7000100739eb897c473259aa4837fa0bd730cc1cfbcd89af1edea9a5d94953c39eb8973439bd3bf52cf0b982cbcccc6bde34053181df38bae496c8d730b00c31849b0587cb2da02af2490962dc09afa292aa3d612f06da5d23f5cc09c1d3225f9342f0d8a44c0efb52e5967e8e5ec36915769b62aba2adada01dcf7f285a04d720426a5153022604d2a857fc04d6e778730693df7deb35b98099761ec9506d0f6794585f328c79723f4b9703ee65ff37ec637a2119080000c00028008000180fffffffc2c00028008000180fffffffd08000180fffffffb08000180fffffffd080003400000000308000180ffffffff100000800c000440fffffffffffffffd28010080000101801100010021f988c60f61656a95cc04ed710000000c0002800800034000000002680002800900020073797a30000000000900020073797a31000000000900020073797a300000000008000180fffffffe08000180ffffffff08000180fffffffb08000180fffffffe08000180ffffffff0900020073797a32000000000900020073797a31000000005400028008000340000000030900020073797a320000000008000180fffffffe08000180fffffffe0900020073797a32000000000900020073797a30000000000900020073797a310000000008000180fffffffb2000028008000340000000080900020073797a31000000000800034000000001240007800b00010265787468647200001400028008000740000000020800074000000004f8050065329128dff08ceb0308000340000000030800034000000001cc0202804400028008000180fffffffc080003400000000308000180fffffffd08000340000000010900020073797a300000000008000180fffffffe0900020073797a300000000084000100b18d25a9be33001d230b23d069bafd15dd34d1f04e69b2593833f11cb0f42219c82bfab188542b4c1215512d58be91520d097a057211b8aca51263c9f5711252c4f6dd733cb08d4370b954b24f0b14a3e7fbab349eeb7eb4a619cf3db0a8471b49d906c52214cde3eca2ef53602ca81e4a055836a96ada1aaafb5a39c28e8b813000028008000180ffffffff080003400000000108000180ffffffff08000340000000010900020073797a3200000000c5000100f5297c134d4920278f740f460bd663c6cbb7d50ec6650e6aa5620aaf3e3d2a9a729dddf770396070081153c8b0d08e805f43365179dbf6772e887c6bcc828eab23cdd1ea98a9c38b3b43ea02dab0c2b25588a6cb521900db0b3ea993a62c04c2993c49db7f8e98032c7e16455a7c9c9679b2389b266345804e27a63f7935aa7cd0a39d66265313f7ee535cf49b851f91b788b60216dea8b1db75826ceafe09ac8dd176795fd4313d76559528171a7906fdfda3e6301ffdde6ecf4225ba55c10dfa000000200002800900020073797a3100000000080003400000000208000340000000034c0002800900020073797a32000000000900020073797a310000000008000340000000030900020073797a31000000000900020073797a310000000008000180fffffffd08000340000000041400028008000180ffffffff08000340000000022000028008000180fffffffb08000180fffffffe0900020073797a30000000002c0002800900020073797a3000000000080003400000000108000340000000010900020073797a31000000003c000280080003400000000208000180fffffffd08000180fffffffc08000180fffffffb080003400000000308000180fffffffe08000180ffffffff88020180520001006a22aef1c500f84bf78ff7246d71cd6a133b52a95ebb966397a30f79f7de2568b47d4c42343c74a129b5fb9430ad506d00e1e5cdfef329f3431f19b7a2f5bc3831b1d8f66c6c9afc5f92f441c0de000072000100b55db4f10ad152d1145f148cbccdd79ab84f29ef010f41cc50f0e19ba06c7f0ed349be7e149a1b9f1a0b2b97b523545f201344800fcf2062340a27eb5fe8a8848f407f00b3f28456dd6fc1ba24c619d950ad9489260c023434b2b2c8bf79aa3db3c8d633523b35c8156919d3e1f800000c00028008000180fffffffc33000100e1aa1de8766c7a7bdee9c2cc07ebf6c7cff4b4038b6b8e9e27adfc43bea5a79f7883a3770c042d4fb08ed0a269c6d3002400028008000180fffffffc0900020073797a31000000000900020073797a31000000003f000100b6d8b8cfb2ce8e52eb0004147dfdb71f3c334f5912e5267c9f38687e2eb7fdfad2585f2cd325676a98b442cfbc6ec2362e54bf278b6a786a2fd51a001800028008000180fffffffd0900020073797a3100000000c50001004a639c6baee4b2abac049d10316356cf50cbe0a8fae0be5cb5396c9fbf0349a5b0436d12523cc21b167c74d712a1f5e7ee7bf21aa91a2dc8c06ed155cf30f3e74250d7bd6426a2fd7c5777506744437c00920b169229e8c6d94843cd9bd1171117bf9972afa6ba50b2a9c92aa0cb8d82c20d36ef4cf83f1393740d8660920a506a29668ca7f1b447de9f1c6fd172ab086f68255cce91e3301d871fe96e4011091542e2389edaf84193b5f1655f4ed361febde23469a8cd9292b54b566247e5fee900000014000280080003400000000108000180ffffffff24000280080003400000000408000180fffffffe080003400000000408000180fffffffb20000780080001006475700014000280080002400000000d080002400000000e68000280640002800900020073797a3200000000080003400000000408000340000000030900020073797a31000000000900020073797a3200000000080001800000000708000180fffffffc08000180fffffffc0900020073797a320000000008000180fffffffb200300800c000540000000000e7c68ab68010b80100001800b000100736f636b65740000500001800d00010073796e70726f7879000000003c0002800600014000020000080003400000000106000140000200000500020002000000080003400000000805000200040000000800034000000008100001800b00010074756e6e656c00005c0001800c0001007061796c6f6164004c000280080001400000000d0800014000000010080003400000001b080005400000000d0800084000000000080008400000000008000740000000330800014000000015080008400000000154000180090001006d61737100000000440002800800024000000000080002400000001708000340000000130800024000000000080003400000000e08000240000000090800034000000008080003400000000d440001800b00010074756e6e656c00003400028008000140000000010800014000000001080003400000000108000140000000010800014000000000080001400000000008000340000000039801028091000100ecbe184118decc0c50beec441a4f4c8301dd36972dd1ec9b5c06e2b47f3ae30ded3867d5159bf8993462aa9b692a603aac687a1da2ca301f99cf5defaddcf438f7efa82cb95e13d86386e5d5d29e8d41d9b375e104b348b3f151c2e486e3cfa52ded991aeaad8abca62e95ff338a9eb77244bf6f02fc0ddc69829c3820d7f6e6032f20482ac86b6a7903fbd35e000000590001002a1e647cf911066c0cecb04e5217c29ba888c202fe953fbcdc5596f4a8d0fb36582da84898e09c4f997a8c4bb6f089d192957ba89934c42a78f732387449cee4d7d1efe5d83c9642a71f4a5dc342fc8db864db32a6000000a30001008542905318a511ac59eadd468187de2142b42337e77d7016bd5190843dfe8cfb9259bc25001fda895f0ba442a49456d7ba0e73bfc0b0b4f2cee23e5c8c42e271da5c8c18704bba960151ac2b72ba95d59babb10a9063ffcc87ad7501ec1e2355a99891193124f0635b8d39de1f80391eb23acbe16d33d7012346322ffe99826400e20e43fd6ef2d969090d4625216d5706b26f152765d60efd7ce6e7bddbdc000800034000000003ac000000140a010200000000000000000700000a34000800bd25b621a180ed13b55b48c86313dc2e9e715f43b2dc74f1bc2fecbd3a2e8d0250697bb50632de5e70f9b2cec1f354c108000340000000050c000640000000000000000413000800a03f660df2aa3ca1fefee298ccb802003c0008001d5dfaea1b2559dca2addcd0e9d693ccdb0acd4d761d41e0967b50d0ba7ed6c85e0468dc6426e3202fb066b3adbaaf093469c317d19575761c000000120aaa4a00000000000000000b0000050800034000000001140000001100010000000000000000000000000a"], 0xcd0}, 0x1, 0x0, 0x0, 0x4008004}, 0x40004)
r7 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f00000002c0))
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r7, 0x4002f516, &(0x7f0000000300)={0xf8, 0x40})
sendmsg$key(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="01000000000000000000700000000000"], 0x10}}, 0x0)
r8 = open(&(0x7f0000000180)='./file0\x00', 0x10000, 0x0)
lseek(r8, 0x7ff, 0x1)
getdents64(r8, 0x0, 0x10)

1m42.538445125s ago: executing program 4 (id=1953):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
mlock2(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x0)

1m41.728157727s ago: executing program 4 (id=1956):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x8, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000010140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100100000000000000011"], 0x58}}, 0x0)

1m41.177012716s ago: executing program 33 (id=1956):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x8, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000010140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100100000000000000011"], 0x58}}, 0x0)

1m22.812658431s ago: executing program 0 (id=2067):
r0 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xd, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
close(r0)

1m22.524316637s ago: executing program 0 (id=2069):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x60b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000010000000f00000008"], 0x2c}, 0x1, 0x0, 0x0, 0x20004000}, 0x80)
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d88a8", 0x36, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14)

1m21.325837702s ago: executing program 0 (id=2073):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='pagemap\x00')
pread64(r1, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)

1m21.092266223s ago: executing program 0 (id=2074):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f0000000000), 0xff, 0x4a7, &(0x7f0000000280)="$eJzs3M9rHFUcAPDv7OZHfyfWWm1tdbWKxR9Jk1btwYOKggcFQQ/1GJO01mwbaSLYEjQVqUcpeBePgn+BNy+iHkTwquBRCkWD0NRTZHZm2s1mkyZpkm2znw9s9r35se99Z+btvpmXmQDaViX9k0TsiIjfI6Iny85foJK9zc5MDV+fmRpOYm7urb+T2nLXZqaGi0WL9bbnmcOliNJnSbyYLCx34vyFsaFqdfRcnu+fPPNB/8T5C8+cPjN0avTU6NnB48ePHR14/rnBZ9ckzjSua/s/Hj+w77V3Lr8xfOLyuz99m1Zr78Fsfn0ct3S9SUBNVNKt9s9cTeO8x1dQ97vBzrp00tHCirAi5YhId1dnrf33RDlu7ryeePXTllYOWFfpb1P34rOn54BNLIlW1wBojeKHPj3/LV4b1PW4I1x9KaIrT8/OTA3P3oi/I0r59M51LL8SESem//sqfcVKr0MAAKxCrW/zdLP+Xyn21t6zsY5d+RhKb0TcExG7I+LeiNgTEfdF1Ja9PyIeyFae61lm+ZWG/ML+T+lK0zqvkbT/90Jd32+2Lv78rbec53bW4u9MTp6ujh7Jt8nh6OxO8wNLlPH9K799sdi8+v5f+krLL/qCeQWudDRcoBsZmhxaq41w9WLE/o5m8Sc3RgLSI2BfROxf2UfvKhKnn/zmwGIL3Tr+JazBONPc1xFPZPt/OhriLyRLj0/2b4nq6JH+4qhY6OdfL72ZJ7sa591W/Gsg3f/b5h//+ZyL+XvPv0k2XtsZ1erouYmVl3Hpj88XPadZ7fHflbxdG7P+5b1s2kdDk5PnBiK6ktdr+WJD16YP3ly3yBfLp/EfPtS8/e/O10njfzAi0oP4YEQ8FBEP53V/JCIejYhDS8T/48uPvb9E/Ekk0dL9P9L0++/G8d+b1I/XryJRHvvhu/zTtiyMv5i01P4/FtO179pM7fvvFpZbwdvcfAAAAHBXKEXEjkhKfVm6siNKpb6+7H/498S2UnV8YvKpk+Mfnh3J7hHojc5ScaWrp+566EAynX9ilh/MrxUX84/m142/LG+t5fuGx6sjLY4d2t32+e0/ivaf+qvc6toB6879WtC+Gtt/qUX1ADbecn7/nQvA5tSk/W9tRT2Ajef8H9pXs/b/SUNe/x82p4Xt/88mj6wDNiP9f2hf2j+0L+0f2tJy7+LviojuiFj1QwDmJYqbBVa6evFFdWFsy7Lv8L/zEpV1+eTiiRfrWfmtcXNKlO6IjbmBifJYd8tKT1vMxhba5GE1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd6H/AwAA///g6dxC")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write(r0, &(0x7f0000000180)="7e7226ce9b4d692092ffa2b579f0ff5793012c9738a9be19ff3e69a683a0a1bbace0dc3853c661a4e1019e7a1f3af60350126cb99c5f3ace6f5616c00e0fb30b2832398fed6233b8632a001dd0a846cbb8a5d77e3208db486b055edb6ae7917f07ccf4b6811be57047aa17799359e733ec395940d1feb7a9ec2ddadb1ff61070c9c00f9db8e47f74a5271fa77b6e692e6ac97aaae883e5522f8e86c2403aec0ff8dee1cba5d40f0969470b9a2a95f6f22f9d4250809400ea8403a6540948", 0xfffffec6)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
gettid()

1m19.608016595s ago: executing program 0 (id=2084):
syz_read_part_table(0x63a, &(0x7f0000000640)="$eJzs0z+IXFUbB+DfvXdn7ky+XSZ8pBAjZgtrC7eJxZIs+AexSFC0sLGyE4uAhYXMLAloJ4IgFpomoFgYBLWKaCG7YiHGKlhJWGxFEG0CV+6Zmd0gosIGo+F52L33nnPec85757w3/KcN57fqoGdy7wd9q5tOk9lKMlj0X29HmSVd13XzjvXkqfefeOjJx9u8ubqcvV6Vx2FZcNzP7f9PPlsGm4NduskDV7Myzmx214ff7jb7OVypkxPJqZvTKqM/pXn70vdVLh7/q1d6JUfKfe2PBsejv//b8O93eXNncr7u2rW1UsulWB+sZmVsr2vSTatqsKzypY3Pksxuyf7NskqrKtcefXnvvqsn+xzqNsnuZB7TLoN/KMW3vWiV76ja//Sm5TorX0zzQvaD+rDtgw1P95ePq9Vbkj2HVervwrnh5yvlZK5dPHa9qur051enzvT1wa9dt70okhvdKDmxniN1qZv2dicPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcUVaSDPdbX2VjnPHx1+rTqavkm9K5kfYgvknydbVovNEeev/LmzuT8xfOjdMuFh0MB8ux3UHOvFPSO5r0w3X5y3aS0dMlZHjoBLityvn3p/jS5i+Lg1/N/LTz/+++GC/jfh6OpsdeLM1ZMlp2f3TTUtWpUs1ZTu/NC/R/i1bXlJmKBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADubA8/8tj62a26TVJVo0lSH720U0Zm5dp1Te7+9Jn3nv9ya7T7XHKm/STJjer365xt5/crddrck9y/0reG2Xs1efet/rnZj636Zbd+/IfekD/zWwAAAP//HUJmeQ==")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1m14.424927193s ago: executing program 0 (id=2101):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

1m13.770945891s ago: executing program 34 (id=2101):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

4.080259819s ago: executing program 6 (id=2598):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000000000)=0xfffffffe, 0x4)

3.900109145s ago: executing program 6 (id=2601):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
getegid()
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100))
fstat(r1, &(0x7f00000002c0))
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast1, 0x2, 0x0, 0x0, 0x0, 0x2}, {0x10000, 0x3, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffff7}, {0x0, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@empty, 0x2, 0x6c}, 0xa, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}, @TCA_CAKE_AUTORATE={0x8, 0x9, 0xa}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x6000)
setresuid(0xee01, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100))
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
lstat(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940))
getuid()

3.817976422s ago: executing program 2 (id=2603):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2000000000, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000680)={0x15, 0x110, 0xfa08, {r1, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x41}}, @in={0x2, 0x4e24, @remote}}}, 0x118)

3.672210695s ago: executing program 2 (id=2604):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, 0x0, &(0x7f0000000400)=""/198}, 0x20)

3.592060352s ago: executing program 2 (id=2606):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip_mr_vif\x00')
pread64(r0, &(0x7f0000004380)=""/246, 0xf6, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
unshare(0x22020400)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/11], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r5, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x9, 0x0, &(0x7f0000000000)="daf9e846ab156efc71", 0x0}, 0x50)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000180)=0x10000, 0x4)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

3.146074952s ago: executing program 6 (id=2609):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x6}]}, 0x10)

2.964175808s ago: executing program 6 (id=2611):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
readahead(0xffffffffffffffff, 0x81, 0x7)

2.867460736s ago: executing program 6 (id=2613):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'veth0_to_batadv\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'ip6tnl0\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x0, @empty, 'netpci0\x00'}}, 0x1e)

2.82950881s ago: executing program 5 (id=2614):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r0, &(0x7f0000000000)={0x23, 0x0, 0x0, 0x1}, 0x10)

2.580090472s ago: executing program 6 (id=2615):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000540)={'\x00', 0x8800, 0x7528, 0x5cc, 0x7ffe, 0x9})
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

2.579697182s ago: executing program 5 (id=2616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001c000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x2210000, &(0x7f0000000180)={[{@dioread_lock}, {@resgid}, {@abort}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@nobarrier}, {@grpid}, {@jqfmt_vfsv0}]}, 0xfc, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
truncate(&(0x7f00000000c0)='./file1\x00', 0x8008)
fallocate(r2, 0x10, 0x800, 0x8000)

2.251401831s ago: executing program 1 (id=2618):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x20020003, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x4f)

2.117609393s ago: executing program 5 (id=2619):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x2fc, 0xec, 0x0, 0x7, 0x0})

1.892094103s ago: executing program 1 (id=2620):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x7f8404caeb85699d}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x2}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x48051}, 0x40)

1.827142499s ago: executing program 5 (id=2621):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x3, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r0, &(0x7f0000000240)='\x00', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x7, 0x84, 0x2, 0x5, 0x5, 0xfd, 0x0, 0x0, 0xfd, 0x2, 0x3, 0x0, 0x2}, 0xe)
recvmmsg(r0, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000002640)=[{&(0x7f00000025c0)=""/83, 0x53}], 0x1}, 0x800}], 0x1, 0x40000002, 0x0)

1.711086029s ago: executing program 1 (id=2622):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r0, 0x7}}, 0x48)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000200)=0x1, r2, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x6, @empty, 0x20000003}, r2}}, 0x30)

1.524087925s ago: executing program 1 (id=2623):
r0 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r2}, &(0x7f0000000400), &(0x7f0000000680)}, 0x20)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r4}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.523798675s ago: executing program 2 (id=2624):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
write$P9_RMKNOD(r0, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c)

1.375320589s ago: executing program 1 (id=2625):
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
fchdir(0xffffffffffffffff)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)

285.462655ms ago: executing program 2 (id=2626):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000580)=0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')

285.023655ms ago: executing program 5 (id=2627):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="280000001800010000000000000000000a00000008000000e00000020c0008800800", @ANYRES32], 0x28}}, 0x0)

195.739453ms ago: executing program 1 (id=2628):
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x1c9482, 0x0)
r0 = syz_io_uring_setup(0x504b, &(0x7f0000000300)={0x0, 0x9cae, 0x80, 0x5, 0xd6}, 0x0, &(0x7f00000000c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec5, 0x0, 0x0, 0x0, 0x200}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0xfffffffffffffe31)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r3)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r4, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x22, &(0x7f0000000380)={&(0x7f0000003000)}, 0x1)
syz_emit_ethernet(0x7e, &(0x7f0000000500)=ANY=[@ANYBLOB="617e71b72b5f1780c202090088ce5cd3b39e385f1e86b7770d110971e475c8f816cc7208b5002f0008060001080006000009aaaaaaaaaabb7f000001bbbbbbbbbbbbac14140b000000000000"], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000002600000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r7, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x4000)
close(r7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x20442)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r8, 0xc0505405, &(0x7f0000000040)={{0x3, 0x0, 0x0, 0x0, 0x91}, 0x0, 0x10008, 0x5})
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0x4, 0x18}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0x0, 0xefc9, 0x18}, 0xc)
wait4(0x0, &(0x7f0000000000), 0x8, &(0x7f0000000040))

76.103433ms ago: executing program 2 (id=2629):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
unshare(0x8000000)
semtimedop(0x0, 0x0, 0x0, 0x0)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
r6 = socket(0x1a, 0x6, 0x8)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r7, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000a00)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r6, 0x0, 0x80d0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0x1a2)
r9 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r9, 0x4c0a, &(0x7f0000001600)={r8, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
getsockopt$llc_int(r8, 0x10c, 0x1, 0x0, &(0x7f0000000b40))
setns(r5, 0x8020000)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="090200000000"], 0x38}}, 0x0)
sendmsg$OSF_MSG_REMOVE(r1, &(0x7f0000000840)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000800)={&(0x7f00000000c0)={0x710, 0x1, 0x5, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [{{0x254, 0x1, {{0x3, 0x8}, 0x5, 0x4, 0xffff, 0x4, 0xe, 'syz1\x00', "f40348e1e9da12b209819a39d0c74184011a549e11b03d612e7be0b26e5f72c4", "9594ee962d1a23962b57600bf81dc79dd15378b0e8ccdaa848f81b419bc901bf", [{0x0, 0xfffd, {0x2, 0x800}}, {0x9, 0x6, {0x1, 0x40}}, {0x0, 0x5, {0x2, 0x9}}, {0x7, 0x0, {0x3, 0x2}}, {0xac, 0x8, {0x0, 0x7}}, {0x2, 0x8000}, {0x4, 0xe, {0x0, 0x7}}, {0x8, 0x3, {0x0, 0x7fff}}, {0x5, 0x1, {0x2, 0x8}}, {0x800, 0x5, {0x3, 0x7f}}, {0x7, 0xb, {0x1, 0x7f}}, {0x8, 0x8000, {0x0, 0x7e}}, {0x5, 0x4, {0x3, 0x1}}, {0x7, 0x4, {0x2, 0x10}}, {0xc3ae, 0x3, {0x3, 0x6}}, {0x9, 0x2b, {0x3, 0x241}}, {0x7f, 0x5, {0x1, 0x2}}, {0x31a, 0x2, {0x3, 0x5}}, {0x100, 0x0, {0x1, 0x40000000}}, {0xfffb, 0x62, {0x0, 0x80000001}}, {0x7, 0x159c, {0x3, 0x8}}, {0x8120, 0x7, {0x1, 0x22}}, {0x8, 0x9, {0x3, 0x6}}, {0x1ff, 0x8, {0x2, 0xfffffffd}}, {0x2, 0x3, {0x0, 0x2}}, {0x81, 0x0, {0x1, 0x1}}, {0x2, 0x2, {0x0, 0x6}}, {0x80, 0x9448, {0x0, 0xbd5}}, {0x5, 0x401, {0x3, 0x3}}, {0x9, 0xfffa, {0x0, 0x3}}, {0x8, 0x6, {0x2, 0x8}}, {0x8, 0x1090, {0x2, 0x5}}, {0x0, 0x8, {0x0, 0x9}}, {0xfff7, 0x8, {0x3, 0xfffffff2}}, {0x8, 0x1, {0x1, 0x4}}, {0x5, 0x1, {0x1, 0x4d24}}, {0x6, 0x4, {0x1, 0xf7}}, {0x3, 0x3, {0x2, 0x5}}, {0x64, 0x8, {0x1, 0x400}}, {0x2, 0x3, {0x0, 0x7fff}}]}}}, {{0x254, 0x1, {{0x3, 0x7}, 0x0, 0x30, 0x3, 0x7fff, 0x25, 'syz0\x00', "783389600ad35a883769b887fb7232cc01bc3051afca2d8c023ec24df0dceb0e", "4bd392f920e266bd533772b46e83ab4dd389fbabe512ec913b8cbaba61c9597f", [{0xd9, 0x8, {0x1, 0x189}}, {0x32c7, 0x7, {0x1, 0x10000}}, {0x1, 0x7fff, {0x3, 0x5}}, {0xc, 0x1, {0x1, 0x2}}, {0x7, 0xfff5, {0x0, 0x1}}, {0xfff8, 0x1, {0x0, 0x6}}, {0xb, 0x0, {0x1, 0xec10}}, {0x800, 0x5, {0x2, 0x4}}, {0x2, 0x9, {0x1, 0x6}}, {0x8, 0x7, {0x3, 0x7}}, {0xd0, 0x0, {0x3, 0xc72}}, {0x5, 0x6, {0x1, 0x4}}, {0x3, 0xfff, {0x1, 0x3}}, {0x96, 0x2, {0x1, 0x4a78}}, {0x7, 0x6, {0x1, 0x3ff}}, {0x5, 0x5, {0x0, 0x572}}, {0x3, 0x8000, {0x0, 0xb}}, {0x2, 0x0, {0x1, 0x100}}, {0x10, 0x200, {0x1, 0x9}}, {0x7, 0x2, {0x2, 0x2}}, {0xfff7, 0x6, {0x2, 0x9}}, {0xdfd, 0x261, {0x3, 0x8}}, {0x5, 0xfffb, {0x1, 0x8001}}, {0x20ef, 0xa, {0x1, 0x4}}, {0x3, 0x3, {0x0, 0x2}}, {0x5, 0x800, {0x2, 0x7f}}, {0x0, 0x3, {0x0, 0x7ff}}, {0x3, 0x7, {0x3, 0x8}}, {0x0, 0x5, {0x1, 0x400}}, {0x6, 0x2, {0x1, 0x300000}}, {0x3ff, 0x4, {0x1, 0x7}}, {0x0, 0x0, {0x2, 0x9}}, {0x958, 0x2, {0x1, 0xd5c}}, {0x4, 0x3, {0x2, 0x2}}, {0x7912, 0x84, {0x2, 0x6}}, {0x7, 0x8, {0x0, 0x72b}}, {0x0, 0x6, {0x0, 0xa}}, {0xf, 0x5, {0x2, 0x5}}, {0x8, 0x8, {0x3, 0x1ff}}, {0x8001, 0xe, {0x3, 0xfffffa2d}}]}}}, {{0x254, 0x1, {{0x2, 0x3}, 0xe, 0x4, 0x7fff, 0xfff, 0x16, 'syz1\x00', "5f9b68fc2d4a0d386f4a3084e8691f6b1b181ed923f0b7368040ada816a070e9", "503adbd4fe7212f334ba0a7f2d1ea1c02549125f528472b7682db376cbc87d13", [{0x9, 0x6, {0x1, 0x9b}}, {0x3, 0xed, {0x2, 0x40}}, {0xfffb, 0x1, {0x2}}, {0x0, 0x101, {0x2, 0xa27}}, {0x7, 0x6550, {0x3, 0x1}}, {0x4000, 0xa0ca, {0x0, 0x46f}}, {0x1000, 0x0, {0x1, 0x3}}, {0x66, 0xc, {0x1, 0x4}}, {0x40, 0x6, {0x1, 0xa00000}}, {0x2, 0x9, {0x2, 0xfffffffa}}, {0x1, 0x8, {0x7, 0x9}}, {0x4, 0x800, {0x0, 0xae71}}, {0x9, 0x800, {0x3, 0xc435}}, {0x9, 0x871, {0x0, 0x4}}, {0xe, 0x9, {0x3, 0x80}}, {0x401, 0x8, {0x1, 0x4}}, {0xb7e, 0x1, {0x1, 0xf}}, {0x6, 0x3, {0x0, 0x3}}, {0x7ac, 0x9, {0x2, 0x8}}, {0x400, 0x71, {0x0, 0x1}}, {0x1, 0xb, {0x0, 0x3}}, {0x6, 0x0, {0x3, 0x3}}, {0x9, 0x1ff, {0x0, 0x80000000}}, {0x9, 0x6, {0x0, 0xfffffffe}}, {0xf, 0x4, {0x3}}, {0x3ff, 0xfffe, {0x1, 0x100}}, {0x0, 0x0, {0x3, 0xffffffc0}}, {0x7, 0xfffb, {0x1, 0x48}}, {0x8, 0x81, {0x1, 0x7fffffff}}, {0x8, 0x7, {0x2, 0x3}}, {0x1000, 0xa6, {0x1, 0x6}}, {0x0, 0xffff, {0x1, 0xc}}, {0xc, 0x57, {0x0, 0x8c9}}, {0x0, 0x0, {0x0, 0xd9fa}}, {0x2, 0x9, {0x1, 0x6}}, {0x3, 0x721, {0x0, 0x5}}, {0x1c, 0x70, {0x1, 0x2}}, {0x0, 0x5f94, {0x3, 0x6}}, {0x80, 0x0, {0x0, 0x100}}, {0x8, 0x5d9f, {0x1, 0x1}}]}}}]}, 0x710}}, 0x20000000)
r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
ioctl$SG_GET_SCSI_ID(r10, 0x2276, &(0x7f0000000040))
timerfd_create(0x9, 0x0)

0s ago: executing program 5 (id=2630):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a0b04000000000000000002000004040004800900010073797a30000000000900020073797a32"], 0x60}}, 0x0)

kernel console output (not intermixed with test programs):

7295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  288.993455][   T28] audit: type=1326 audit(1767851777.113:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  289.096891][   T28] audit: type=1326 audit(1767851777.113:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  289.202138][   T28] audit: type=1326 audit(1767851777.113:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  289.337398][   T28] audit: type=1326 audit(1767851777.153:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  289.368170][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1813'.
[  289.408614][T10714] ip6gre1: entered allmulticast mode
[  289.446735][   T28] audit: type=1326 audit(1767851777.153:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  289.512886][T10717] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1814'.
[  289.585034][   T28] audit: type=1326 audit(1767851777.153:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.2.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  290.029104][T10725] veth0_to_team: entered promiscuous mode
[  291.226867][T10747] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1828'.
[  291.480408][T10756] loop4: detected capacity change from 0 to 512
[  291.536747][T10756] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  291.617544][T10756] EXT4-fs (loop4): mount failed
[  291.734270][T10671] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  292.017153][  T138] Bluetooth: hci4: Frame reassembly failed (-84)
[  292.413444][T10783] loop0: detected capacity change from 0 to 512
[  292.480499][T10783] EXT4-fs (loop0): 1 orphan inode deleted
[  292.495566][  T138] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u4:5: Failed to release dquot type 1
[  292.507516][T10783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.509387][T10783] ext4 filesystem being mounted at /460/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.604914][T10790] tmpfs: Unknown parameter 'm'
[  292.682841][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.808239][T10797] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1846'.
[  292.967230][T10804] netlink: 'syz.2.1849': attribute type 3 has an invalid length.
[  293.786166][T10827] loop0: detected capacity change from 0 to 256
[  294.050842][ T5768] Bluetooth: hci4: command 0x1003 tx timeout
[  294.059420][ T5777] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  294.367620][T10835] loop0: detected capacity change from 0 to 128
[  294.402192][T10835] FAT-fs (loop0): Unrecognized mount option "errors=ue" or missing value
[  294.563282][T10842] loop4: detected capacity change from 0 to 1024
[  294.621057][T10842] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  294.694319][T10842] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.1862: Invalid block bitmap block 0 in block_group 0
[  294.760899][T10842] __quota_error: 52 callbacks suppressed
[  294.760920][T10842] Quota error (device loop4): write_blk: dquota write failed
[  294.811103][T10842] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  294.850262][T10842] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1862: Failed to acquire dquot type 0
[  294.871403][T10842] EXT4-fs error (device loop4): ext4_free_blocks:6676: comm syz.4.1862: Freeing blocks not in datazone - block = 0, count = 4096
[  294.904990][T10842] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1862: Invalid inode bitmap blk 0 in block_group 0
[  294.932824][ T3483] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-7
[  294.950701][ T3483] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u4:8: Failed to release dquot type 0
[  294.962575][T10842] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem
[  294.982236][T10842] EXT4-fs (loop4): 1 orphan inode deleted
[  294.989494][T10842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.126513][ T6500] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.328018][T10857] syzkaller0: entered promiscuous mode
[  295.335377][T10857] syzkaller0: entered allmulticast mode
[  295.569867][T10864] lo speed is unknown, defaulting to 1000
[  295.609649][T10864] wg1 speed is unknown, defaulting to 1000
[  296.338297][T10881] loop0: detected capacity change from 0 to 512
[  296.357835][T10881] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  296.389770][T10881] EXT4-fs (loop0): too many log groups per flexible block group
[  296.432133][T10881] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  296.455301][T10881] EXT4-fs (loop0): mount failed
[  296.812181][T10894] loop0: detected capacity change from 0 to 764
[  296.849537][T10894] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  296.883544][T10894] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1882'.
[  296.910473][T10897] loop4: detected capacity change from 0 to 512
[  296.939469][   T28] audit: type=1326 audit(1767851785.383:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  296.969357][   T28] audit: type=1326 audit(1767851785.383:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  296.981858][T10897] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  296.996289][   T28] audit: type=1326 audit(1767851785.383:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  297.027955][   T28] audit: type=1326 audit(1767851785.383:3367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  297.054046][T10897] EXT4-fs (loop4): orphan cleanup on readonly fs
[  297.094053][   T28] audit: type=1326 audit(1767851785.423:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  297.116561][   T28] audit: type=1326 audit(1767851785.423:3369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  297.123607][T10897] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4031: comm syz.4.1884: Allocating blocks 41-42 which overlap fs metadata
[  297.139157][   T28] audit: type=1326 audit(1767851785.423:3370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  297.198025][T10897] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4031: comm syz.4.1884: Allocating blocks 41-42 which overlap fs metadata
[  297.216941][T10897] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1884: Failed to acquire dquot type 1
[  297.229158][T10897] EXT4-fs error (device loop4): mb_free_blocks:1938: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  297.252299][T10897] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #12: comm syz.4.1884: corrupted inode contents
[  297.267985][T10897] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #12: comm syz.4.1884: mark_inode_dirty error
[  297.282660][T10897] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #12: comm syz.4.1884: corrupted inode contents
[  297.296048][T10897] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.1884: mark_inode_dirty error
[  297.309734][T10897] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #12: comm syz.4.1884: corrupted inode contents
[  297.325036][T10897] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  297.336377][T10897] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #12: comm syz.4.1884: corrupted inode contents
[  297.349487][T10897] EXT4-fs error (device loop4): ext4_truncate:4294: inode #12: comm syz.4.1884: mark_inode_dirty error
[  297.363114][T10897] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  297.374000][T10897] EXT4-fs (loop4): 1 truncate cleaned up
[  297.383136][T10897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.522009][T10897] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.638525][T10897] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.775520][T10897] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.939892][T10897] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.099231][T10897] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.162817][T10897] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.206290][T10897] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.212809][T10929] loop0: detected capacity change from 0 to 1024
[  298.241457][T10929] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  298.254665][T10897] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.275713][T10929] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  298.299383][T10929] JBD2: no valid journal superblock found
[  298.314303][T10929] EXT4-fs (loop0): Could not load journal inode
[  298.405953][ T6500] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.785221][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  299.785237][   T28] audit: type=1326 audit(1767851788.223:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.893128][   T28] audit: type=1326 audit(1767851788.233:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983508][   T28] audit: type=1326 audit(1767851788.263:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983566][   T28] audit: type=1326 audit(1767851788.263:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983611][   T28] audit: type=1326 audit(1767851788.263:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983655][   T28] audit: type=1326 audit(1767851788.263:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983700][   T28] audit: type=1326 audit(1767851788.263:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983744][   T28] audit: type=1326 audit(1767851788.263:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983788][   T28] audit: type=1326 audit(1767851788.263:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  299.983834][   T28] audit: type=1326 audit(1767851788.273:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10946 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  301.261448][T10979] loop4: detected capacity change from 0 to 1024
[  301.269133][T10979] EXT4-fs: Ignoring removed bh option
[  301.311960][T10979] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  301.412877][T10979] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.528178][T10989] usb usb1: usbfs: process 10989 (syz.0.1921) did not claim interface 0 before use
[  302.093023][T11004] lo speed is unknown, defaulting to 1000
[  302.113845][T11004] wg1 speed is unknown, defaulting to 1000
[  303.204426][T11024] loop0: detected capacity change from 0 to 512
[  303.225935][T11024] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  303.264645][T11024] EXT4-fs (loop0): 1 truncate cleaned up
[  303.274686][T11024] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.382066][T11033] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1938'.
[  303.423249][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.491377][T11035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1940'.
[  304.122858][T11060] tc_dump_action: action bad kind
[  304.371601][ T6500] EXT4-fs error (device loop4): ext4_read_inline_dir:1573: inode #12: block 7: comm syz-executor: path /343/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  304.392117][T11063] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1952'.
[  304.397250][ T6500] EXT4-fs (loop4): Remounting filesystem read-only
[  304.790490][  T138] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.904835][  T138] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.057360][  T138] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.082400][ T6500] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.224358][  T138] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.848309][T11082] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1960'.
[  306.191914][T11087] loop0: detected capacity change from 0 to 512
[  306.244677][T11087] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #3: comm syz.0.1959: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  306.360783][T11087] EXT4-fs error (device loop0): ext4_quota_enable:7127: comm syz.0.1959: Bad quota inode: 3, type: 0
[  306.393477][T11087] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  306.453534][T11087] EXT4-fs (loop0): mount failed
[  306.892797][ T5768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  306.904160][ T5768] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  306.918335][ T5768] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  306.930041][T11115] loop0: detected capacity change from 0 to 512
[  306.945606][ T5768] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  306.961242][T11115] EXT4-fs: Ignoring removed oldalloc option
[  306.967721][T11115] EXT4-fs: Ignoring removed i_version option
[  306.967808][ T5768] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  306.984486][T11115] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.984529][ T5768] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  307.043686][T11115] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  307.111345][T11115] EXT4-fs (loop0): 1 truncate cleaned up
[  307.118634][T11115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.139409][   T28] kauditd_printk_skb: 48 callbacks suppressed
[  307.139424][   T28] audit: type=1800 audit(1767851795.583:3429): pid=11115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1966" name="bus" dev="loop0" ino=18 res=0 errno=0
[  307.320263][T11110] lo speed is unknown, defaulting to 1000
[  307.438218][T11110] wg1 speed is unknown, defaulting to 1000
[  307.688081][T11130] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1970'.
[  307.701465][  T138] IPVS: stopping backup sync thread 7276 ...
[  307.855818][T11137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1971'.
[  307.942081][T11141] Invalid ELF header magic: != ELF
[  308.598804][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.737793][T11153] xt_policy: too many policy elements
[  308.749524][T11153] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1972'.
[  309.094204][ T5768] Bluetooth: hci3: command tx timeout
[  309.341965][  T138] hsr_slave_0: left promiscuous mode
[  309.412173][  T138] hsr_slave_1: left promiscuous mode
[  309.462803][  T138] bridge_slave_1: left allmulticast mode
[  309.468526][  T138] bridge_slave_1: left promiscuous mode
[  309.490594][  T138] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.532681][  T138] bridge_slave_0: left allmulticast mode
[  309.538754][  T138] bridge_slave_0: left promiscuous mode
[  309.553947][  T138] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.644112][  T138] veth1_vlan: left promiscuous mode
[  309.683259][  T138] veth0_vlan: left promiscuous mode
[  310.052294][   T28] audit: type=1326 audit(1767851798.473:3430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.105719][   T28] audit: type=1326 audit(1767851798.473:3431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.141261][   T28] audit: type=1326 audit(1767851798.473:3432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.192178][   T28] audit: type=1326 audit(1767851798.473:3433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.233643][   T28] audit: type=1326 audit(1767851798.473:3434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.277256][   T28] audit: type=1326 audit(1767851798.473:3435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  310.717091][T11187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1986'.
[  310.988948][  T138] team0 (unregistering): Port device team_slave_1 removed
[  311.047339][  T138] team0 (unregistering): Port device team_slave_0 removed
[  311.106170][  T138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  311.166878][  T138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  311.175717][ T5768] Bluetooth: hci3: command tx timeout
[  311.829377][  T138] bond0 (unregistering): Released all slaves
[  311.944735][T11165] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1977'.
[  311.988762][    T8] wg1 speed is unknown, defaulting to 1000
[  311.995844][   T23] lo speed is unknown, defaulting to 1000
[  312.007559][T11174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1977'.
[  312.067231][T11193] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1989'.
[  312.077279][T11193] ipvlan1: entered allmulticast mode
[  312.082700][T11193] veth0_vlan: entered allmulticast mode
[  312.096085][T11110] chnl_net:caif_netlink_parms(): no params data found
[  312.375730][T11201] loop0: detected capacity change from 0 to 512
[  312.422337][T11110] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.437147][T11110] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.446637][T11110] bridge_slave_0: entered allmulticast mode
[  312.466793][T11110] bridge_slave_0: entered promiscuous mode
[  312.473204][T11201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.502772][T11110] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.509993][T11110] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.530207][T11201] ext4 filesystem being mounted at /499/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.538282][T11110] bridge_slave_1: entered allmulticast mode
[  312.548496][T11110] bridge_slave_1: entered promiscuous mode
[  312.667932][T11110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.699140][T11110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.921337][T11110] team0: Port device team_slave_0 added
[  312.934444][T11201] EXT4-fs error (device loop0): ext4_xattr_block_get:600: inode #15: comm syz.0.1991: corrupted xattr block 33: invalid header
[  312.960316][T11110] team0: Port device team_slave_1 added
[  312.996817][T11201] EXT4-fs error (device loop0): ext4_get_inode_usage:905: inode #15: comm syz.0.1991: corrupted xattr block 33: invalid header
[  313.095292][T11110] batman_adv: batadv0: Adding interface: batadv_slave_0
[  313.115416][T11110] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.156435][T11110] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.170484][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.250926][ T5768] Bluetooth: hci3: command tx timeout
[  313.277323][T11110] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.285151][T11110] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.311764][T11110] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  313.480199][T11110] hsr_slave_0: entered promiscuous mode
[  313.515772][T11110] hsr_slave_1: entered promiscuous mode
[  314.051673][T11246] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2000'.
[  314.071356][T11250] netlink: 'syz.0.2001': attribute type 6 has an invalid length.
[  314.275170][T11110] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  314.308996][T11110] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  314.344359][T11110] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  314.373457][   T28] audit: type=1326 audit(1767851802.823:3436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm="syz.1.2004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.375561][T11110] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  314.454573][   T28] audit: type=1326 audit(1767851802.823:3437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm="syz.1.2004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.499763][   T28] audit: type=1326 audit(1767851802.873:3438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm="syz.1.2004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.525345][   T28] audit: type=1326 audit(1767851802.873:3439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.552124][   T28] audit: type=1326 audit(1767851802.873:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.621686][   T28] audit: type=1326 audit(1767851802.883:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.702203][   T28] audit: type=1326 audit(1767851802.883:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.772086][   T28] audit: type=1326 audit(1767851802.883:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.859175][   T28] audit: type=1326 audit(1767851802.883:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  314.927325][T11110] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.937029][   T28] audit: type=1326 audit(1767851802.883:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11261 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  315.032198][T11110] 8021q: adding VLAN 0 to HW filter on device team0
[  315.104085][  T138] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.111351][  T138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.152362][  T138] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.159609][  T138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.332057][ T5768] Bluetooth: hci3: command tx timeout
[  315.691597][T11308] serio: Serial port ttyS3
[  316.052245][T11110] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.112267][T11319] syz.0.2018[11319] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.112427][T11319] syz.0.2018[11319] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.515223][T11330] loop0: detected capacity change from 0 to 1024
[  316.684366][T11330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.848932][T11110] veth0_vlan: entered promiscuous mode
[  316.916037][T11110] veth1_vlan: entered promiscuous mode
[  316.945069][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.953426][T11345] netlink: 'syz.2.2023': attribute type 4 has an invalid length.
[  317.005718][T11347] netlink: 'syz.2.2023': attribute type 4 has an invalid length.
[  317.107116][T11110] veth0_macvtap: entered promiscuous mode
[  317.142147][T11110] veth1_macvtap: entered promiscuous mode
[  317.193068][T11110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  317.230728][T11110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  317.272894][T11110] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.314256][T11110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  317.348893][T11110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  317.385720][T11110] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.427631][T11110] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.453929][T11110] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.465209][T11110] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.476888][T11110] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.628958][T11354] netlink: 'syz.2.2025': attribute type 4 has an invalid length.
[  317.691254][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.697766][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.739399][T11353] netlink: 'syz.2.2025': attribute type 4 has an invalid length.
[  317.763600][T11362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2027'.
[  317.938430][T11362] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2027'.
[  318.798414][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.811764][T11370] syz.2.2029[11370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.811913][T11370] syz.2.2029[11370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.832679][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.890723][  T138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.909067][  T138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.935114][T11372] loop0: detected capacity change from 0 to 1024
[  318.952836][T11372] EXT4-fs: Ignoring removed mblk_io_submit option
[  319.007195][T11372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.279673][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.450692][   T28] kauditd_printk_skb: 74 callbacks suppressed
[  319.450710][   T28] audit: type=1326 audit(1767851807.893:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0a4c78f7d7 code=0x7ffc0000
[  319.519260][   T28] audit: type=1326 audit(1767851807.923:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a4c78df90 code=0x7ffc0000
[  319.598484][   T28] audit: type=1326 audit(1767851807.933:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0a4c78e3aa code=0x7ffc0000
[  319.620300][T11397] loop5: detected capacity change from 0 to 512
[  319.694058][   T28] audit: type=1326 audit(1767851807.943:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  319.729720][T11397] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  319.741572][   T28] audit: type=1326 audit(1767851807.943:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  319.823457][   T28] audit: type=1326 audit(1767851807.953:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  319.828513][T11397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.929907][   T28] audit: type=1326 audit(1767851807.953:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  320.012802][T11397] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  320.034008][   T28] audit: type=1326 audit(1767851807.953:3527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  320.194886][   T28] audit: type=1326 audit(1767851808.643:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  320.247353][T11406] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2035'.
[  320.264314][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.275959][   T28] audit: type=1326 audit(1767851808.643:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.2.2029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4c78f749 code=0x7ffc0000
[  320.285629][T11406] ip6gre1: entered promiscuous mode
[  320.322650][T11406] ip6gre1: entered allmulticast mode
[  320.453906][T11406] IPVS: dh: FWM 3 0x00000003 - no destination available
[  321.371440][T11435] loop5: detected capacity change from 0 to 7
[  321.386743][T10671]  loop5:
[  321.393187][T10671] loop5: partition table partially beyond EOD, truncated
[  321.418138][T11435]  loop5:
[  321.460858][T11435] loop5: partition table partially beyond EOD, truncated
[  321.537299][ T5777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  321.570382][ T5777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  321.587373][ T5777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  321.634106][ T5777] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  321.645457][ T5777] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  321.656598][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  321.766823][   T42] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.778382][   T42] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.906986][   T42] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.953126][   T42] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.119952][T11454] loop0: detected capacity change from 0 to 512
[  322.147934][   T42] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  322.172878][T11454] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  322.178043][T11457] loop5: detected capacity change from 0 to 128
[  322.197911][   T42] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.203817][T11454] EXT4-fs (loop0): invalid journal inode
[  322.265819][T11457] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 323)
[  322.267098][T11454] EXT4-fs (loop0): can't get journal size
[  322.302700][T11457] FAT-fs (loop5): Filesystem has been set read-only
[  322.333486][T11454] EXT4-fs (loop0): 1 truncate cleaned up
[  322.377211][T11454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.408379][   T42] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  322.466391][   T42] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.603225][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.842822][T11476] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2054'.
[  322.978153][T11476] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2054'.
[  323.017388][T11481] xt_hashlimit: max too large, truncated to 1048576
[  323.040432][T11481] xt_CT: You must specify a L4 protocol and not use inversions on it
[  323.068870][T11440] chnl_net:caif_netlink_parms(): no params data found
[  323.248712][T11476] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2054'.
[  323.258618][   T42] tipc: Left network mode
[  323.602792][T11440] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.631600][T11440] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.638899][T11440] bridge_slave_0: entered allmulticast mode
[  323.673407][T11440] bridge_slave_0: entered promiscuous mode
[  323.735860][ T5777] Bluetooth: hci1: command tx timeout
[  323.798029][T11440] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.833860][T11440] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.862934][T11440] bridge_slave_1: entered allmulticast mode
[  323.870508][T11440] bridge_slave_1: entered promiscuous mode
[  324.235558][T11440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.276732][T11516] loop5: detected capacity change from 0 to 128
[  324.289786][T11440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.489789][T11516] loop5: detected capacity change from 0 to 4096
[  324.598909][T11516] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.638871][T11440] team0: Port device team_slave_0 added
[  324.742099][T11440] team0: Port device team_slave_1 added
[  324.784712][T11516] EXT4-fs (loop5): shut down requested (2)
[  324.910057][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.959407][T11440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.986165][T11440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.060697][T11440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.126956][T11534] loop5: detected capacity change from 0 to 512
[  325.199332][T11534] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.241006][T11534] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  325.322394][   T28] kauditd_printk_skb: 41 callbacks suppressed
[  325.322411][   T28] audit: type=1800 audit(1767851813.773:3571): pid=11534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2070" name="file1" dev="loop5" ino=15 res=0 errno=0
[  325.438573][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.604706][T11440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.633183][T11440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.715061][T11440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  325.811202][ T5777] Bluetooth: hci1: command tx timeout
[  325.861860][T11557] loop0: detected capacity change from 0 to 512
[  325.877193][T11557] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2074: inode has both inline data and extents flags
[  325.898211][T11557] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2074: couldn't read orphan inode 15 (err -117)
[  325.918100][T11557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.101544][T11563] loop0: detected capacity change from 512 to 64
[  326.125516][T11557] syz.0.2074: attempt to access beyond end of device
[  326.125516][T11557] loop0: rw=14337, sector=84, nr_sectors = 2 limit=64
[  326.161488][T11557] Buffer I/O error on dev loop0, logical block 42, lost sync page write
[  326.175867][T11557] EXT4-fs error (device loop0): ext4_splice_branch:472: inode #18: block 42: comm syz.0.2074: IO error syncing itable block
[  326.221511][T11557] EXT4-fs error (device loop0): ext4_check_bdev_write_error:225: comm syz.0.2074: Error while async write back metadata
[  326.279511][T11557] syz.0.2074: attempt to access beyond end of device
[  326.279511][T11557] loop0: rw=2051, sector=92, nr_sectors = 2 limit=64
[  326.348786][T11557] EXT4-fs (loop0): discard request in group:0 block:45 count:1 failed with -5
[  326.377260][T11557] syz.0.2074: attempt to access beyond end of device
[  326.377260][T11557] loop0: rw=3, sector=86, nr_sectors = 2 limit=64
[  326.387355][T11440] hsr_slave_0: entered promiscuous mode
[  326.418791][T11557] syz.0.2074: attempt to access beyond end of device
[  326.418791][T11557] loop0: rw=2051, sector=88, nr_sectors = 6 limit=64
[  326.435968][T11440] hsr_slave_1: entered promiscuous mode
[  326.453764][T11440] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  326.461679][T11440] Cannot create hsr debugfs directory
[  326.474249][T11557] EXT4-fs (loop0): discard request in group:0 block:42 count:4 failed with -5
[  326.497937][T11557] EXT4-fs error (device loop0): mb_free_blocks:1938: group 0, inode 18: block 46:freeing already freed block (bit 45); block bitmap corrupt.
[  326.527762][T11557] syz.0.2074: attempt to access beyond end of device
[  326.527762][T11557] loop0: rw=14337, sector=84, nr_sectors = 2 limit=64
[  326.548556][T11557] Buffer I/O error on dev loop0, logical block 42, lost sync page write
[  326.577181][T11557] EXT4-fs error (device loop0): ext4_free_data:985: inode #18: block 42: comm syz.0.2074: IO error syncing itable block
[  326.599433][T11557] EXT4-fs error (device loop0): ext4_check_bdev_write_error:225: comm syz.0.2074: Error while async write back metadata
[  326.626235][T11557] syz.0.2074: attempt to access beyond end of device
[  326.626235][T11557] loop0: rw=2049, sector=510, nr_sectors = 2 limit=64
[  326.647257][T11557] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 18 starting block 255)
[  326.673301][T11557] Buffer I/O error on device loop0, logical block 255
[  326.685485][T11557] syz.0.2074: attempt to access beyond end of device
[  326.685485][T11557] loop0: rw=2049, sector=506, nr_sectors = 4 limit=64
[  326.726274][T11557] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 18 starting block 253)
[  326.773387][T11557] Buffer I/O error on device loop0, logical block 253
[  326.780240][T11557] Buffer I/O error on device loop0, logical block 254
[  326.821014][T11557] syz.0.2074: attempt to access beyond end of device
[  326.821014][T11557] loop0: rw=2049, sector=74, nr_sectors = 8 limit=64
[  326.861274][T11557] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 18 starting block 37)
[  326.886049][T11557] Buffer I/O error on device loop0, logical block 37
[  326.895628][T11557] Buffer I/O error on device loop0, logical block 38
[  326.902374][T11557] Buffer I/O error on device loop0, logical block 39
[  326.909158][T11557] Buffer I/O error on device loop0, logical block 40
[  326.921547][T11557] syz.0.2074: attempt to access beyond end of device
[  326.921547][T11557] loop0: rw=2049, sector=498, nr_sectors = 8 limit=64
[  326.944772][T11557] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 18 starting block 249)
[  326.959125][T11557] Buffer I/O error on device loop0, logical block 249
[  327.031521][T11557] Buffer I/O error on device loop0, logical block 250
[  327.038376][T11557] Buffer I/O error on device loop0, logical block 251
[  327.066997][T11557] syz.0.2074: attempt to access beyond end of device
[  327.066997][T11557] loop0: rw=2049, sector=82, nr_sectors = 2 limit=64
[  327.086535][T11557] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 18 starting block 41)
[  327.223072][ T5765] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -12 reading directory block
[  327.410062][   T42] hsr_slave_0: left promiscuous mode
[  327.422312][   T42] hsr_slave_1: left promiscuous mode
[  327.441027][   T42] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  327.454445][T10825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.460727][   T42] batman_adv: batadv0: Removing interface: virt_wifi0
[  327.601666][   T42] veth1_macvtap: left promiscuous mode
[  327.607295][   T42] veth0_macvtap: left promiscuous mode
[  327.641519][   T42] veth1_vlan: left promiscuous mode
[  327.650863][   T42] veth0_vlan: left promiscuous mode
[  327.897808][ T5777] Bluetooth: hci1: command tx timeout
[  328.018285][ T5757] infiniband syb2: ib_query_port failed (-19)
[  328.343647][   T28] audit: type=1326 audit(1767851816.793:3572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.430746][   T28] audit: type=1326 audit(1767851816.793:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.480616][   T28] audit: type=1326 audit(1767851816.843:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.564739][   T28] audit: type=1326 audit(1767851816.843:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.618243][   T28] audit: type=1326 audit(1767851816.843:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.685879][   T28] audit: type=1326 audit(1767851816.843:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.770633][   T28] audit: type=1326 audit(1767851816.843:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.827698][   T28] audit: type=1326 audit(1767851816.843:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.880792][   T28] audit: type=1326 audit(1767851816.843:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  328.971283][   T42] bond1 (unregistering): (slave bond0): Releasing backup interface
[  328.992023][   T42] bond1 (unregistering): Released all slaves
[  329.978535][ T5777] Bluetooth: hci1: command tx timeout
[  330.470707][T11606] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  331.033445][T11618] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  331.127675][T11620] loop5: detected capacity change from 0 to 512
[  331.195810][T11620] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.2095: inode has both inline data and extents flags
[  331.245470][T11620] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2095: couldn't read orphan inode 15 (err -117)
[  331.307438][T11620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.795162][   T42] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  331.804523][   T42] bond0 (unregistering): Released all slaves
[  331.855155][T11631] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  332.908370][   T42] IPVS: stop unused estimator thread 0...
[  333.093395][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.259908][T11652] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 5
[  334.353921][T11440] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  334.418927][T11440] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  334.451582][T11440] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  334.490679][T11440] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  334.539817][T11660] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  334.665088][ T5768] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  334.679800][ T5768] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  334.689351][ T5768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  334.699790][ T5768] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  334.707911][ T5768] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  334.719201][ T5768] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  334.953812][T11440] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.994521][T11679] bond1: entered promiscuous mode
[  335.007428][T11679] 8021q: adding VLAN 0 to HW filter on device bond1
[  335.016387][T11679] team0: Port device bond1 added
[  335.097106][   T28] kauditd_printk_skb: 28 callbacks suppressed
[  335.097123][   T28] audit: type=1326 audit(1767851823.543:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.138856][   T28] audit: type=1326 audit(1767851823.583:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.163095][   T28] audit: type=1326 audit(1767851823.583:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.172525][T11440] 8021q: adding VLAN 0 to HW filter on device team0
[  335.185903][   T28] audit: type=1326 audit(1767851823.583:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.215253][   T28] audit: type=1326 audit(1767851823.583:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.257513][   T28] audit: type=1326 audit(1767851823.693:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.320273][   T28] audit: type=1326 audit(1767851823.693:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.5.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  335.395300][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.402615][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.441676][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.448889][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.468094][T11695] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  335.476255][T11695] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  335.546080][T11669] chnl_net:caif_netlink_parms(): no params data found
[  335.659794][T11700] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2115'.
[  335.785959][T11440] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  335.796976][T11440] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  335.871985][T11669] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.894129][T11669] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.902180][T11669] bridge_slave_0: entered allmulticast mode
[  335.911369][T11669] bridge_slave_0: entered promiscuous mode
[  335.925708][T11669] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.936025][T11669] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.943431][T11669] bridge_slave_1: entered allmulticast mode
[  335.951564][T11669] bridge_slave_1: entered promiscuous mode
[  336.850344][ T5777] Bluetooth: hci0: command tx timeout
[  336.933695][T11669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.979416][T11669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.979667][T11716] netlink: 'syz.5.2118': attribute type 1 has an invalid length.
[  337.164789][T11669] team0: Port device team_slave_0 added
[  337.184791][T11720] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2119'.
[  337.224227][T11669] team0: Port device team_slave_1 added
[  337.347812][T11669] batman_adv: batadv0: Adding interface: batadv_slave_0
[  337.362422][T11669] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.396502][T11669] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  337.434970][T11669] batman_adv: batadv0: Adding interface: batadv_slave_1
[  337.442959][T11669] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.477944][T11669] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.535699][T11440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.669048][T11669] hsr_slave_0: entered promiscuous mode
[  337.680309][T11669] hsr_slave_1: entered promiscuous mode
[  337.699100][T11669] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  337.710713][T11669] Cannot create hsr debugfs directory
[  337.966786][T11440] veth0_vlan: entered promiscuous mode
[  338.096058][T11440] veth1_vlan: entered promiscuous mode
[  338.304702][T11740] loop5: detected capacity change from 0 to 512
[  338.365396][T11740] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  338.378223][T11743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2123'.
[  338.378821][T11440] veth0_macvtap: entered promiscuous mode
[  338.432135][T11440] veth1_macvtap: entered promiscuous mode
[  338.494070][T11740] EXT4-fs (loop5): 1 truncate cleaned up
[  338.537828][T11740] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.725512][T11440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.751050][T11440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.771248][T11440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.787726][T11440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.810246][T11440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.826402][T11669] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  338.855549][T11440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.867763][T11440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.877989][T11440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.890243][T11440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.904140][T11440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.931366][ T5768] Bluetooth: hci0: command tx timeout
[  338.940822][T11669] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  338.965335][T11669] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  338.969279][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.989331][T11669] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  339.006314][T11440] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.050688][T11440] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.059460][T11440] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.119242][T11440] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.513479][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.530596][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.622051][ T1323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.645034][ T1323] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.648364][T11781] loop5: detected capacity change from 0 to 512
[  339.754891][T11669] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.797703][T11669] 8021q: adding VLAN 0 to HW filter on device team0
[  339.806065][T11781] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.827156][ T1323] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.834403][ T1323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.950800][T11781] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.989132][ T7739] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.996410][ T7739] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.082638][   T28] audit: type=1800 audit(1767851828.523:3616): pid=11781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2129" name="bus" dev="loop5" ino=18 res=0 errno=0
[  340.378790][   T28] audit: type=1326 audit(1767851828.813:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.479306][   T28] audit: type=1326 audit(1767851828.813:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.627217][T11804] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2133'.
[  340.651196][   T28] audit: type=1326 audit(1767851828.893:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.680991][T11804] 
: renamed from hsr_slave_1 (while UP)
[  340.712082][   T28] audit: type=1326 audit(1767851828.893:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.713466][T11804] 
: entered allmulticast mode
[  340.741735][T11807] netlink: 'syz.1.2132': attribute type 29 has an invalid length.
[  340.741962][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.776971][   T28] audit: type=1326 audit(1767851828.903:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.833169][T11804] A link change request failed with some changes committed already. Interface 
 may have been left with an inconsistent configuration, please check.
[  340.844170][   T28] audit: type=1326 audit(1767851828.903:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  340.956909][   T28] audit: type=1326 audit(1767851828.913:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  341.010974][ T5768] Bluetooth: hci0: command tx timeout
[  341.056893][   T28] audit: type=1326 audit(1767851828.913:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  341.096672][   T28] audit: type=1326 audit(1767851828.963:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  341.119529][   T28] audit: type=1326 audit(1767851828.963:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11795 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e5d8f749 code=0x7ffc0000
[  341.253543][T11669] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.480890][T11823] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2137'.
[  341.539959][T11824] pimreg: entered allmulticast mode
[  342.287657][T11846] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2143'.
[  342.369923][T11669] veth0_vlan: entered promiscuous mode
[  342.420741][T11669] veth1_vlan: entered promiscuous mode
[  342.513084][T11669] veth0_macvtap: entered promiscuous mode
[  342.546320][T11669] veth1_macvtap: entered promiscuous mode
[  342.576601][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.620732][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.650811][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.691989][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.722753][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.750657][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.777961][T11669] batman_adv: batadv0: Interface activated: batadv_slave_0
[  342.816056][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.844641][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.867431][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.881027][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.891572][T11669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.902270][T11669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.914416][T11669] batman_adv: batadv0: Interface activated: batadv_slave_1
[  342.967913][T11669] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  343.011012][T11669] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  343.019784][T11669] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  343.050596][T11669] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  343.091016][ T5768] Bluetooth: hci0: command tx timeout
[  343.149288][T11856] batadv_slave_0: entered promiscuous mode
[  343.525879][ T7739] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  343.574338][ T7739] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.692035][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  343.699985][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.800444][T11868] loop5: detected capacity change from 0 to 1024
[  343.880707][T11868] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  343.938732][T11868] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.206310][T11903] loop2: detected capacity change from 0 to 512
[  345.313131][T11903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.316807][T11891] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2158'.
[  345.360772][T11903] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.410829][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.579848][T11440] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.912932][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2167'.
[  346.158533][T11921] serio: Serial port ttyS3
[  346.262196][T11921] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2169'.
[  346.308613][T11921] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2169'.
[  347.170964][T11942] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2174'.
[  348.025872][   T28] kauditd_printk_skb: 24 callbacks suppressed
[  348.025892][   T28] audit: type=1326 audit(1767851836.473:3651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.098061][   T28] audit: type=1326 audit(1767851836.473:3652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.164223][   T28] audit: type=1326 audit(1767851836.473:3653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.239874][   T28] audit: type=1326 audit(1767851836.473:3654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.274147][   T28] audit: type=1326 audit(1767851836.473:3655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.347869][   T28] audit: type=1326 audit(1767851836.473:3656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.389837][   T28] audit: type=1326 audit(1767851836.473:3657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.470968][T11972] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2184'.
[  348.486885][   T28] audit: type=1326 audit(1767851836.473:3658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.554161][   T28] audit: type=1326 audit(1767851836.473:3659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.618508][   T28] audit: type=1326 audit(1767851836.473:3660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11961 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  348.635507][T11977] loop2: detected capacity change from 0 to 1024
[  348.661308][T11972] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2184'.
[  348.723350][T11977] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.746435][T11977] ext4 filesystem being mounted at /16/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.806559][T11972] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2184'.
[  348.940180][T11440] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.260184][T11994] syz.5.2190[11994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  349.260357][T11994] syz.5.2190[11994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  351.909359][T12053] random: crng reseeded on system resumption
[  352.161950][T12058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2212'.
[  352.346095][T12064] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2214'.
[  352.573077][T12071] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2216'.
[  353.047149][T12085] loop2: detected capacity change from 0 to 1024
[  353.092884][T12085] EXT4-fs: Ignoring removed bh option
[  353.177979][T12085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.000355][T11440] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.073985][T12121] loop5: detected capacity change from 0 to 512
[  355.123476][T12125] loop2: detected capacity change from 0 to 512
[  355.132136][T12125] EXT4-fs: Ignoring removed oldalloc option
[  355.171971][T12121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.197336][T12121] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.253075][T12125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.346903][T12133] netlink: 'syz.6.2234': attribute type 10 has an invalid length.
[  355.448618][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.498976][T11440] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.533083][T12133] team0: Device veth1_vlan failed to register rx_handler
[  355.686228][T12135] loop5: detected capacity change from 0 to 1024
[  355.754466][T12135] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.791349][T12135] ext4 filesystem being mounted at /65/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.886587][T12142] syz.2.2237[12142] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  355.886733][T12142] syz.2.2237[12142] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  355.905488][   T28] kauditd_printk_skb: 41 callbacks suppressed
[  355.905506][   T28] audit: type=1326 audit(1767851844.353:3702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  355.912318][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.948420][T12143] bridge0: entered promiscuous mode
[  355.961695][   T28] audit: type=1326 audit(1767851844.373:3703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  355.995724][T12143] macvlan2: entered promiscuous mode
[  356.011811][   T28] audit: type=1326 audit(1767851844.373:3704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.133152][   T28] audit: type=1326 audit(1767851844.373:3705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.217920][   T28] audit: type=1326 audit(1767851844.373:3706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.269426][   T28] audit: type=1326 audit(1767851844.373:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.310688][   T28] audit: type=1326 audit(1767851844.373:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.336083][   T28] audit: type=1326 audit(1767851844.373:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.370457][   T28] audit: type=1326 audit(1767851844.373:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.450901][   T28] audit: type=1326 audit(1767851844.373:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12141 comm="syz.2.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  356.739384][T12159] loop5: detected capacity change from 0 to 512
[  356.853635][T12159] EXT4-fs warning (device loop5): ext4_xattr_inode_get:549: inode #11: comm syz.5.2245: ea_inode file size=4 entry size=6
[  356.869170][T12159] EXT4-fs error (device loop5): ext4_do_update_inode:5244: inode #15: comm syz.5.2245: corrupted inode contents
[  356.883008][T12159] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #15: comm syz.5.2245: mark_inode_dirty error
[  356.929899][T12159] EXT4-fs error (device loop5): ext4_do_update_inode:5244: inode #15: comm syz.5.2245: corrupted inode contents
[  357.032042][T12159] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3017: inode #15: comm syz.5.2245: mark_inode_dirty error
[  357.057509][T12159] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3020: inode #15: comm syz.5.2245: mark inode dirty (error -117)
[  357.105290][T12159] EXT4-fs warning (device loop5): ext4_evict_inode:272: xattr delete (err -117)
[  357.120132][T12159] EXT4-fs (loop5): 1 orphan inode deleted
[  357.138137][T12159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.285134][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.495200][T12175] loop5: detected capacity change from 0 to 1024
[  357.520248][T12175] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  357.556550][T12175] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  357.568081][T12175] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  357.595010][T12175] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #3: comm syz.5.2251: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  357.623698][T12175] EXT4-fs (loop5): no journal found
[  357.629086][T12175] EXT4-fs (loop5): can't get journal size
[  357.652964][T12175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  357.731453][T12175] EXT4-fs (loop5): ext4_remount: Checksum for group 0 failed (38281!=20869)
[  357.808403][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.182882][T12187] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2253'.
[  358.488921][T12193] loop5: detected capacity change from 0 to 764
[  358.590412][T10668] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  358.905674][T12205] tipc: Started in network mode
[  358.920614][T12205] tipc: Node identity ac14140f, cluster identity 4711
[  358.938626][T12203] loop5: detected capacity change from 0 to 512
[  358.947931][T12205] tipc: New replicast peer: 255.255.255.255
[  358.983994][T12205] tipc: Enabled bearer <udp:syz2>, priority 10
[  359.034480][T12206] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2263'.
[  359.051651][T12206] tipc: Disabling bearer <udp:syz2>
[  359.551187][T12220] usb usb8: usbfs: process 12220 (syz.6.2270) did not claim interface 0 before use
[  359.559739][T12217] loop2: detected capacity change from 0 to 512
[  359.617869][T12217] EXT4-fs error (device loop2): ext4_xattr_inode_iget:449: comm syz.2.2268: error while reading EA inode 32 err=-116
[  359.702531][T12217] EXT4-fs (loop2): Remounting filesystem read-only
[  359.745955][T12217] EXT4-fs warning (device loop2): ext4_evict_inode:255: couldn't mark inode dirty (err -5)
[  359.780816][T12217] EXT4-fs (loop2): 1 orphan inode deleted
[  359.795540][T12217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.918804][T12217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.417233][T12235] loop5: detected capacity change from 0 to 512
[  361.463103][T12235] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  361.571352][T12235] EXT4-fs (loop5): 1 truncate cleaned up
[  361.627073][T12235] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.186350][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.364272][   T28] kauditd_printk_skb: 19 callbacks suppressed
[  363.364289][   T28] audit: type=1326 audit(1767851851.803:3731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.430988][   T28] audit: type=1326 audit(1767851851.803:3732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.461504][   T28] audit: type=1326 audit(1767851851.813:3733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.489338][   T28] audit: type=1326 audit(1767851851.813:3734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.517700][   T28] audit: type=1326 audit(1767851851.813:3735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.542871][   T28] audit: type=1326 audit(1767851851.813:3736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.635309][   T28] audit: type=1326 audit(1767851851.813:3737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.692136][   T28] audit: type=1326 audit(1767851851.813:3738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.726761][   T28] audit: type=1326 audit(1767851851.813:3739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.753115][   T28] audit: type=1326 audit(1767851851.813:3740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12264 comm="syz.5.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  363.870834][T12274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2289'.
[  368.452084][   T28] kauditd_printk_skb: 70 callbacks suppressed
[  368.452102][   T28] audit: type=1326 audit(1767851856.903:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.481394][T12360] loop5: detected capacity change from 0 to 128
[  368.549811][   T28] audit: type=1326 audit(1767851856.903:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.645362][   T28] audit: type=1326 audit(1767851856.903:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.702104][   T28] audit: type=1326 audit(1767851856.903:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.729118][T12357] loop6: detected capacity change from 0 to 2048
[  368.759724][   T28] audit: type=1326 audit(1767851856.913:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.810665][   T28] audit: type=1326 audit(1767851856.913:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.847671][   T28] audit: type=1326 audit(1767851856.913:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.947468][   T28] audit: type=1326 audit(1767851856.913:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  368.996251][T12357]  loop6: p1 < > p4
[  369.051138][   T28] audit: type=1326 audit(1767851856.913:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  369.074242][T12357] loop6: p4 size 8388608 extends beyond EOD, truncated
[  369.119435][T12370] loop5: detected capacity change from 0 to 512
[  369.159913][   T28] audit: type=1326 audit(1767851856.913:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.5.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6351d8f749 code=0x7ffc0000
[  369.238929][T12370] EXT4-fs (loop5): orphan cleanup on readonly fs
[  369.286480][T12370] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.2324: bad orphan inode 13
[  369.322111][T12370] ext4_test_bit(bit=12, block=18) = 1
[  369.341408][T12370] is_bad_inode(inode)=0
[  369.364589][T12370] NEXT_ORPHAN(inode)=2130706432
[  369.369538][T12370] max_ino=32
[  369.383400][T12370] i_nlink=1
[  369.428593][T12370] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  369.503511][T12370] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  369.543293][T12370] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  369.725218][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.953612][T12390] loop5: detected capacity change from 0 to 2048
[  370.044105][T12390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.393255][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.574500][T12400] loop6: detected capacity change from 0 to 128
[  370.695298][T12400] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2333'.
[  371.155795][T12404] loop5: detected capacity change from 0 to 8192
[  371.361377][T12404] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  372.107283][T12434] random: crng reseeded on system resumption
[  372.305874][T12440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2353'.
[  372.996845][T12456] loop5: detected capacity change from 0 to 4096
[  373.064096][T12456] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.204283][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.707450][T12470] loop6: detected capacity change from 0 to 164
[  374.291438][   T28] kauditd_printk_skb: 51 callbacks suppressed
[  374.291455][   T28] audit: type=1326 audit(1767851862.743:3872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.346646][   T28] audit: type=1326 audit(1767851862.743:3873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.396409][   T28] audit: type=1326 audit(1767851862.773:3874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.431830][   T28] audit: type=1326 audit(1767851862.773:3875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.454633][   T28] audit: type=1326 audit(1767851862.773:3876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.486327][T12483] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2370'.
[  374.502935][   T28] audit: type=1326 audit(1767851862.783:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.539165][   T28] audit: type=1326 audit(1767851862.783:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.570674][   T28] audit: type=1326 audit(1767851862.783:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.668483][   T28] audit: type=1326 audit(1767851862.793:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.728189][T12489] loop5: detected capacity change from 0 to 256
[  374.780835][   T28] audit: type=1326 audit(1767851862.793:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12482 comm="syz.6.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  374.817967][T12491] loop6: detected capacity change from 0 to 512
[  374.825375][T10671] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  374.862731][T12491] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  375.025902][T12497] netlink: 'syz.2.2376': attribute type 18 has an invalid length.
[  375.067285][T12497] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2376'.
[  375.068224][T12496] Cannot find set identified by id 0 to match
[  375.528075][T12513] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2385'.
[  375.788174][T12517] loop5: detected capacity change from 0 to 512
[  375.842940][T12517] EXT4-fs: Ignoring removed oldalloc option
[  375.922381][T12517] EXT4-fs error (device loop5): __ext4_iget:5067: inode #11: block 1: comm syz.5.2387: invalid block
[  375.990260][T12517] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2387: couldn't read orphan inode 11 (err -117)
[  376.048423][T12517] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.068145][T12531] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2391'.
[  376.122265][T12511] syz.1.2383[12511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.122417][T12511] syz.1.2383[12511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.163446][T12517] tipc: Started in network mode
[  376.202695][T12517] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  376.225639][T12517] tipc: Enabled bearer <udp:syz0>, priority 10
[  376.291219][T12536] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2393'.
[  376.375133][T12527] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  376.462034][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.794917][T12550] syzkaller1: entered promiscuous mode
[  376.809915][T12550] syzkaller1: entered allmulticast mode
[  377.340994][ T5757] tipc: Node number set to 4269801488
[  377.429600][T12571] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2408'.
[  377.911086][T12582] netlink: 'syz.2.2412': attribute type 12 has an invalid length.
[  377.990099][T12584] syz_tun: entered allmulticast mode
[  378.004057][T12583] syz_tun: left allmulticast mode
[  379.104255][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  379.112529][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  379.235770][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  379.251936][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  379.267344][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  379.276480][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  379.284624][ T5777] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  379.293452][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  379.397538][T12610] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2424'.
[  379.933555][T12605] chnl_net:caif_netlink_parms(): no params data found
[  380.218495][T12633] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  380.218495][T12633]    program syz.5.2432 not setting count and/or reply_len properly
[  380.369322][T12605] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.400778][T12605] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.408532][T12605] bridge_slave_0: entered allmulticast mode
[  380.448024][T12605] bridge_slave_0: entered promiscuous mode
[  380.464916][T12605] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.500742][T12605] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.508068][T12605] bridge_slave_1: entered allmulticast mode
[  380.534581][T12647] loop5: detected capacity change from 0 to 512
[  380.548558][T12647] EXT4-fs: Ignoring removed oldalloc option
[  380.554834][T12647] EXT4-fs: Ignoring removed i_version option
[  380.564918][T12647] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.574885][T12647] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  380.603225][T12605] bridge_slave_1: entered promiscuous mode
[  380.669830][T12605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  380.689782][T12647] EXT4-fs (loop5): 1 truncate cleaned up
[  380.725152][T12647] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.766243][T12605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  380.788858][   T28] kauditd_printk_skb: 125 callbacks suppressed
[  380.788876][   T28] audit: type=1800 audit(1767851869.233:4007): pid=12647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2438" name="bus" dev="loop5" ino=18 res=0 errno=0
[  380.792387][T12652] tap0: tun_chr_ioctl cmd 1074025677
[  380.918516][T12652] tap0: linktype set to 769
[  381.739078][T12654] Invalid ELF header magic: != ELF
[  381.802907][ T5768] Bluetooth: hci2: command tx timeout
[  382.066962][T12605] team0: Port device team_slave_0 added
[  382.083113][T12605] team0: Port device team_slave_1 added
[  382.166796][T12605] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.199030][T12605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.277634][T12605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.287377][   T28] audit: type=1326 audit(1767851870.723:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.317221][   T28] audit: type=1326 audit(1767851870.753:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.340432][   T28] audit: type=1326 audit(1767851870.763:4010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.379590][T12605] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.387015][T12605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.389969][   T28] audit: type=1326 audit(1767851870.763:4011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.420049][T12605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.436498][   T28] audit: type=1326 audit(1767851870.763:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.483112][   T28] audit: type=1326 audit(1767851870.763:4013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.526837][   T28] audit: type=1326 audit(1767851870.763:4014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.577722][T12605] hsr_slave_0: entered promiscuous mode
[  382.583389][   T28] audit: type=1326 audit(1767851870.763:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.583439][   T28] audit: type=1326 audit(1767851870.763:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12659 comm="syz.2.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  382.631947][T12605] hsr_slave_1: entered promiscuous mode
[  382.638419][T12605] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  382.645186][T12667] netlink: 332 bytes leftover after parsing attributes in process `syz.2.2444'.
[  382.646285][T12605] Cannot create hsr debugfs directory
[  382.896406][T12605] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.987307][T12605] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.061171][T12605] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.158573][T12605] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.277787][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.435346][T12679] loop6: detected capacity change from 0 to 256
[  383.584830][T12605] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  383.632108][T12605] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  383.677579][T12605] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  383.726093][T12605] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  383.810696][ T5768] Bluetooth: hci2: command tx timeout
[  383.980020][T12605] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.058224][T12605] 8021q: adding VLAN 0 to HW filter on device team0
[  384.102740][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.109995][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.113793][T12701] syz.2.2458[12701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.117396][T12701] syz.2.2458[12701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.168667][T12703] syz.5.2459[12703] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.189118][T12105] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.207884][T12105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.217186][T12703] syz.5.2459[12703] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.229876][T12703] loop5: detected capacity change from 0 to 512
[  384.294419][T12703] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  384.373222][T12703] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.392282][T12703] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  384.513137][T12713] netlink: 'syz.5.2459': attribute type 1 has an invalid length.
[  384.522804][T12713] netlink: 'syz.5.2459': attribute type 2 has an invalid length.
[  384.531108][T12713] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2459'.
[  384.541782][T12713] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.2459: iget: bad i_size value: 2533274857506816
[  384.636901][T12713] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.2459: iget: bad i_size value: 2533274857506816
[  384.662555][T12605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.710197][T12605] veth0_vlan: entered promiscuous mode
[  384.724146][T12605] veth1_vlan: entered promiscuous mode
[  384.761415][T12605] veth0_macvtap: entered promiscuous mode
[  384.772248][T12605] veth1_macvtap: entered promiscuous mode
[  384.788901][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.800286][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.810459][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.823322][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.833417][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.844007][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.855716][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.866516][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.878846][T12605] batman_adv: batadv0: Interface activated: batadv_slave_0
[  384.895989][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.906712][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.917584][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.928797][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.945986][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.956835][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.966930][T12605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.978702][T12605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.990849][T12605] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.006987][T12605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.048478][T12605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.058699][T12605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.067988][T12605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  385.086322][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.247007][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.265493][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.322825][T12105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.333061][T12105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.645237][T12720] loop5: detected capacity change from 0 to 512
[  385.677112][T12720] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  385.703810][T12720] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  385.741234][T12720] EXT4-fs (loop5): 1 truncate cleaned up
[  385.753589][T12720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.890911][ T5777] Bluetooth: hci2: command tx timeout
[  385.891131][T12725] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  385.971136][ T5777] Bluetooth: hci4: command 0x1003 tx timeout
[  385.978316][ T5768] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  386.045959][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.232695][T12731] loop6: detected capacity change from 0 to 4096
[  386.252458][T12733] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  386.274509][T12731] EXT4-fs: Ignoring removed nomblk_io_submit option
[  386.326214][T12731] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.547612][T12739] loop5: detected capacity change from 0 to 2048
[  386.599594][T11669] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.632547][T12739] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.726520][   T28] kauditd_printk_skb: 68 callbacks suppressed
[  386.726538][   T28] audit: type=1800 audit(1767851875.173:4085): pid=12739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2469" name="bus" dev="loop5" ino=18 res=0 errno=0
[  386.962048][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.972902][ T5768] Bluetooth: hci2: command tx timeout
[  389.317915][T12770] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  389.317915][T12770]    program syz.5.2482 not setting count and/or reply_len properly
[  389.567585][T12773] netlink: 'syz.1.2484': attribute type 10 has an invalid length.
[  389.585895][T12773] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2484'.
[  389.612535][T12773] dummy0: entered promiscuous mode
[  389.628507][T12773] bridge0: port 3(dummy0) entered blocking state
[  389.638361][T12776] loop5: detected capacity change from 0 to 1024
[  389.645407][T12773] bridge0: port 3(dummy0) entered disabled state
[  389.653285][T12776] EXT4-fs: Ignoring removed mblk_io_submit option
[  389.662664][T12773] dummy0: entered allmulticast mode
[  389.693468][T12773] bridge0: port 3(dummy0) entered blocking state
[  389.701737][T12773] bridge0: port 3(dummy0) entered forwarding state
[  389.761212][T12776] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.808238][T12776] EXT4-fs (loop5): Online resizing not supported with bigalloc
[  389.826070][   T28] audit: type=1800 audit(1767851878.253:4086): pid=12776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2486" name="bus" dev="loop5" ino=18 res=0 errno=0
[  390.456234][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.495621][   T28] audit: type=1326 audit(1767851878.953:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4470b8f749 code=0x7ffc0000
[  390.583852][   T28] audit: type=1326 audit(1767851878.953:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4470b8f749 code=0x7ffc0000
[  390.586348][T12796] loop1: detected capacity change from 0 to 1024
[  390.659520][   T28] audit: type=1326 audit(1767851878.993:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4470b8f749 code=0x7ffc0000
[  390.685698][T12796] EXT4-fs: Ignoring removed orlov option
[  390.732267][T12796] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  390.758783][   T28] audit: type=1326 audit(1767851878.993:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4470b8f749 code=0x7ffc0000
[  390.834975][   T28] audit: type=1326 audit(1767851878.993:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4470b8f749 code=0x7ffc0000
[  390.853295][T12796] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2493'.
[  390.909590][   T28] audit: type=1326 audit(1767851879.003:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4470b8f783 code=0x7ffc0000
[  390.978276][   T28] audit: type=1326 audit(1767851879.003:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4470b8e1ff code=0x7ffc0000
[  391.031862][   T28] audit: type=1326 audit(1767851879.033:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12795 comm="syz.1.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4470b8f7d7 code=0x7ffc0000
[  391.106010][T12796] loop1: detected capacity change from 0 to 128
[  391.184777][T12796] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  392.031320][T12829] syz.2.2507[12829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  392.031467][T12829] syz.2.2507[12829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  392.080885][   T28] kauditd_printk_skb: 130 callbacks suppressed
[  392.080901][   T28] audit: type=1326 audit(1767851880.523:4225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  392.219532][T12829] netlink: 'syz.2.2507': attribute type 1 has an invalid length.
[  392.249299][   T28] audit: type=1326 audit(1767851880.533:4226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  392.251012][T12834] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2509'.
[  392.281281][T12829] netlink: 'syz.2.2507': attribute type 2 has an invalid length.
[  392.289176][T12829] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2507'.
[  392.343522][   T28] audit: type=1326 audit(1767851880.533:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  392.448980][   T28] audit: type=1326 audit(1767851880.533:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9c3fd8f783 code=0x7ffc0000
[  392.565259][   T28] audit: type=1326 audit(1767851880.533:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9c3fd8e1ff code=0x7ffc0000
[  392.648827][   T28] audit: type=1326 audit(1767851880.553:4230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9c3fd8f7d7 code=0x7ffc0000
[  392.724378][   T28] audit: type=1326 audit(1767851880.553:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c3fd8df90 code=0x7ffc0000
[  392.790767][   T28] audit: type=1326 audit(1767851880.553:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9c3fd8e3aa code=0x7ffc0000
[  392.874302][   T28] audit: type=1326 audit(1767851880.553:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  392.904552][   T28] audit: type=1326 audit(1767851880.553:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12828 comm="syz.2.2507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  393.136872][T12844] syz.1.2514[12844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  393.137016][T12844] syz.1.2514[12844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  393.204993][T12845] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  393.344301][T12845] loop5: detected capacity change from 0 to 2048
[  393.409602][T12853] loop6: detected capacity change from 0 to 512
[  393.449586][T12845] Alternate GPT is invalid, using primary GPT.
[  393.459099][T12853] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  393.470200][T12845]  loop5: p1 p2 p3
[  393.480998][T12853] EXT4-fs (loop6): orphan cleanup on readonly fs
[  393.490817][T12845] loop5: partition table partially beyond EOD, truncated
[  393.502149][T12852] loop1: detected capacity change from 0 to 128
[  393.512167][T12853] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm wÞ£ÿ: Failed to acquire dquot type 1
[  393.519987][T12852] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  393.587737][T12853] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm wÞ£ÿ: bg 0: block 40: padding at end of block bitmap is not set
[  393.601434][T12852] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  393.667573][T12853] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  393.731206][T12853] EXT4-fs (loop6): 1 truncate cleaned up
[  393.738602][T12853] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  393.839051][T12853] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.929850][T12864] netlink: 'syz.5.2521': attribute type 4 has an invalid length.
[  393.956976][T10668] udevd[10668]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  394.006367][T10672] udevd[10672]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  394.019098][T10671] udevd[10671]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  394.081834][T12866] netlink: 'syz.5.2521': attribute type 4 has an invalid length.
[  394.153056][T12868] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  394.442842][   T42] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  394.921803][T12883] loop1: detected capacity change from 0 to 128
[  395.254774][T12887] syz.1.2530[12887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  395.254932][T12887] syz.1.2530[12887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  396.681394][T12887] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2530'.
[  396.769842][T12887] 0ªX¹¦À: renamed from caif0
[  396.788030][T12887] 0ªX¹¦À: entered allmulticast mode
[  396.800098][T12887] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  397.012609][T12896] autofs4:pid:12896:autofs_fill_super: called with bogus options
[  397.220275][   T28] kauditd_printk_skb: 186 callbacks suppressed
[  397.220292][   T28] audit: type=1326 audit(1767851885.663:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.258509][T12903] netlink: 14 bytes leftover after parsing attributes in process `syz.6.2537'.
[  397.268038][T12903] hsr_slave_0: left promiscuous mode
[  397.274998][   T28] audit: type=1326 audit(1767851885.693:4420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.298020][T12903] hsr_slave_1: left promiscuous mode
[  397.329811][   T28] audit: type=1326 audit(1767851885.703:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.387357][   T28] audit: type=1326 audit(1767851885.703:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.410693][   T28] audit: type=1326 audit(1767851885.703:4423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.434745][   T28] audit: type=1326 audit(1767851885.703:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.486358][   T28] audit: type=1326 audit(1767851885.703:4425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.560194][   T28] audit: type=1326 audit(1767851885.703:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.614761][   T28] audit: type=1326 audit(1767851885.703:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.674471][   T28] audit: type=1326 audit(1767851885.703:4428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.6.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f2bb4f8f749 code=0x7ffc0000
[  397.961075][T12914] loop5: detected capacity change from 0 to 8192
[  398.041799][T12914] syz.5.2542: attempt to access beyond end of device
[  398.041799][T12914] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  398.064434][T12914] Buffer I/O error on dev loop5, logical block 57847, async page read
[  398.081097][T12914] syz.5.2542: attempt to access beyond end of device
[  398.081097][T12914] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  398.170938][T12914] Buffer I/O error on dev loop5, logical block 57847, async page read
[  398.739870][T12936] random: crng reseeded on system resumption
[  398.831721][T12940] tipc: Enabled bearer <eth:team0>, priority 0
[  399.474289][T12954] netlink: 'syz.1.2559': attribute type 10 has an invalid length.
[  399.512156][T12954] bridge0: port 3(dummy0) entered disabled state
[  399.560820][T12954] dummy0: left allmulticast mode
[  399.567486][T12954] dummy0: left promiscuous mode
[  399.581036][T12954] bridge0: port 3(dummy0) entered disabled state
[  399.607039][T12954] team0: Port device dummy0 added
[  399.616699][T12956] netlink: 'syz.1.2559': attribute type 10 has an invalid length.
[  399.635316][T12956] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  399.705179][T12956] team0: Failed to send options change via netlink (err -105)
[  399.739524][T12956] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  399.756527][T12956] team0: Port device dummy0 removed
[  399.783411][T12956] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  399.961699][   T23] tipc: Node number set to 2886997007
[  400.627973][T12980] 9pnet: p9_errstr2errno: server reported unknown error 0x000
[  400.921226][T12990] loop1: detected capacity change from 0 to 512
[  400.942181][T12990] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  401.038121][T12991] loop6: detected capacity change from 0 to 512
[  401.071156][T12991] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  401.131573][T12991] EXT4-fs (loop6): 1 truncate cleaned up
[  401.138779][T12991] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  401.279766][T11669] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.853837][T13017] loop6: detected capacity change from 0 to 1024
[  401.881357][T13021] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2584'.
[  401.883538][T13017] EXT4-fs: Ignoring removed i_version option
[  401.945961][T13017] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  402.027966][T13017] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.116429][T13017] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4031: comm syz.6.2582: Allocating blocks 385-513 which overlap fs metadata
[  402.228493][T13017] EXT4-fs (loop6): pa ffff888079103658: logic 16, phys. 129, len 24
[  402.237477][T13017] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8
[  402.397465][T11669] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.439247][   T28] kauditd_printk_skb: 116 callbacks suppressed
[  402.439264][   T28] audit: type=1326 audit(1767851890.883:4545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.493952][   T28] audit: type=1326 audit(1767851890.933:4546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.517496][   T28] audit: type=1326 audit(1767851890.933:4547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.550669][   T28] audit: type=1326 audit(1767851890.933:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.621173][   T28] audit: type=1326 audit(1767851890.933:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.684205][   T28] audit: type=1326 audit(1767851890.933:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.760358][   T28] audit: type=1326 audit(1767851890.943:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.828370][   T28] audit: type=1326 audit(1767851890.943:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.902354][   T28] audit: type=1326 audit(1767851890.943:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  402.941189][   T28] audit: type=1326 audit(1767851890.943:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13039 comm="syz.2.2592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3fd8f749 code=0x7ffc0000
[  403.367807][T13068] loop1: detected capacity change from 0 to 1024
[  403.400968][T13068] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  403.624681][T13068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.718022][T13068] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  403.942844][T12605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.427734][T13096] loop1: detected capacity change from 0 to 164
[  404.445480][T13097] loop5: detected capacity change from 0 to 1024
[  404.511888][T13097] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  404.795695][T11110] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.079878][T13106] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2620'.
[  405.449127][T13115] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2623'.
[  406.810641][T13123] IPv6: NLM_F_CREATE should be specified when creating new route
[  406.823075][T13125] loop1: detected capacity change from 0 to 512
[  406.949931][T13125] 
[  406.952342][T13125] ======================================================
[  406.959649][T13125] WARNING: possible circular locking dependency detected
[  406.966703][T13125] syzkaller #0 Not tainted
[  406.971152][T13125] ------------------------------------------------------
[  406.978198][T13125] syz.1.2628/13125 is trying to acquire lock:
[  406.984295][T13125] ffff88807a538bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0
[  406.994457][T13125] 
[  406.994457][T13125] but task is already holding lock:
[  407.001861][T13125] ffff8880600600c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  407.011756][T13125] 
[  407.011756][T13125] which lock already depends on the new lock.
[  407.011756][T13125] 
[  407.022186][T13125] 
[  407.022186][T13125] the existing dependency chain (in reverse order) is:
[  407.031377][T13125] 
[  407.031377][T13125] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  407.036728][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2630'.
[  407.038975][T13125]        down_read+0x46/0x2e0
[  407.039003][T13125]        ext4_xattr_get+0x10b/0x6a0
[  407.039026][T13125]        ext4_get_acl+0x84/0x670
[  407.039052][T13125]        __get_acl+0x26d/0x3f0
[  407.039074][T13125]        posix_acl_create+0x131/0x440
[  407.039098][T13125]        ext4_init_acl+0xb4/0x320
[  407.039123][T13125]        __ext4_new_inode+0x2e49/0x3a00
[  407.039141][T13125]        ext4_ext_migrate+0x66b/0xff0
[  407.039161][T13125]        ext4_ioctl+0x1c4b/0x3820
[  407.039184][T13125]        __se_sys_ioctl+0xfd/0x170
[  407.039205][T13125]        do_syscall_64+0x55/0xb0
[  407.039220][T13125]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  407.039243][T13125] 
[  407.039243][T13125] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  407.039276][T13125]        __lock_acquire+0x2ddb/0x7c80
[  407.039296][T13125]        lock_acquire+0x197/0x410
[  407.039312][T13125]        percpu_down_read+0x44/0x1a0
[  407.039336][T13125]        ext4_writepages+0x170/0x2f0
[  407.039360][T13125]        do_writepages+0x3a2/0x600
[  407.039386][T13125]        __writeback_single_inode+0x153/0xee0
[  407.039413][T13125]        writeback_single_inode+0x211/0x720
[  407.039436][T13125]        write_inode_now+0x161/0x1e0
[  407.039457][T13125]        iput+0x5b2/0x920
[  407.039473][T13125]        ext4_xattr_block_set+0x273a/0x32a0
[  407.039496][T13125]        ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  407.039521][T13125]        __ext4_expand_extra_isize+0x306/0x400
[  407.039546][T13125]        __ext4_mark_inode_dirty+0x45d/0x6e0
[  407.039569][T13125]        ext4_evict_inode+0x7ed/0xea0
[  407.039589][T13125]        evict+0x486/0x870
[  407.039607][T13125]        ext4_orphan_cleanup+0xbd4/0x1400
[  407.039634][T13125]        ext4_fill_super+0x5de4/0x66c0
[  407.039650][T13125]        get_tree_bdev+0x3e4/0x510
[  407.039667][T13125]        vfs_get_tree+0x8c/0x280
[  407.039684][T13125]        do_new_mount+0x24b/0xa40
[  407.039699][T13125]        __se_sys_mount+0x2da/0x3c0
[  407.039715][T13125]        do_syscall_64+0x55/0xb0
[  407.039729][T13125]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  407.039749][T13125] 
[  407.039749][T13125] other info that might help us debug this:
[  407.039749][T13125] 
[  407.039756][T13125]  Possible unsafe locking scenario:
[  407.039756][T13125] 
[  407.039760][T13125]        CPU0                    CPU1
[  407.039765][T13125]        ----                    ----
[  407.039771][T13125]   lock(&ei->xattr_sem);
[  407.039785][T13125]                                lock(&sbi->s_writepages_rwsem);
[  407.039801][T13125]                                lock(&ei->xattr_sem);
[  407.039815][T13125]   rlock(&sbi->s_writepages_rwsem);
[  407.039829][T13125] 
[  407.039829][T13125]  *** DEADLOCK ***
[  407.039829][T13125] 
[  407.039834][T13125] 3 locks held by syz.1.2628/13125:
[  407.039846][T13125]  #0: ffff88807f6780e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x344/0x510
[  407.039909][T13125]  #1: ffff88807f678608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[  407.039962][T13125]  #2: ffff8880600600c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  407.040011][T13125] 
[  407.040011][T13125] stack backtrace:
[  407.040017][T13125] CPU: 1 PID: 13125 Comm: syz.1.2628 Not tainted syzkaller #0
[  407.040035][T13125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  407.040044][T13125] Call Trace:
[  407.040052][T13125]  <TASK>
[  407.040059][T13125]  dump_stack_lvl+0x16c/0x230
[  407.040089][T13125]  ? load_image+0x3b0/0x3b0
[  407.040114][T13125]  ? show_regs_print_info+0x20/0x20
[  407.040144][T13125]  ? print_circular_bug+0x12b/0x1a0
[  407.040167][T13125]  check_noncircular+0x2bd/0x3c0
[  407.396955][T13125]  ? look_up_lock_class+0x75/0x140
[  407.402090][T13125]  ? print_deadlock_bug+0x5d0/0x5d0
[  407.407298][T13125]  ? lockdep_lock+0xe0/0x220
[  407.411990][T13125]  ? _find_first_zero_bit+0xd3/0x100
[  407.417293][T13125]  __lock_acquire+0x2ddb/0x7c80
[  407.422159][T13125]  ? mark_lock+0x94/0x320
[  407.426499][T13125]  ? verify_lock_unused+0x140/0x140
[  407.431708][T13125]  ? __lock_acquire+0x1334/0x7c80
[  407.436742][T13125]  ? verify_lock_unused+0x140/0x140
[  407.441950][T13125]  lock_acquire+0x197/0x410
[  407.446465][T13125]  ? ext4_writepages+0x170/0x2f0
[  407.451426][T13125]  ? __might_sleep+0xe0/0xe0
[  407.456028][T13125]  ? mark_lock+0x94/0x320
[  407.460399][T13125]  ? read_lock_is_recursive+0x20/0x20
[  407.465783][T13125]  ? __lock_acquire+0x1334/0x7c80
[  407.470822][T13125]  percpu_down_read+0x44/0x1a0
[  407.475631][T13125]  ? ext4_writepages+0x170/0x2f0
[  407.480699][T13125]  ext4_writepages+0x170/0x2f0
[  407.485761][T13125]  ? ext4_read_folio+0x2f0/0x2f0
[  407.490744][T13125]  ? __rwlock_init+0x150/0x150
[  407.495529][T13125]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  407.501440][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  407.506665][T13125]  ? ext4_read_folio+0x2f0/0x2f0
[  407.511620][T13125]  do_writepages+0x3a2/0x600
[  407.516235][T13125]  ? folio_clear_dirty_for_io+0xc30/0xc30
[  407.521967][T13125]  ? writeback_single_inode+0x206/0x720
[  407.527531][T13125]  ? __lock_acquire+0x7c80/0x7c80
[  407.532561][T13125]  ? do_raw_spin_lock+0x121/0x2c0
[  407.537594][T13125]  ? get_tree_bdev+0x3e4/0x510
[  407.542366][T13125]  __writeback_single_inode+0x153/0xee0
[  407.547927][T13125]  writeback_single_inode+0x211/0x720
[  407.553321][T13125]  ? write_inode_now+0x1e0/0x1e0
[  407.558273][T13125]  write_inode_now+0x161/0x1e0
[  407.563073][T13125]  ? bdi_split_work_to_wbs+0x890/0x890
[  407.568550][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  407.573762][T13125]  iput+0x5b2/0x920
[  407.577588][T13125]  ext4_xattr_block_set+0x273a/0x32a0
[  407.583145][T13125]  ? __might_sleep+0xe0/0xe0
[  407.587751][T13125]  ? xattr_find_entry+0x12b/0x2f0
[  407.592788][T13125]  ? ext4_xattr_block_find+0x350/0x350
[  407.598436][T13125]  ? ext4_xattr_block_find+0x2d4/0x350
[  407.603907][T13125]  ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  407.609837][T13125]  __ext4_expand_extra_isize+0x306/0x400
[  407.615483][T13125]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  407.620960][T13125]  ext4_evict_inode+0x7ed/0xea0
[  407.625815][T13125]  ? _raw_spin_unlock+0x28/0x40
[  407.630694][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  407.636597][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  407.641896][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  407.647801][T13125]  evict+0x486/0x870
[  407.651714][T13125]  ? __lock_acquire+0x7c80/0x7c80
[  407.656837][T13125]  ? proc_nr_inodes+0x230/0x230
[  407.661703][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  407.666913][T13125]  ? _raw_spin_unlock+0x28/0x40
[  407.671773][T13125]  ? iput+0x70a/0x920
[  407.675768][T13125]  ext4_orphan_cleanup+0xbd4/0x1400
[  407.680987][T13125]  ? ext4_orphan_del+0xba0/0xba0
[  407.685939][T13125]  ? ext4_register_li_request+0x183/0x940
[  407.691677][T13125]  ? errseq_check_and_advance+0x66/0x120
[  407.697323][T13125]  ext4_fill_super+0x5de4/0x66c0
[  407.702282][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  407.708559][T13125]  ? __might_sleep+0xe0/0xe0
[  407.713181][T13125]  ? read_lock_is_recursive+0x20/0x20
[  407.718769][T13125]  ? snprintf+0xdb/0x120
[  407.723061][T13125]  ? vscnprintf+0x80/0x80
[  407.727409][T13125]  ? down_write+0x162/0x1f0
[  407.731924][T13125]  ? down_read_killable+0x340/0x340
[  407.737136][T13125]  ? setup_bdev_super+0x56b/0x660
[  407.742170][T13125]  get_tree_bdev+0x3e4/0x510
[  407.746775][T13125]  ? vfs_parse_fs_string+0x160/0x160
[  407.752072][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  407.758326][T13125]  ? setup_bdev_super+0x660/0x660
[  407.763360][T13125]  ? apparmor_capable+0x137/0x1a0
[  407.768398][T13125]  ? bpf_lsm_capable+0x9/0x10
[  407.773087][T13125]  ? security_capable+0x89/0xb0
[  407.777949][T13125]  vfs_get_tree+0x8c/0x280
[  407.782376][T13125]  do_new_mount+0x24b/0xa40
[  407.786888][T13125]  __se_sys_mount+0x2da/0x3c0
[  407.791573][T13125]  ? __x64_sys_mount+0xc0/0xc0
[  407.796437][T13125]  ? lockdep_hardirqs_on+0x98/0x150
[  407.801646][T13125]  ? __x64_sys_mount+0x20/0xc0
[  407.806416][T13125]  do_syscall_64+0x55/0xb0
[  407.810837][T13125]  ? clear_bhb_loop+0x40/0x90
[  407.815521][T13125]  ? clear_bhb_loop+0x40/0x90
[  407.820291][T13125]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  407.826197][T13125] RIP: 0033:0x7f4470b90eea
[  407.830621][T13125] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.850235][T13125] RSP: 002b:00007f4471a4de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  407.858656][T13125] RAX: ffffffffffffffda RBX: 00007f4471a4def0 RCX: 00007f4470b90eea
[  407.866639][T13125] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4471a4deb0
[  407.874619][T13125] RBP: 0000200000000180 R08: 00007f4471a4def0 R09: 0000000000800700
[  407.882597][T13125] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  407.890586][T13125] R13: 00007f4471a4deb0 R14: 000000000000046f R15: 000000000000002c
[  407.898579][T13125]  </TASK>
[  407.916002][T13125] ------------[ cut here ]------------
[  407.921609][T13125] EA inode 11 i_nlink=2
[  407.934188][T13125] WARNING: CPU: 0 PID: 13125 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550
[  407.948927][T13125] Modules linked in:
[  407.952922][T13125] CPU: 0 PID: 13125 Comm: syz.1.2628 Not tainted syzkaller #0
[  407.961703][T13125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  407.973151][T13125] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  407.979866][T13125] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[  408.000089][T13125] RSP: 0018:ffffc900032d71c0 EFLAGS: 00010246
[  408.006251][T13125] RAX: 6910895c9cedfc00 RBX: 0000000000000002 RCX: 0000000000080000
[  408.014391][T13125] RDX: ffffc9000d82d000 RSI: 000000000007ffff RDI: 0000000000080000
[  408.022591][T13125] RBP: ffffc900032d72b8 R08: ffffc900032d6dc7 R09: 1ffff9200065adb8
[  408.030694][T13125] R10: dffffc0000000000 R11: fffff5200065adb9 R12: dffffc0000000000
[  408.038697][T13125] R13: ffff8880524618a8 R14: ffff8880524616b0 R15: ffff888052461700
[  408.046723][T13125] FS:  00007f4471a4e6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  408.055749][T13125] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  408.063625][T13125] CR2: 00007fff4a202e78 CR3: 00000000655e5000 CR4: 00000000003506f0
[  408.071825][T13125] Call Trace:
[  408.075123][T13125]  <TASK>
[  408.078054][T13125]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  408.083740][T13125]  ? ext4_xattr_inode_iget+0x3df/0x600
[  408.089224][T13125]  ext4_xattr_set_entry+0xcda/0x1e90
[  408.094573][T13125]  ext4_xattr_ibody_set+0x254/0x6a0
[  408.099777][T13125]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  408.105734][T13125]  __ext4_expand_extra_isize+0x306/0x400
[  408.111420][T13125]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  408.116901][T13125]  ext4_evict_inode+0x7ed/0xea0
[  408.121791][T13125]  ? _raw_spin_unlock+0x28/0x40
[  408.126654][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  408.132588][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  408.138027][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  408.143974][T13125]  evict+0x486/0x870
[  408.147874][T13125]  ? __lock_acquire+0x7c80/0x7c80
[  408.152941][T13125]  ? proc_nr_inodes+0x230/0x230
[  408.157797][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  408.163039][T13125]  ? _raw_spin_unlock+0x28/0x40
[  408.168672][T13125]  ? iput+0x70a/0x920
[  408.172877][T13125]  ext4_orphan_cleanup+0xbd4/0x1400
[  408.178152][T13125]  ? ext4_orphan_del+0xba0/0xba0
[  408.183160][T13125]  ? ext4_register_li_request+0x183/0x940
[  408.189079][T13125]  ? errseq_check_and_advance+0x66/0x120
[  408.194787][T13125]  ext4_fill_super+0x5de4/0x66c0
[  408.199739][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  408.206017][T13125]  ? __might_sleep+0xe0/0xe0
[  408.210822][T13125]  ? read_lock_is_recursive+0x20/0x20
[  408.216217][T13125]  ? snprintf+0xdb/0x120
[  408.220465][T13125]  ? vscnprintf+0x80/0x80
[  408.224854][T13125]  ? down_write+0x162/0x1f0
[  408.229385][T13125]  ? down_read_killable+0x340/0x340
[  408.234627][T13125]  ? setup_bdev_super+0x56b/0x660
[  408.239665][T13125]  get_tree_bdev+0x3e4/0x510
[  408.244286][T13125]  ? vfs_parse_fs_string+0x160/0x160
[  408.249605][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  408.255894][T13125]  ? setup_bdev_super+0x660/0x660
[  408.260953][T13125]  ? apparmor_capable+0x137/0x1a0
[  408.265997][T13125]  ? bpf_lsm_capable+0x9/0x10
[  408.272279][T13125]  ? security_capable+0x89/0xb0
[  408.277160][T13125]  vfs_get_tree+0x8c/0x280
[  408.281759][T13125]  do_new_mount+0x24b/0xa40
[  408.286286][T13125]  __se_sys_mount+0x2da/0x3c0
[  408.290996][T13125]  ? __x64_sys_mount+0xc0/0xc0
[  408.295758][T13125]  ? lockdep_hardirqs_on+0x98/0x150
[  408.301018][T13125]  ? __x64_sys_mount+0x20/0xc0
[  408.305808][T13125]  do_syscall_64+0x55/0xb0
[  408.310526][T13125]  ? clear_bhb_loop+0x40/0x90
[  408.315227][T13125]  ? clear_bhb_loop+0x40/0x90
[  408.319903][T13125]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  408.325912][T13125] RIP: 0033:0x7f4470b90eea
[  408.330344][T13125] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.350098][T13125] RSP: 002b:00007f4471a4de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  408.358569][T13125] RAX: ffffffffffffffda RBX: 00007f4471a4def0 RCX: 00007f4470b90eea
[  408.366625][T13125] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4471a4deb0
[  408.376016][T13125] RBP: 0000200000000180 R08: 00007f4471a4def0 R09: 0000000000800700
[  408.384231][T13125] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  408.392375][T13125] R13: 00007f4471a4deb0 R14: 000000000000046f R15: 000000000000002c
[  408.400378][T13125]  </TASK>
[  408.403440][T13125] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  408.410716][T13125] CPU: 0 PID: 13125 Comm: syz.1.2628 Not tainted syzkaller #0
[  408.418173][T13125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  408.428233][T13125] Call Trace:
[  408.431512][T13125]  <TASK>
[  408.434443][T13125]  dump_stack_lvl+0x16c/0x230
[  408.439145][T13125]  ? show_regs_print_info+0x20/0x20
[  408.444369][T13125]  ? load_image+0x3b0/0x3b0
[  408.448893][T13125]  panic+0x2c0/0x710
[  408.452791][T13125]  ? bpf_jit_dump+0xd0/0xd0
[  408.457308][T13125]  __warn+0x2e0/0x470
[  408.461302][T13125]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  408.467313][T13125]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  408.473304][T13125]  report_bug+0x2be/0x4f0
[  408.477653][T13125]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  408.483654][T13125]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  408.489632][T13125]  ? ext4_xattr_inode_update_ref+0x4fd/0x550
[  408.495618][T13125]  handle_bug+0xcf/0x120
[  408.499870][T13125]  exc_invalid_op+0x1a/0x50
[  408.504469][T13125]  asm_exc_invalid_op+0x1a/0x20
[  408.509322][T13125] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  408.515931][T13125] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[  408.535654][T13125] RSP: 0018:ffffc900032d71c0 EFLAGS: 00010246
[  408.541736][T13125] RAX: 6910895c9cedfc00 RBX: 0000000000000002 RCX: 0000000000080000
[  408.549713][T13125] RDX: ffffc9000d82d000 RSI: 000000000007ffff RDI: 0000000000080000
[  408.557690][T13125] RBP: ffffc900032d72b8 R08: ffffc900032d6dc7 R09: 1ffff9200065adb8
[  408.565670][T13125] R10: dffffc0000000000 R11: fffff5200065adb9 R12: dffffc0000000000
[  408.573653][T13125] R13: ffff8880524618a8 R14: ffff8880524616b0 R15: ffff888052461700
[  408.581647][T13125]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  408.587385][T13125]  ? ext4_xattr_inode_iget+0x3df/0x600
[  408.592866][T13125]  ext4_xattr_set_entry+0xcda/0x1e90
[  408.598184][T13125]  ext4_xattr_ibody_set+0x254/0x6a0
[  408.603395][T13125]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  408.609312][T13125]  __ext4_expand_extra_isize+0x306/0x400
[  408.614963][T13125]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  408.620532][T13125]  ext4_evict_inode+0x7ed/0xea0
[  408.625410][T13125]  ? _raw_spin_unlock+0x28/0x40
[  408.630279][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  408.636181][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  408.641400][T13125]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  408.647312][T13125]  evict+0x486/0x870
[  408.651217][T13125]  ? __lock_acquire+0x7c80/0x7c80
[  408.656260][T13125]  ? proc_nr_inodes+0x230/0x230
[  408.661123][T13125]  ? do_raw_spin_unlock+0x121/0x230
[  408.666328][T13125]  ? _raw_spin_unlock+0x28/0x40
[  408.671183][T13125]  ? iput+0x70a/0x920
[  408.675170][T13125]  ext4_orphan_cleanup+0xbd4/0x1400
[  408.680394][T13125]  ? ext4_orphan_del+0xba0/0xba0
[  408.685355][T13125]  ? ext4_register_li_request+0x183/0x940
[  408.691090][T13125]  ? errseq_check_and_advance+0x66/0x120
[  408.696737][T13125]  ext4_fill_super+0x5de4/0x66c0
[  408.701691][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  408.707951][T13125]  ? __might_sleep+0xe0/0xe0
[  408.712619][T13125]  ? read_lock_is_recursive+0x20/0x20
[  408.718099][T13125]  ? snprintf+0xdb/0x120
[  408.722350][T13125]  ? vscnprintf+0x80/0x80
[  408.726688][T13125]  ? down_write+0x162/0x1f0
[  408.731218][T13125]  ? down_read_killable+0x340/0x340
[  408.736450][T13125]  ? setup_bdev_super+0x56b/0x660
[  408.741506][T13125]  get_tree_bdev+0x3e4/0x510
[  408.746202][T13125]  ? vfs_parse_fs_string+0x160/0x160
[  408.751677][T13125]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  408.757940][T13125]  ? setup_bdev_super+0x660/0x660
[  408.762980][T13125]  ? apparmor_capable+0x137/0x1a0
[  408.768010][T13125]  ? bpf_lsm_capable+0x9/0x10
[  408.772756][T13125]  ? security_capable+0x89/0xb0
[  408.777722][T13125]  vfs_get_tree+0x8c/0x280
[  408.782150][T13125]  do_new_mount+0x24b/0xa40
[  408.786776][T13125]  __se_sys_mount+0x2da/0x3c0
[  408.791462][T13125]  ? __x64_sys_mount+0xc0/0xc0
[  408.796319][T13125]  ? lockdep_hardirqs_on+0x98/0x150
[  408.801525][T13125]  ? __x64_sys_mount+0x20/0xc0
[  408.806291][T13125]  do_syscall_64+0x55/0xb0
[  408.810710][T13125]  ? clear_bhb_loop+0x40/0x90
[  408.815393][T13125]  ? clear_bhb_loop+0x40/0x90
[  408.820079][T13125]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  408.825981][T13125] RIP: 0033:0x7f4470b90eea
[  408.830404][T13125] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.850108][T13125] RSP: 002b:00007f4471a4de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  408.858558][T13125] RAX: ffffffffffffffda RBX: 00007f4471a4def0 RCX: 00007f4470b90eea
[  408.866553][T13125] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f4471a4deb0
[  408.874536][T13125] RBP: 0000200000000180 R08: 00007f4471a4def0 R09: 0000000000800700
[  408.882613][T13125] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  408.890599][T13125] R13: 00007f4471a4deb0 R14: 000000000000046f R15: 000000000000002c
[  408.898793][T13125]  </TASK>
[  408.902401][T13125] Kernel Offset: disabled
[  408.906724][T13125] Rebooting in 86400 seconds..