last executing test programs:

1m42.208191074s ago: executing program 1 (id=88):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) (async)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x88800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9}) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0xfffffffffffffffb, 0x6, 0x0, 0x4, 0x10003, 0x0, 0x400200cc4, 0x5, 0x7d, 0x0, 0x0, 0x0, 0x2, 0x1, 0xb9, 0x8d], 0xeeee8000, 0x2011c0}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m41.962495545s ago: executing program 1 (id=90):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f0000000440)="$eJzslr+PEkEUx78zu1nAaEwsbSwkUQuX3UWNjYk0VhYm/iAWJhJZCbJKAhRCYtC/wN7EwsLef8BE2/sjLtxV13DdNdfsZXZmd+cICxwcUNz7JDy+s8y8ffPe5A0gCOLCsr93NAqRj/RlFJFTzw+MdA7X5u/mD7/8f/qk+v3N753cyC5M8xmGi7/fBPCvYqCXrD29uqi+X4An+iU47ihdBYOt9FtwvFLaB8NrpT9oui3m2/b7ZuDb79pBXQhHGFcYT5jyZHzjbwx1LT6m/d7tD1q1IPA7axTz8jeucDzS4tPrZUNG62j5c8HhKl0Gw3OlHyIX50amRNv/dTP1b8zcv4V1Z0SEcoZV165klsoCsFwYAEsc/sRK28FXdWTXeYYyhIFIxBU9J8/GhnYhDvqcOTA3nlW2WjKXqcXfx3JN/CQcynE052qGw3C44CssLJONtD+Fvxhuaf1JtpIf0VUjSljq9gd3mx9rDb/hf/K88gPnnuPc90pRI5J2Rv8rRP3pUup/6p0ksJiFz7Ver+NKm4w9aad1XB71P47bN+VYFNea8JvXNFMfEyaY7L2tP5nREwRBbI8bYMehwoyFuk2g/dd9tsUYCYIgCIIgCIIgCIJYjZMAAAD//4U6Q1I=")
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)

1m39.455574575s ago: executing program 1 (id=93):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x18f)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'})
sendmsg$ETHTOOL_MSG_WOL_SET(r0, 0x0, 0x8004)

1m38.89058251s ago: executing program 1 (id=98):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000005000000080000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000be0adafb00000000d14b5be400"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvmmsg(r0, &(0x7f0000002f40)=[{{0x0, 0x0, 0x0}, 0xe}], 0x1, 0x1042, 0x0)
r2 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@grpjquota}, {@prjquota}, {@usrquota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@nouid32}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r7, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_SYNIC2(r8, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @sint={0x0, 0x3}}]})
ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000000140)={0x0, 0x401})
ioctl$KVM_SET_LAPIC(r8, 0x4400ae8f, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="210326bd7000fddbdf2501000000080017012900000008000300", @ANYRES32=0x0, @ANYBLOB="42fdb8fb652a97a3740078665fe7bf2c8d8573bbeb86035d72badc3a56dea603401c4da5fb08ad8cf783b7cfb0c32dc9b8ae7bf67cb4a27c23b4eec3b920727c805c518d93be216dc11a9a660374cdad9f9ec40aa71b343b6a56da0449c144b46642aebe36ba14c248b411401dc5adfe55d1"], 0x24}, 0x1, 0x0, 0x0, 0x4004040}, 0x50)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r3, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012bbd7000fbdbdf257f000000140055006111d6ec0a4f277b8c6a56b15d1cb49714005500faf937dadda2ed3cf7a7b51b2158df09"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='ext4_ext_rm_idx\x00', r2, 0x0, 0x21cd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000073119900000000e694005206aa7200"/32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x80021, 0x800000000004, @tid=r9}, 0x0)
r10 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x4206, r10)

1m37.490950022s ago: executing program 1 (id=102):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x9f, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8d, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}, [@mbim_extended={0x8, 0x24, 0x1c, 0x4, 0x4, 0x800}, @acm={0x4, 0x24, 0x2, 0x8}, @mdlm={0x15, 0x24, 0x12, 0xf262}, @acm={0x4, 0x24, 0x2, 0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0x1}, @dmm={0x7, 0x24, 0x14, 0x3, 0xf8f}]}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd2f)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0xffffffff}, 0x50)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004"], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000240), &(0x7f0000001d00)={0x0, 0xfb, 0x1015, 0x8, 0x7, "4e62d5fa47c67b47c9231f1dbf19949e", "6822d1bd7241ac3eede8bfbc1c37e8b90699298c3f95c499b6414ac4120ad420dd03da474d398c50d06a8ece0880e7856af2333bb1c91539a50857cd4fa1c7f5aa70bd5759a5b07aadba1662a026f773dfe80673a6263d656933c7b796153da33ce3e15cbf3b49e5ce884bb5efd760ef9d92959c5078f0bfd58e090b615a1f5318503c7bf1366f9438ecfcc1b612d45089a181aaed63720262153620db397c4d217c6b50d8f26368881717585827f535fc61cd99a13964349fd48ff5f20d1a3cbc0ca188ac11b590f1c2ac18e60cb793fda628a4e5c73ea7f7dc3b1a45abdb10f46b31a635e6950b78122e60292af0ef27ac148aa084db43b5e48e48dac5fd3857211a339d9de73498ccb161be481ccb23214b5f6d7321b5074f59d01bb37329ca7b055389b5f64984a1aa8dcc7946b9afe019cbd97bd282af6bac18f2b5c21ac93a542c4e959d34d9b25c80d3b4e4e75674dfb61de5f55f7524db7ceae9533a908371647264b70b8c230c2fe88cb4b27db58213ec0c6f071bef340cd4f5997dc2743175cb493bdb05f76855723d1cb9af54b255e8449b71760e7fe8c3043be7007696c0cf0eafb4c8634afc3be0ecc01bf5f9c8d8df2eeb3141a11e6abd32ba6e48f35712090e581537713acb28042748589c494a3f54898e183415d41778c935d7398d2af75ec953973e8d4fb58fc055c13f473cd7139b3dfeb69c3cc87187fd0f250f235604312b0d02d25befd651c9777e29ae39a05a4e8efc96c2a68b2d60b95c7824b1957a236af3dfdaef5c5ae4a8c8e4a31075ca5de2d11a67bf57b47c1dbb7914a6e2d250e4a88486401897141101cf7318b9bd5299cbf01fca5c4d09283251f7ca23e34734e0f7b4d2a359d3ba10b0f936fd6d4cd6e71e39bcac92b558fdcf4d795c4071aabd3c8cbb7a0370f5afe23fe083e1e35dc4b8f63a33c6296dac0cfb99bf482c8c701f0fba781bd006ea3de70c7419e8901be011788429a3fc52b80422c4fc737df791f6caadcf4d04e443d002c8e4e71e42d395ea7c1d7885d48d80b9d38c768bdaeb28a867026bb78226f09dfac1de89b81ac7cc03b03cc0111839a03f9cb355570fc431fd6de9caa9c649878ba405bb02f4e0752b935e6bff2a3a64ca911dfba6e3a2793988d3885d413f63588c575f85388ab50051c5154efecb381ceddd8c43fa4457af7e6090a85cfef0ea97b7df2c834a837970b82e449f6d5b4d518903fa8a383b95806f54879fc4197f2b32a105fcab28fc6dd5d80e9965ef80810ef764b4987f765b72ce23d64b20fc0bab1ec3aff24fd6443ec421fe78dd155c933fde986cdb21893b0823c9f1f0f8346d08095b0962f4099e416b5da19e17003cf4bf046dc52a01de25103ec47329e0eba789cb868f486f437f7ab08d0bddcedc5074b511b1a42b722bdbbdd21b2b499bf5749def6390687801785135a052c2252886f3fab38c1ea63688eaf7688b71dd5474c1cdf6ec6bb5dc22bcd058e0a1db77f6ce1de49d74ebfab44a698fee58aa51107bfa1b436f600d1588399e2cac2495edd4ee1a765512045c8ad5ded459ec932880c3b6dfac8e86a0cbb2022115a4b9b1887220d542e73657f3d90db59be08699bd30c368f539cbccac515a93a3962680dfec0882e0169ebdb2a9dab9de64e011cb73f033f2792d48377d2df24cef54a249ef0ae6ea553f939516319a67f55e30fd62c9292bb16d591b9315d43f694effbe2dadbcc8c3aef264949f0c64d72413f9c11a57df59dbf55db821b39b8ba9e415870192b864f362b99110ecc12ba1086aef4477ce981e37d656916458d60c158357687e616f633e5f5ea9b93a534009976b7edc2f1bf8ef8d0cbc65feeed4e66a8c7bc63a6f9a20f2bf983cc7c01d4a8bb9990215f9c08834043c1c64e4843c3824621dae27e234062533600b36dcb0b4a0f1cab315241d962b157a87af44a3ecb1c023c877374de9533ea726d0a7ae91fd9eb433ade7619258a39fd39787693c376a4c3c7e960d0c0faae7ea031b5f0b95ec5947f5649c88ebc6c8966aa8db5623236e94832289462767c4aa2c1cd7eccd687a9f199adf01f06383246af0e86838f849997f390c1e35134006e16e4aabe6291b92a0d148575314211a5b3cd8ac783776caad7db2407db42c5fb94e58d6655d45d17d86f1da97a66d7f000a3a754611ceb3d6bce829c64ec6d160e0671fe54c711da3dac0e0fe75a9f62f1344765d9680bb552b37b300369d51a677a06dfad4ea0abaea4baefe9d67191734d35b3c5dc57441d47d5b503086b75958222c9cb5ca96af9f3469a678f58533bccfab682d0f71e99e0e14ffb68657dc230671e39e2cd9a59af31d4233e0829dc675cb769b12a02d6232cb2146fc4a24a70364587adaac49931f46ab3c560c80f0ef4d250b416c4c52ef7266bf20b52a93289e0d02d0fd1b23ed3c48487c6964dea4490da2ab62d6718db80fa6ff63aa04ad192ca1ee82644ce65e79c8b7d62d614e37b3680a31305d83f2320df386fb6d084c9cac2aeff7f5b42f6d70011bb35c9748e14b479b10111b080c310e63de30079c3f703d802030d87b3e9a8e301f609e95cca21434cc953e54800ada811a420c0590b576da974a89efd5b4d228fa8a8d276e8d8c4ffd1ca3dcbeeb5e93bb209fc29fb42b5e9378aad3ecb4885dc36fdb7a941b1739faeefe921260b249c53d543b29455d2a69d82b1bd164b4742cc38d92ecaad99c74c68db2b67ffaa0a0e7512f6579b10c60b69636083daae0ce61e028c67628018f7e9a45790b478de831a4903ef0be579069e91a87e047cff9ce80da5f30cb4734680d407bf06f4d10126fa2e7c2d558493803e65bae7996ea1441e58378dd6c197159f60860b3baf28c6ce3240daf0096cde66eb8faa45e2fd6c32b700a40ad11813cdc97321a2d378a4965b05ceb6135ef120c6c8f557953c69940958809bcb92d4f0d8f7ea16f9e6a0b84bee834b50614ed9269a22535bdf3ee853d067f23574a8b07a301138b775261f284b45e0ad6eff73b832c6b5f9df595e6d46e67021a7ba17121b386e93d2a8ec1c60539ba13bbcefd08bc56e15c0ab3b1d2aa00b256a18c2c526fb55beccc308866d7b59386bf748b4f1d9812d574438e8c2aedf2e0de11e7668ef50438f18d7ddd910dd8a0c3e741bd6f907b49b8dc0cbd4e61a8f69f7ee8d10d3824f2ff3f64798b0a71e228864f735b730d1486dee63dfa6203ba7c03252c58f89e3eee79995f5d25270038b804325f6d34aae1d991ef6679fc52863f4c2ed8b0cff15775d12e40085bd0ffbe8425139b7f0bdcd457075bbec2d2c3a721b26bf3007d01e0c5e1830b6e09a08bc8d64655ced0eca2bfecc91a65138a071fa05d2821a2c5408a3167f677190c79f877a51dc6e80f9b423ecc4f6f1bf2f8046c918f4990a492d55611ee8732f3f7df0cafe3a549dbbf5b64da3a054f52104f08e23e7124690f4467488598fddf9061e02497afe579f49f15f326b3b02a9b3277aeb053327537e342b888806b8bb1fe9befecb874146b2299f4ca07c69f55f9a16fb956b89df406521a79ca8022ba4f4c858264e780922b0e52287e376fdb3cce6efc13f566b5435fee06c2ba51b20b63d738c7ff1f163f0f875eb4a69a7e32107aec55654e711881adbd0a653ca1c62d75a8a99d7231d401fa873dc4de3f39749561ab917b7ebb19ddb408fad6a903d02c02de15bee6633ebff024e0629693298a00475b3dd0c6cd9cc9b032f9f9bf1a44bb57f766f1b095711408f955e8102a92d2555131744b9f2a2e855e2dfe6493c20ae21029e5275d60cea8b48201865ead1f8110555f7e44988f411a3de479f12e17fb6413ee4d4be76cdce288e63462f4b00f02476c785374fdfca2a7651e5fe20d4e49c85b0b51a9baa3fb0cfcd3b122d829e302d53128d2afdec2959c5db6f85116616c4fc6b052cccf6b0d4e0dbe01e16e311709f902c3e5ae3eabfb2b5a6780d18838f4416d4de1e6a0cb39199a58db70b98d9df4d11d5fff788ddc3ba1a0f5350e425b2f66e355b4a9e32472d465999aa9ddd6aa600c6c69654a2eb395e7a276317061bbb57be16f84fdfcd55bc8ca41cc8e5845c163e7f15d9867c8f296bfaa2935cebf2c47991c3672452898ca14adaf6d3720f09dcde507b8da0e24c611de3125897ca75dec0048064eb1d087c388e4f0efc7ab68ced848404bd8cdb47cef6eb2154c475efea3cb225d84d71a4fbac1a49e1fb4415f85e85c805ed980bb981e9d89ab45a3e319ee9aabd2b0ee2b9ef3db9db21d3f30ed97f2ec098394c72205a35e390c62d8ff30d3e4a440f469767f71b0b70e35ebc9affc6e2f3156b1c6e825b61eed297695d9d9de72da0abbb347bf1b36faf6cd4c7252cad50986104f8424af36e99b24269ece877eab5bf7add30248ad49e0add6d6643371f856ca811b3b09e4fd888ba3d94186fc2291fb97dce6b3c1aabb3e9bc137095fac9490ca61e2ce68cd1f188d8cdbca7743dfec25f99a4d506cea51fe58d738739e4074b21fe041391a77db91c347f24fa38671a359afe1a2595c66e6d7f20a1fddd365d847cb532e879c8dae3bded47462cdfbd82c3e78e2e9110e319cc5e277c992714721b3543391c84959dbd16dabf1acd50cca93e928d573284246edff3f95bad13cc7d803fb12ece8e57098794bb7a216d7786422a2d29ca4f33c154dd6d258f0cd896dbefb9e7b12ce519631d123e266b30d559e0a93eb26193d3ff83e54e758047ba2ca6ce0b599c9596f257bf7e2b0f4525a56d709987ae7bb3a2c3d76fd71581922c9f80016af19e32471f272d9c5fb9824340ca8e237c94fd56de064a36384d0d128210e8ca2df67fa51a4b788054957fed69f852d1e901b68166c183814fa6754c9b433c29efae27c4a0dd838db1d8ff58ba24686e140dcf1fb873745fca314bb6a971e3bcbebe4d3c866e7a81431669f1114916e8dea46a2a7c70b2278250dfbfea429832d45a3e2ed7a42dd4021b459d344d15fae5011b6df9271038a0632540f9086c1747049959ecfc65842b52cb79fae63e1c43026bb7046ff3392858a8db16900d03f7015999924f02212b272278d723dfd01fb2ad2f50b51de7a84509700e3ad760415b4e911a82c80854cdf1954e8ac11a330bc4678a910be05b597b193623ae297aabaa0df6c32e073f0c9cad9d72eebdf5f165154a349239fad204f4322351f7811a32e4847eb1f57aa43ec082218dcd8143131cf5a2bc8d8896d0735bf3aaa53bd5fa3e6c2c710e6e8fdaf011394e198745f16ed4263a2b9f65998da882bd12abb8262ee1d1933ddd98ac87c15525cd68d23ee3275fa787375143408de34aafc19c6111aeaa6f84771bf5a4c6b8e7b81851ddb558bbbb7905f01f693eebcacf0729803068218e3a7e3b513f669ededa84c6353b47ca22c318a8080e5264bf18f000ffa30d314fb0bbfc402709b7b0f01db35f71163b762693465c65b1e3b8657dccc987ee6b726eb451839c0d557d6b84a02b328a763fdbc4d24e21467d594f713c936922f4b27967d1ab95366ffdfd5d3bf0777b2c422aefd5e87c6785340b931f548237785afd7ad02be59d60d5c39b6509b6c9d2f4423d34d0e58e8d8b2a6328357adc63ddbbd2ae4c4df3f57b5910ff78be15cbf3968000ac6a7022944fb7c99d009601b299d511b8ea4836b629a7a90ef4352c17db7aeaab3ea8ba1f53c3e877492eafdffc2cb74ead38e0b533b1882dd7e3323bbf2aec6890f802d2d75640167e92dc396d41f558d98d9749eedcc"}, 0x1015, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x1038023, 0x0)
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f0000000300)=ANY=[], 0xb, 0x0, &(0x7f0000000300))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

1m37.30648742s ago: executing program 1 (id=106):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getpriority(0x1, 0x0)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
add_key$fscrypt_provisioning(&(0x7f0000000140), 0x0, 0x0, 0x49, r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, &(0x7f00000011c0)=ANY=[@ANYBLOB="b702000000000080bfa300000000000007030000fffeffff7a0af0fff8ffff1971a4f0ff00000000b7050000080000001e2400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9171e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62dd7c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18568136207304e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100d33128954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e117e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3feec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f864b0ba45efbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90104c48e41d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b81da301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3040000002e334319c8979c322e92fbc2c400009f2404b941553843de114fdb03c19d606bd760c40f7f28360820b82d548198041562bcbd9edce223b54cf3c35823f3c446f0a20160ac181c96606dbc967673aca98d6f5637b20fd2809a29ea5e40139a19415f7fc5d852209bdfed74008651752b5e052412d3e00a44417b7caf91a173925a66ee6e30723e73f3b7d66d2a5d09ff40c0bc6e7a5cfef7f327018578892a23014c3629f2e41af619f0d9f0ec8d551415051ff94391c03f3501c928ed7818af61729278f84d4730ef28af4c202e0f175e2a5cbddc8b973e2701b33f1b963025220c04817010b6fb70"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x100}, 0x10}, 0x94)

1m37.190330585s ago: executing program 32 (id=106):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getpriority(0x1, 0x0)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
add_key$fscrypt_provisioning(&(0x7f0000000140), 0x0, 0x0, 0x49, r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, &(0x7f00000011c0)=ANY=[@ANYBLOB="b702000000000080bfa300000000000007030000fffeffff7a0af0fff8ffff1971a4f0ff00000000b7050000080000001e2400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9171e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62dd7c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18568136207304e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100d33128954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e117e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3feec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f864b0ba45efbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90104c48e41d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b81da301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3040000002e334319c8979c322e92fbc2c400009f2404b941553843de114fdb03c19d606bd760c40f7f28360820b82d548198041562bcbd9edce223b54cf3c35823f3c446f0a20160ac181c96606dbc967673aca98d6f5637b20fd2809a29ea5e40139a19415f7fc5d852209bdfed74008651752b5e052412d3e00a44417b7caf91a173925a66ee6e30723e73f3b7d66d2a5d09ff40c0bc6e7a5cfef7f327018578892a23014c3629f2e41af619f0d9f0ec8d551415051ff94391c03f3501c928ed7818af61729278f84d4730ef28af4c202e0f175e2a5cbddc8b973e2701b33f1b963025220c04817010b6fb70"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x100}, 0x10}, 0x94)

1m25.04319188s ago: executing program 3 (id=192):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
getgroups(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0)
r1 = epoll_create1(0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
shutdown(r2, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_send_signal(r4, 0x11, 0x0, 0x4)

1m24.989238382s ago: executing program 3 (id=193):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000002000000"], 0x48)

1m24.704903014s ago: executing program 3 (id=197):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0)

1m24.704709814s ago: executing program 3 (id=198):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000000), 0x6, 0x507, &(0x7f0000000680)="$eJzs3b9vW1sdAPDvdeKXNM996YM3AAJeeRQKKnV+tI2qMtAuIFRVQlRISAxtSNwoil1HcVKakCEd2ZFaiQn+BDYGpE4MbGywsZQBqUAEapAYLrrXbpImcR3aJKb25yNd33vOdfw9x845x/c4zgmgb52NiI2IeC8i7kbEaCs/aW1xvbll93uxuT6ztbk+k0Sa3v57kp/P8mLXz2Tebz3mcER8/zsRP072x22sri1MV6uVpVZ6bLm2ONZYXbs4X2jlTE5NTI1fvXRl8sjq+nHt18+/PX/zB7/9zRee/WHj6z/NilX62en83O56HKVm1YtR2pU3GBE3jyNYlwy2fn9492St7VMR8Une/kdjIH81AYBelqajkY7uTgMAvS67/i9FUii35gJKUSiUy805vI9ipFCtN5YvjNZX7s9GPod1JoqFe/PVynhrrvBMFJMsPZEf76Qn96QvRcSHEfHzoVN5ujxTr852840PAPSx9/eM//8aao7/AECPG+52AQCAE2f8B4D+Y/wHgP7zP4z/vh0IAD3C9T8A9B/jPwD0n47j/6OTKQcAcCK+d+tWtqVbrf9/PftgdeWbpQcXZyuNhXJtZaY8U19aLM/V63PVSnkmTTs9XrVeX5y4vJ1srK7dqdVX7i/fma9Nz1XuVIrHXB8AoLMPP376pyQiNq6dyrfYtZaDsRp6W+GV1AEL9QA9a6DbBQC6xvd5oH8d4hrfNAD0uE5X/m3/ROiJxV/hXXX+s+b/oV8Vul0AoGvebP7/W0deDuDkmf+H/pWmiTX/AaDPmOMH3uTz/x9G6/N/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6FOlfEsK5Xwt8I3stlAuR5yOiDNRTO7NVyvjEfFBRPxxqDiUpSe6XWgA4C0V/pq01v86P3qutPfse8m/h/J9RPzkF7cfP5xeXl6ayPL/sZ2//OT244eXv9KNwgMAe13fn5WP35Ot/a4L+Reb6zMvt5Ms4vMbzcVFs7hbra15ZjAG8/1wFCNi5J9JK92UvV8ZOIL4G48i4jM79X+4K0IpnwNprny6N34W+/QxxN95/pNI0zTdiV94JX4hL1u2L+bPxaePoCzQb57eaPaTWbs7tbmeNbFW+yvE2Xx/cPsfznuot/ey/9va1/8Vtvu/gX3xk7zNn91Ov74kzy//7rv7MtPR5rlHEZ8bPCh+sh0/adP/njtkHf/8+S9+0u5c+suI83Fw/KZa3s2OLdcWxxqraxfna9NzlbnK/cnJqYmp8auXrgyM5XPUzdvfHxTjb9cufNAuflb/kTbxhzvU/7BXvL/6z90ffek18b/25YNf/49eEz8bE796yPjTI9cPWr57O/5sm/p3ev0vHDL+s7+szeYHRzFgAwBvrbG6tjBdrVaWOhxk7zU73cfBu3kQGxEnHPQbwxH/F3V30O6g2z0TcNx2Gn23SwIAAAAAAAAAAAAAALTTWF1bGIrj/TpRt+sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7/pvAAAA//9w587+")
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x3)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0xf5, 0x20000}, 0x20)

1m24.5674023s ago: executing program 3 (id=202):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x29)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1m24.224686145s ago: executing program 3 (id=205):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)

1m24.104289421s ago: executing program 33 (id=205):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)

1m14.748020922s ago: executing program 0 (id=498):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f00000000c0)=0xfffffffe, 0x4)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4000804)

1m14.671131306s ago: executing program 0 (id=499):
capset(&(0x7f00000001c0)={0x19980330}, &(0x7f0000000200)={0x1, 0x7, 0x4, 0x1, 0xce5, 0xbc7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xd4}, 0x94)

1m14.658585626s ago: executing program 0 (id=503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)

1m14.454293515s ago: executing program 0 (id=514):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1a3a700080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010007b0000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

1m14.441425626s ago: executing program 0 (id=515):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc27d}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)

1m14.374850019s ago: executing program 0 (id=518):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000007c0)='afs_reload_dir\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe64, 0x5, @empty, 0x82}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r1 = timerfd_create(0x0, 0x0)
readv(r1, &(0x7f00000009c0)=[{&(0x7f0000000200)=""/33, 0x21}], 0x1)

59.129898719s ago: executing program 34 (id=518):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000007c0)='afs_reload_dir\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe64, 0x5, @empty, 0x82}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r1 = timerfd_create(0x0, 0x0)
readv(r1, &(0x7f00000009c0)=[{&(0x7f0000000200)=""/33, 0x21}], 0x1)

44.916863884s ago: executing program 6 (id=1288):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0xc)
openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x8c, 0x200)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@union={0x0, 0x0, 0x0, 0x5, 0x0, 0x7ff}]}}, 0x0, 0x26, 0x0, 0x1, 0x32e}, 0x28)
ioctl(r3, 0xffff454b, 0x0)

43.6643834s ago: executing program 6 (id=1318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c)
sendto$inet6(r2, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527c3314eb7b2cc38b61e96403a30a8ba0c8a357aa04d3c62bc51bcf55cf214f44a909b29c30c18c3a43c86472612086664a80f2aa8490e58352732acb96eb46deab42895d1957a6029ad86e7a5ced6bde89c158aaee721954beeebe5973059007f7dd5459029af6d3f1d73d35f07d19b7cedfc80d1d7ef37f8b113f564afd0f093202929fef43e788619ca522c7f679dd2f27949d879b4dab46581a0e054b4ed1db37e43f528748b56ec5a54b7af198d4ae551046f7814fe3a5cbc1cc7cb6655fc198939b049f3c02443148c588e34d6ebef81096b4e48f468016d2bde0828664c0874d71e2d88b3bc04079d4a504255a83c3f07a4f1c3e5a4c66f55f36e51e344392487c8299d8d1bfb568780c0d57df48990cb5d6b35c3f7445f80312186d8598faf61072d4eefc961fb5a7e72b971c8f94a8346effd27362cee8d72a98b55e317de280d2d63ee83ca7140b7913122d402c536d914c8510c81d08f0ad1c952f5b7ad5e7ef72d7c58cb4d5bafbea535b381df6ebe94c62cf782cf7ab81c017c296a88ca91d641b45748d230cf5e87e5dbee4764ea4d131ae022e6bbf3ffc3ea7b264737d9db44354bfffa63d79bc403d3ac23fb615edc382d18b0daf1bbb2fbd708d1830ddac1c3f098b8cb1ef9a0019d804bf5d953110f12f3b9a8b9b7e0c61cb5d34116add1fc9a92721ffa5fdc83e1488cf88aa6e56ad2dd55e0aadd827cc7b4e7242f01241f49e905e5e7451092c28c3f6560a6a0002e5d91fc253a5a8fd8f27e42f4f02f5849528b7d93df9b0c568022acaff410e797e88d2f8eeadbba66e423335b843df734d203fa62a861b712da8f33d5ea721767871aa2cd53e659e505507de9a54d7e6fa3c20bbfb28cd6dd2b314dabbb59e9ce15c0a94ec3b3efc54eaaa27bd7576a687dcaf58dc182662539943014a02e76dc89f48c9f83cc7199038418f965ad3dc866098b89cabcac8691b0f51ffb71902337e49293309c4480a8f1b32411cc1b55a0ec0fe2c2572fe9d488a25bfc12ba74048e1d7beee93321c7aa49ea17cb9728dc46e5272154b3b995feacbacb8885621b335274af4df9365f8c8121ff323b572d320c8fc46acd6218b9579d43005e7b0506ccb14d9a0dac4cc6efaf5366c44342eaea8b5a11457f5afbea913ce4975ab67e6a85bc46e714ca5741da38a7cceb9e85d77fd03f83f7a5ecc7241e69e2bda327f769b48ba5f13662585c72778d12bd0e9a62a3d0dbe376d1aee81e6845c2cf23f42c458ae5668c8d387bf9ab224bc9703f1c08347be810d2f19278fe8d97560b3c9f1816667d0461a25e778eb1404dcaac1ed0a6a0745f3a5d2dc1b6babf98f5135d531cb26334ef2fec4c78c95b7193935139664fc65f17b047eb3dc39e251ba52ce33f8099719f1a789db1690347355e7b02d4c522692b9597fd31abb90f973ae4eb0bd0d900cdd887ff01d4845d7f0aee39b220a65a5aeee0fd386054070723c841c042d5339cc6325f07f0f733d124c6524f388ef7419f42c06278b8fceaa3a16b202dfb539b129762397e29cdd679ca6240272fa0c3e2e8c0a27aaa407f30b4024d0638dfca1bc9483db3ccc2880f", 0x5c6, 0x6d91fb6102d8910c, 0x0, 0xfffffffffffffe38)
sendto$inet6(r2, 0x0, 0x0, 0x40000, 0x0, 0x0)

43.548827115s ago: executing program 6 (id=1321):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendto$inet6(r1, &(0x7f0000000000)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d270005000a00070849935ade4a460c89b6ec0cff3959547f509058ad86c902007a00004a32000407160012000a0000000000e000e21800003b6ed538f6523250", 0x78, 0x2251197285d36a80, 0x0, 0x0)

43.496411227s ago: executing program 6 (id=1323):
syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nodioread_nolock}, {@user_xattr}, {@mblk_io_submit}, {@jqfmt_vfsv0}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x460, &(0x7f0000000dc0)="$eJzs28tvG0UYAPBv10nfJaGURx9AoCAiHkmTFuiBCwikXpCQ4FCOIU2r0rRBTZBoVdGAUDmiHjkBRyT+Ak5wQcAJxBVuHBBShXqhcECL1t5t3cQOdmzXLf79JMczu5Od+XZ37NkdbwADayz/k0Rsi4ifI2Kklr2xwFjt7eqV87N/XTk/m0SWvfpHUi3355Xzs2XRJGIof99aZMbTiPSDJPY0qHfx7LmTM/Pzc2eK/OTSqbcmF8+ee+rEqZnjc8fnTk8fOnTwwNSzz0w/3ZU4t+dt3f3uwt5dh1+/9PLskUtvfPdF3v5txfr6OGpGO65zLMZu3Jd1Hu1467eW7XXpZKiPDaEtlah12uFq/x+JSlw/eCPx0vt9bRzQU1mWZRtXLa2UieWsmU1N1wC3jST63QKgP8ov+vz6t3zdxOFH311+vnYBlMd9tXjV1gxFWpQZXnF9201jEXFk+e9P8lc0vA8BANBdX+Xjnycbjf/SuKeu3B3F3NBoRNwZETsi4q6I2BkRd0dUy94bEfe1Wf/Yivzq8c+Pm9cVWIvy8d9zxdzWjeO/cvQXo5Uit70a/3By7MT83P5in4zH8MY8P7VGHV+/+NNHzdbVj//yV15/ORYs2vH70IobdEdnlmY6ibne5fcidg81ij+5NneVv++KiN3r2H6+z048/vneZuv/O/41dGGeKfss4rHa8V+OFfGXkrXnJyc3xfzc/snyrFjt+x8uvtKs/o7i74L8+G9peP5fi380qZ+vXWy/jou/fNj0mma95/+G5LVqekOx7J2ZpaUzUxEbkuXVy6ev/2+ZL8vn8Y/va9z/d0T882nxf3siIj+J74+IByLiwaLtD0XEwxGxb434v33hkTfXH39v5fEfbev4t5+onPzmy2b1t3b8D1ZT48WSVj7/Wm1gJ/sOAAAAbhdp9TfwSTpxLZ2mExO13/DvjC3p/MLi0hPHFt4+fbT2W/nRGE7LO10jdfdDp4p7w2V+ekX+QPW+cZZl2eZqfmJ2Yb5Xc+pAa7Y26f+53yr9bh3Qc23NozV7og24LXleEwaX/g+Da6juiV9gsPj+h8HVqP9fiLjah6YAN5nvfxhc+j8MLv0fBpf+DwOpk+f610rsONyrLf/fEpWebPnXjyN62/hI+77r1p9Ib41m1BIbI6LVwhfiJjVsud+fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//r5Xn3g==")
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00')

42.927209092s ago: executing program 6 (id=1334):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x388, 0x202599ca)

42.764650979s ago: executing program 6 (id=1340):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000200)="240000001e005f80004000000000000003000000000000000000080008000100000000ff", 0x24)

42.677672763s ago: executing program 35 (id=1340):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000200)="240000001e005f80004000000000000003000000000000000000080008000100000000ff", 0x24)

1.328257262s ago: executing program 7 (id=2674):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000"], 0x48)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f00000002c0))

1.293093884s ago: executing program 7 (id=2675):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="08da", 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2}, 0x40010)

1.292989034s ago: executing program 2 (id=2676):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)

1.292371383s ago: executing program 2 (id=2679):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xf1c38fa000000000}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01c21668f6d1d66edb251c00000018000180140002006c6f"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40006)

1.270979495s ago: executing program 7 (id=2680):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x40000020)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000009c0)=@newtfilter={0x48, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_CT_LABELS={0x14, 0x61, "7750939af8543bbe741ddea0b3675c3a"}]}}]}, 0x48}}, 0x24040084)
socket$inet_tcp(0x2, 0x1, 0x0)

1.215091717s ago: executing program 2 (id=2682):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x0, 0x3, r3, 0x230d}, 0xc)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0xa, 0x4)

1.214938847s ago: executing program 2 (id=2683):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@secondary)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@chain)

1.214805717s ago: executing program 8 (id=2684):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0xa39ad000)

1.206960737s ago: executing program 8 (id=2685):
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')

1.191183458s ago: executing program 2 (id=2686):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xc5c, &(0x7f00000005c0), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r5 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r5, 0x3, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

685.87994ms ago: executing program 8 (id=2698):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x200000, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

543.734366ms ago: executing program 8 (id=2702):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000000800004"], 0x48)

426.716522ms ago: executing program 5 (id=2703):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fremovexattr(r1, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00')

307.226647ms ago: executing program 7 (id=2704):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0xfffff000)

307.090747ms ago: executing program 5 (id=2705):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x34}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x8000000000}}, [@tmpl={0x104, 0x5, [{{@in=@remote, 0x0, 0x6c}, 0x0, @in6=@private0, 0x0, 0x2}, {{@in=@local, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {{@in6=@loopback, 0xffffffff, 0x3c}, 0x2, @in=@multicast2, 0x0, 0x1}, {{@in=@remote, 0x0, 0x32}, 0x2, @in=@empty}]}]}, 0x1bc}}, 0x20000000)

304.380587ms ago: executing program 8 (id=2706):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x1400000000000000, 0x0, 0x48)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0x190da)

234.3698ms ago: executing program 5 (id=2708):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5, 0xe}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x0, 0x2c, 0x0, @remote, @local}}}}, 0x0)

191.119632ms ago: executing program 4 (id=2709):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f00000000c0)=0x7, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0xfe, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x2, @loopback, @loopback}}}}}}, 0x0)

190.811762ms ago: executing program 7 (id=2710):
unshare(0x22020600)
r0 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{0x0}], 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4, 0x25, 0x0, @val=@netfilter}, 0x40)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r5 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r5, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r6}, 0x18)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r4, {0x0, 0x7}, {0x0, 0x4}, {0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

189.723412ms ago: executing program 2 (id=2711):
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000280)={0xffffffffffffffff, 0xc}, 0xc)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x4800)
ioctl$TIOCSIG(r0, 0x40045436, 0x25)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000026c0)={[{@numtail}, {@uni_xlateno}, {@shortname_win95}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@shortname_win95}, {@shortname_mixed}, {@uni_xlate}, {@fat=@usefree}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@numtail}, {@fat=@nfs_nostale_ro}, {@nonumtail}, {@shortname_mixed}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}]}, 0x1, 0x36b, &(0x7f0000000a00)="$eJzs3U1vG1UXAODTvM1H85I6C4QECHFVNrCxkvAHGqFWQkQChRoVFkhTMgEr0zjyWEGuEHTHlt9RsWSHhPgDWcCeHbtsWHZRdVDsuPloCIvUHgrPI0X3xPce+4zHM7qb0dm//d3drc2yuZn1Yup6iqmImHoYsTiIhi4djlODeCaOux9vNW7/9tqHH3/y3ura2o31lG6u3np7JaV09fWfvvzq+2s/9/7/0Q9Xf5yNvcVP9/9Y+X3vpb2X9x/f+qJdpnaZtju9lKU7nU4vu1PkaaNdbjVT+qDIszJP7e0y756Y3yw6Ozv9lG1vLMzvdPOyTNl2P23l/dTrpF63n7LPs/Z2ajabaWE++DutB+vr2eownjtn3fVJFcQYdLur2cE1PPvUTOtBLQUBALW66P5/5pnu/6fD/n+Sju//+bc62P/PHF6/J9n/AwAAAAAAAAAAAADA8+BhVTWqqmqMxmr0kPDh/zWXx5g9df5P/dVdH+N17MG9uYji293Wbms4DudXN6MdReSxFI14dHBbGBnGN99du7GUBhZj4e43g/xrv0S0/ncyfzkasXh2/vIwPz3Jj4NxOuaP569EI148O3/lzPyZePONY/nNaMSvn0UnitgY3N6O8r9eTumd99dO5c8O1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw39BMI6/GsO/9biviSuwe9u9vHi1YPNkff5j/pL/+UjTi0dn9+ZfO7M9/OV65XO+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBI2b+3lRVF3p1UMOr5P3hlZhT8ddal4fL7p6auxARrLop86lm94eOqqsZV6txkT+VFgumI885gdfgrufhnvRAR56yZjYj6v41/YlDXHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqc9T0u+5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqFPZv7eVFUXeHWNQ9zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8T/4MAAD//yeQEY0=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000e80)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x79, 0xb3, 0x1, 0x4, 0x2, 0x6, 0x7, 0x32e, 0x40, 0x1de, 0x7, 0xc40, 0x38, 0x1, 0x7, 0x8, 0xa1}, [{0x2, 0xff, 0x4, 0x800, 0x3, 0x3, 0x6, 0x7}]}, 0x78)
sendfile(r3, r3, &(0x7f0000000000)=0x9, 0xffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000ed4d9a4a091c6a55000100100000000018127285cb0520c6a1ad28a39b63c05709bfc4000000001489169f320d6869516d05392ffef5613265d92022f6a1fe3650b9a82eba379f423c2222934d3f11", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r6}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r7, 0x4b72, &(0x7f0000000040)={0x0, 0x4000000, 0x8, 0xd, 0x200, 0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xc, @local}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
r8 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0), 0x0)
io_uring_register$IORING_REGISTER_FILES(r8, 0x2, 0x0, 0x0)
read$eventfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
openat(0xffffffffffffffff, 0x0, 0x981, 0x108)
unshare(0x22020500)

184.234972ms ago: executing program 4 (id=2712):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
fcntl$setlease(r0, 0x400, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0xc0200, 0x100)

173.309912ms ago: executing program 5 (id=2713):
r0 = socket(0x8000000010, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8d5b}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
read(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r3}, 0x10)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

146.486444ms ago: executing program 5 (id=2714):
r0 = io_uring_setup(0x7d98, &(0x7f0000000940)={0x0, 0xdf07, 0x40, 0x1, 0x8105})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
read(r1, &(0x7f0000000100)=""/41, 0x29)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000580)='./file0\x00', 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)

87.228856ms ago: executing program 4 (id=2715):
r0 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x5)
fchdir(r1)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f0000000000)='./bus\x00', 0x60000526)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./bus\x00', 0x0, 0x12a)
getdents64(r3, 0x0, 0x0)

87.065896ms ago: executing program 4 (id=2716):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x4d3f, &(0x7f0000000d80)={0x0, 0x67e3, 0x41, 0x2003, 0x2f8})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x66)

85.203606ms ago: executing program 7 (id=2717):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x4042, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

79.105207ms ago: executing program 4 (id=2718):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f785"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202"], 0x88}}, 0x0)

37.964379ms ago: executing program 8 (id=2719):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x2, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4050)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=@newtfilter={0x80, 0x2c, 0xca7, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x4, 0x4}, {}, {0x1, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0x1, 0x3}}, @TCA_U32_SEL={0x44, 0x5, {0x8, 0xf, 0x3, 0x2, 0x7ae, 0x9, 0xb11, 0x65, [{0x7fff, 0x2000401, 0x5, 0x6}, {0x0, 0xe1, 0x7, 0xfffffffd}, {0x3ff, 0xa, 0x76800, 0xd}]}}, @TCA_U32_POLICE={0x4}]}}]}, 0x80}}, 0x20040054)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x81}, 0x44000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

939.5µs ago: executing program 4 (id=2720):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)

0s ago: executing program 5 (id=2721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}, {0xfff3, 0x2}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)

0s ago: executing program 4 (id=2723):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r0, &(0x7f0000001580)={0xfc, {"a2e3ad1bed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f3b3668030890e0879b0af8c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f00000001c0)='.\x00', 0x1ac8431, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, &(0x7f00000001c0))

kernel console output (not intermixed with test programs):

28
[  103.184160][ T3416] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  103.193975][ T3416] ext4 filesystem being mounted at /179/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  103.229530][ T3416] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1174'.
[  103.234316][ T3138] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  103.238938][ T3414] Bluetooth: hci1: command 0x1003 tx timeout
[  103.253500][ T3416] EXT4-fs (loop6): unmounting filesystem.
[  103.301348][ T3425] loop4: detected capacity change from 0 to 512
[  103.310257][ T3425] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  103.351055][ T3432] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1181'.
[  103.430285][ T3444] loop4: detected capacity change from 0 to 512
[  103.434700][ T3446] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  103.450730][ T3444] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1188: inode has both inline data and extents flags
[  103.465953][ T3444] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1188: couldn't read orphan inode 15 (err -117)
[  103.483232][ T3444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  103.530293][  T284] EXT4-fs (loop4): unmounting filesystem.
[  103.536713][ T3455] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3455 comm=syz.5.1191
[  103.631799][ T3467] netlink: 'syz.4.1194': attribute type 12 has an invalid length.
[  103.717625][ T3479] loop7: detected capacity change from 0 to 128
[  103.799517][ T3490] loop4: detected capacity change from 0 to 128
[  103.812907][ T3490] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  103.822926][ T3490] ext4 filesystem being mounted at /252/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  103.863275][ T3490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1209'.
[  103.966556][ T3490] EXT4-fs (loop4): unmounting filesystem.
[  104.062155][ T3506] loop4: detected capacity change from 0 to 512
[  104.079650][ T3506] EXT4-fs: Ignoring removed i_version option
[  104.124420][ T3506] EXT4-fs: Ignoring removed bh option
[  104.161344][   T28] kauditd_printk_skb: 190 callbacks suppressed
[  104.161427][   T28] audit: type=1326 audit(1764452872.600:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  104.169654][ T3506] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  104.206821][   T28] audit: type=1326 audit(1764452872.610:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  104.217270][ T3512] loop2: detected capacity change from 0 to 2048
[  104.240454][   T28] audit: type=1326 audit(1764452872.650:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  104.266015][   T28] audit: type=1326 audit(1764452872.650:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  104.269681][ T3512] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  104.301855][   T28] audit: type=1326 audit(1764452872.650:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  104.401733][ T3517] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1218'.
[  104.461539][   T28] audit: type=1326 audit(1764452872.650:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f334538f783 code=0x7ffc0000
[  104.488939][  T285] EXT4-fs (loop2): unmounting filesystem.
[  104.489364][   T28] audit: type=1326 audit(1764452872.650:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f334538e1ff code=0x7ffc0000
[  104.661185][   T28] audit: type=1326 audit(1764452872.650:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f334538f7d7 code=0x7ffc0000
[  104.736929][   T28] audit: type=1326 audit(1764452872.650:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f334538df90 code=0x7ffc0000
[  104.770835][   T28] audit: type=1326 audit(1764452872.650:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3511 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f334538f34b code=0x7ffc0000
[  104.802517][ T3545] tmpfs: Unsupported parameter 'mpol'
[  104.873008][ T3560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1228'.
[  104.900777][ T3562] loop5: detected capacity change from 0 to 512
[  104.930689][ T3562] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  104.953032][ T3570] netlink: 'syz.2.1243': attribute type 12 has an invalid length.
[  104.958699][ T3562] EXT4-fs (loop5): 1 truncate cleaned up
[  104.965775][ T3573] loop4: detected capacity change from 0 to 512
[  104.967814][ T3562] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  105.016505][ T3573] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1240: inode has both inline data and extents flags
[  105.038796][  T813] EXT4-fs (loop5): unmounting filesystem.
[  105.059545][ T3573] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1240: couldn't read orphan inode 15 (err -117)
[  105.062943][ T3577] loop2: detected capacity change from 0 to 512
[  105.085885][ T3573] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  105.101579][ T3577] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  105.105039][ T3584] 9pnet: Could not find request transport: t
[  105.139608][ T3577] EXT4-fs (loop2): 1 truncate cleaned up
[  105.150155][  T284] EXT4-fs (loop4): unmounting filesystem.
[  105.160312][ T3577] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  105.185413][ T3589] loop5: detected capacity change from 0 to 512
[  105.209561][ T3589] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  105.225376][  T285] EXT4-fs (loop2): unmounting filesystem.
[  105.227687][ T3595] loop7: detected capacity change from 0 to 512
[  105.231907][ T3589] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  105.268708][ T3595] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  105.279551][ T3589] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  105.289607][ T3589] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  105.298547][ T3589] System zones: 0-2, 18-18, 34-35
[  105.307443][ T3589] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  105.349871][ T3595] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  105.350172][ T3589] EXT4-fs (loop5): re-mounted. Quota mode: none.
[  105.382155][ T3595] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1252: bg 0: block 248: padding at end of block bitmap is not set
[  105.399553][ T3595] EXT4-fs error (device loop7): ext4_acquire_dquot:6803: comm syz.7.1252: Failed to acquire dquot type 1
[  105.412925][ T3595] EXT4-fs (loop7): 1 truncate cleaned up
[  105.419227][ T3595] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  105.428937][  T813] EXT4-fs (loop5): unmounting filesystem.
[  105.441714][ T3595] EXT4-fs (loop7): shut down requested (1)
[  105.470394][ T3620] netlink: 'syz.5.1262': attribute type 12 has an invalid length.
[  105.482868][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  105.539910][ T3629] device pim6reg1 entered promiscuous mode
[  105.555177][ T3635] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1271'.
[  105.599193][ T3635] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1271'.
[  105.621903][ T3644] loop7: detected capacity change from 0 to 128
[  105.668024][ T3650] loop2: detected capacity change from 0 to 128
[  105.668290][ T3652] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1280'.
[  105.798763][ T3665] loop4: detected capacity change from 0 to 128
[  105.851329][ T3665] FAT-fs (loop4): Directory bread(block 32) failed
[  105.865099][ T3644] SELinux: failed to load policy
[  105.875244][ T3665] FAT-fs (loop4): Directory bread(block 33) failed
[  105.883209][ T3665] FAT-fs (loop4): Directory bread(block 34) failed
[  105.890184][ T3665] FAT-fs (loop4): Directory bread(block 35) failed
[  105.904951][ T3665] FAT-fs (loop4): Directory bread(block 36) failed
[  105.912109][ T3665] FAT-fs (loop4): Directory bread(block 37) failed
[  105.984662][ T3665] FAT-fs (loop4): Directory bread(block 38) failed
[  106.060722][ T3665] FAT-fs (loop4): Directory bread(block 39) failed
[  106.244859][ T3665] FAT-fs (loop4): Directory bread(block 40) failed
[  106.262049][ T3665] FAT-fs (loop4): Directory bread(block 41) failed
[  106.299524][ T3665] bio_check_eod: 22484 callbacks suppressed
[  106.299544][ T3665] syz.4.1285: attempt to access beyond end of device
[  106.299544][ T3665] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  106.321406][ T3665] FAT-fs (loop4): Filesystem has been set read-only
[  106.332452][ T3665] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  106.390419][ T3688] loop2: detected capacity change from 0 to 512
[  106.434731][ T3688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  106.452771][ T3688] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.486310][  T285] EXT4-fs (loop2): unmounting filesystem.
[  106.596343][ T3706] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  106.768472][ T3718] netlink: 'syz.2.1307': attribute type 12 has an invalid length.
[  107.068179][ T3737] loop5: detected capacity change from 0 to 256
[  107.085732][ T3737] FAT-fs (loop5): Directory bread(block 64) failed
[  107.085764][ T3737] FAT-fs (loop5): Directory bread(block 65) failed
[  107.085798][ T3737] FAT-fs (loop5): Directory bread(block 66) failed
[  107.085816][ T3737] FAT-fs (loop5): Directory bread(block 67) failed
[  107.085855][ T3737] FAT-fs (loop5): Directory bread(block 68) failed
[  107.085870][ T3737] FAT-fs (loop5): Directory bread(block 69) failed
[  107.085898][ T3737] FAT-fs (loop5): Directory bread(block 70) failed
[  107.085915][ T3737] FAT-fs (loop5): Directory bread(block 71) failed
[  107.085946][ T3737] FAT-fs (loop5): Directory bread(block 72) failed
[  107.085963][ T3737] FAT-fs (loop5): Directory bread(block 73) failed
[  107.173949][ T3746] loop5: detected capacity change from 0 to 128
[  107.203290][ T3745] netlink: 'syz.2.1316': attribute type 13 has an invalid length.
[  107.210074][ T3745] gretap0: refused to change device tx_queue_len
[  107.210214][ T3745] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  107.228107][ T3739] tipc: New replicast peer: 255.255.255.255
[  107.228350][ T3739] tipc: Enabled bearer <udp:syz2>, priority 10
[  107.314687][ T3748] netlink: 'syz.4.1320': attribute type 12 has an invalid length.
[  107.318268][ T3754] loop6: detected capacity change from 0 to 512
[  107.373338][ T3754] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.402477][ T3754] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  107.403224][ T3759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1325'.
[  107.446459][ T3754] EXT4-fs (loop6): orphan cleanup on readonly fs
[  107.453222][ T3754] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13
[  107.462405][ T3754] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #13: comm syz.6.1323: attempt to clear invalid blocks 2 len 1
[  107.550855][ T3771] loop2: detected capacity change from 0 to 128
[  107.560138][ T3754] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1323: bg 0: block 456: padding at end of block bitmap is not set
[  107.588928][ T3771] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  107.605693][ T3771] ext4 filesystem being mounted at /260/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  107.643452][ T3754] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6165: Corrupt filesystem
[  107.655003][ T3754] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.1323: invalid indirect mapped block 1819239214 (level 0)
[  107.685984][ T3771] __nla_validate_parse: 3 callbacks suppressed
[  107.686002][ T3771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1330'.
[  107.712180][ T3754] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.1323: invalid indirect mapped block 1819239214 (level 1)
[  107.736180][ T3771] EXT4-fs (loop2): unmounting filesystem.
[  107.749094][ T3754] EXT4-fs (loop6): 1 truncate cleaned up
[  107.755203][ T3754] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  107.777382][ T3776] loop4: detected capacity change from 0 to 512
[  107.802852][ T1157] EXT4-fs error (device loop6): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  107.807531][ T3776] EXT4-fs: Ignoring removed nobh option
[  107.835972][ T1157] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2196: inode #15: comm syz-executor: corrupted in-inode xattr
[  107.876754][ T1157] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2196: inode #15: comm syz-executor: corrupted in-inode xattr
[  107.903368][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #3: comm syz.4.1332: corrupted inode contents
[  107.927118][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  107.939018][ T3776] EXT4-fs error (device loop4): ext4_dirty_inode:6135: inode #3: comm syz.4.1332: mark_inode_dirty error
[  107.951866][ T3790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1339'.
[  107.964472][ T1157] EXT4-fs (loop6): unmounting filesystem.
[  107.970591][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  107.993874][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #3: comm syz.4.1332: corrupted inode contents
[  108.016800][   T43] tipc: Disabling bearer <udp:s>
[  108.021916][   T43] tipc: Left network mode
[  108.027274][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.034596][ T3776] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.1332: mark_inode_dirty error
[  108.046842][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.076628][ T3776] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1332: Failed to acquire dquot type 0
[  108.104986][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.121273][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1332: corrupted inode contents
[  108.158992][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.170819][ T3776] EXT4-fs error (device loop4): ext4_dirty_inode:6135: inode #16: comm syz.4.1332: mark_inode_dirty error
[  108.204357][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.212445][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1332: corrupted inode contents
[  108.262319][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.287740][ T3776] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1332: mark_inode_dirty error
[  108.314823][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.330828][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1332: corrupted inode contents
[  108.344938][   T39] tipc: Node number set to 1170325929
[  108.346823][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.359868][ T3776] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  108.371525][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.378497][ T3776] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1332: corrupted inode contents
[  108.392306][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.399544][ T3776] EXT4-fs error (device loop4): ext4_truncate:4320: inode #16: comm syz.4.1332: mark_inode_dirty error
[  108.414751][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.421728][ T3816] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1351'.
[  108.432626][ T3776] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  108.443178][ T3801] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.446155][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[  108.457316][ T3821] loop2: detected capacity change from 0 to 512
[  108.458409][ T3801] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.472610][ T3776] EXT4-fs (loop4): 1 truncate cleaned up
[  108.478545][ T3821] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  108.479601][ T3801] device bridge_slave_0 entered promiscuous mode
[  108.489281][ T3776] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  108.499393][ T3821] EXT4-fs (loop2): 1 truncate cleaned up
[  108.508640][ T3776] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.511605][ T3821] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  108.532779][ T3818] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1352'.
[  108.542780][  T284] EXT4-fs (loop4): unmounting filesystem.
[  108.556159][ T3801] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.564099][ T3801] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.573815][  T285] EXT4-fs (loop2): unmounting filesystem.
[  108.579749][ T3801] device bridge_slave_1 entered promiscuous mode
[  108.616955][   T39] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  108.635773][   T39] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  108.911338][   T43] device bridge_slave_1 left promiscuous mode
[  108.927288][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.978462][   T43] device bridge_slave_0 left promiscuous mode
[  108.999072][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.143310][   T43] device veth1_macvtap left promiscuous mode
[  109.150266][   T43] device veth0_vlan left promiscuous mode
[  109.283211][   T28] kauditd_printk_skb: 342 callbacks suppressed
[  109.283258][   T28] audit: type=1400 audit(1764452877.720:1916): avc:  granted  { setsecparam } for  pid=3854 comm="syz.4.1366" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  109.402836][   T28] audit: type=1400 audit(1764452877.840:1917): avc:  denied  { write } for  pid=3858 comm="syz.4.1368" name="ppp" dev="devtmpfs" ino=157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  109.555404][ T3801] device veth0_vlan entered promiscuous mode
[  109.571374][ T3801] device veth1_macvtap entered promiscuous mode
[  109.580163][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.589402][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.598767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.608698][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.626027][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.634860][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.642703][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.644920][ T3868] loop7: detected capacity change from 0 to 128
[  109.652383][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.681935][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.691349][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.698897][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.711213][   T28] audit: type=1326 audit(1764452878.150:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.738694][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  109.744952][ T3868] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  109.747218][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.765467][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  109.776381][   T28] audit: type=1326 audit(1764452878.150:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.808648][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.812481][   T28] audit: type=1326 audit(1764452878.180:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.842988][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  109.844111][   T28] audit: type=1326 audit(1764452878.180:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.853738][ T3868] ext4 filesystem being mounted at /101/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  109.877256][   T28] audit: type=1326 audit(1764452878.180:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.912512][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.937533][   T28] audit: type=1326 audit(1764452878.180:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.969550][   T28] audit: type=1326 audit(1764452878.180:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  109.970128][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  109.994399][   T28] audit: type=1326 audit(1764452878.180:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3869 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  110.034687][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.058439][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.067332][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.076801][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.104647][ T3877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1372'.
[  110.108988][ T3890] loop5: detected capacity change from 0 to 512
[  110.122103][ T3868] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1369'.
[  110.140892][  T768] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  110.141160][  T768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.141383][  T768] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  110.141640][  T768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.157264][ T3868] EXT4-fs (loop7): unmounting filesystem.
[  110.185960][ T3890] EXT4-fs (loop5): orphan cleanup on readonly fs
[  110.190401][ T3890] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1378: bad orphan inode 13
[  110.190584][ T3890] ext4_test_bit(bit=12, block=18) = 1
[  110.190599][ T3890] is_bad_inode(inode)=0
[  110.190605][ T3890] NEXT_ORPHAN(inode)=2130706432
[  110.190614][ T3890] max_ino=32
[  110.190621][ T3890] i_nlink=1
[  110.190684][ T3890] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  110.197560][ T3895] loop2: detected capacity change from 0 to 128
[  110.209487][ T3897] loop8: detected capacity change from 0 to 512
[  110.226106][ T3890] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  110.226452][ T3897] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  110.228467][ T3897] EXT4-fs warning (device loop8): dx_probe:869: inode #2: comm syz.8.1341: Unimplemented hash flags: 0x0001
[  110.228509][ T3897] EXT4-fs warning (device loop8): dx_probe:966: inode #2: comm syz.8.1341: Corrupt directory, running e2fsck is recommended
[  110.229172][ T3895] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  110.229195][ T3895] FAT-fs (loop2): Filesystem has been set read-only
[  110.229208][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.229208][ T3895] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  110.229281][ T3895] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  110.229299][ T3895] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  110.242090][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  110.247316][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247316][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247375][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247375][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247409][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247409][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247442][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247442][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247473][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247473][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247504][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247504][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247535][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247535][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.247574][ T3895] syz.2.1380: attempt to access beyond end of device
[  110.247574][ T3895] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.256637][ T3890] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  110.266833][  T813] EXT4-fs (loop5): unmounting filesystem.
[  110.326349][ T3909] loop5: detected capacity change from 0 to 256
[  110.332341][ T3909] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.336791][ T3909] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  110.336820][ T3909] FAT-fs (loop5): Filesystem has been set read-only
[  110.418063][ T3916] loop7: detected capacity change from 0 to 1024
[  110.418484][ T3916] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.463162][ T3921] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1390'.
[  110.705530][ T3932] netlink: 'syz.5.1394': attribute type 12 has an invalid length.
[  110.902725][ T3949] loop7: detected capacity change from 0 to 512
[  110.903399][ T3949] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  110.919884][ T3949] EXT4-fs (loop7): 1 truncate cleaned up
[  110.959736][ T3952] loop7: detected capacity change from 0 to 512
[  110.963316][ T3952] EXT4-fs (loop7): external journal device major/minor numbers have changed
[  110.963339][ T3952] EXT4-fs (loop7): failed to open journal device unknown-block(8,3) -6
[  110.967053][ T3952] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1403'.
[  110.967081][ T3952] netem: change failed
[  111.062421][ T3957] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1405'.
[  111.093499][ T3959] loop5: detected capacity change from 0 to 128
[  111.131327][ T3964] netlink: 'syz.7.1408': attribute type 12 has an invalid length.
[  111.360914][ T3891] tty tty28: ldisc open failed (-12), clearing slot 27
[  111.385808][ T3977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1414'.
[  111.412240][ T3980] syz.8.1415[3980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.412323][ T3980] syz.8.1415[3980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.489477][ T3980] loop8: detected capacity change from 0 to 1024
[  111.507251][ T3991] loop2: detected capacity change from 0 to 128
[  111.521996][ T3980] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  111.573996][ T3980] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  111.592929][ T4000] loop7: detected capacity change from 0 to 1024
[  111.604546][ T3980] JBD2: no valid journal superblock found
[  111.618807][ T4006] loop4: detected capacity change from 0 to 512
[  111.625489][ T3980] EXT4-fs (loop8): error loading journal
[  111.691434][ T3980] netlink: 'syz.8.1415': attribute type 3 has an invalid length.
[  111.722785][ T4012] tipc: Enabling of bearer <ib:team0> rejected, media not registered
[  111.793166][ T4022] SELinux:  Context sy is not valid (left unmapped).
[  111.843631][ T4016] loop7: detected capacity change from 0 to 8192
[  111.887849][ T4034] loop4: detected capacity change from 0 to 1024
[  111.970366][ T4052] netlink: 'syz.5.1446': attribute type 12 has an invalid length.
[  112.145206][ T4086] loop8: detected capacity change from 0 to 512
[  112.152870][ T4086] EXT4-fs (loop8): external journal device major/minor numbers have changed
[  112.163051][ T4086] EXT4-fs (loop8): failed to open journal device unknown-block(8,3) -6
[  112.298886][ T4102] loop4: detected capacity change from 0 to 512
[  112.311186][ T4102] EXT4-fs: Ignoring removed nobh option
[  112.347664][ T4102] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1470: corrupted inode contents
[  112.373602][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.379491][ T4111] loop8: detected capacity change from 0 to 1024
[  112.384598][ T4102] EXT4-fs error (device loop4): ext4_dirty_inode:6135: inode #16: comm syz.4.1470: mark_inode_dirty error
[  112.411477][ T4111] EXT4-fs error (device loop8): __ext4_fill_super:5391: inode #2: comm syz.8.1473: iget: checksum invalid
[  112.424788][ T4111] EXT4-fs (loop8): get root inode failed
[  112.431219][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.438241][ T4111] EXT4-fs (loop8): mount failed
[  112.444326][ T4102] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1470: corrupted inode contents
[  112.461596][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.468301][ T4102] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1470: mark_inode_dirty error
[  112.480205][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.487621][ T4102] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1470: corrupted inode contents
[  112.508624][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.508657][ T4111] futex_wake_op: syz.8.1473 tries to shift op by -1; fix this program
[  112.522927][ T4102] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  112.543365][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.552488][ T4102] EXT4-fs error (device loop4): ext4_do_update_inode:5270: inode #16: comm syz.4.1470: corrupted inode contents
[  112.575845][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.588787][ T4102] EXT4-fs error (device loop4): ext4_truncate:4320: inode #16: comm syz.4.1470: mark_inode_dirty error
[  112.610306][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.617647][ T4102] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  112.628780][ T4102] EXT4-fs (loop4): Remounting filesystem read-only
[  112.635856][ T4102] EXT4-fs (loop4): 1 truncate cleaned up
[  112.642532][ T1052] EXT4-fs error (device loop4): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 1
[  112.660526][ T1052] EXT4-fs (loop4): Remounting filesystem read-only
[  112.670301][ T4128] loop8: detected capacity change from 0 to 512
[  112.697973][ T4128] EXT4-fs error (device loop8): ext4_xattr_inode_iget:409: comm syz.8.1479: error while reading EA inode 32 err=-116
[  112.714337][ T4128] EXT4-fs (loop8): Remounting filesystem read-only
[  112.721586][ T4128] EXT4-fs (loop8): 1 orphan inode deleted
[  112.767172][ T4132] SELinux: failed to load policy
[  112.859658][ T4136] tipc: New replicast peer: 255.255.255.255
[  112.866179][ T4136] tipc: Enabled bearer <udp:syz2>, priority 10
[  112.873307][ T4136] __nla_validate_parse: 5 callbacks suppressed
[  112.873324][ T4136] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1482'.
[  112.890133][ T4136] tipc: Disabling bearer <udp:syz2>
[  113.022622][ T4150] netlink: 'syz.4.1489': attribute type 12 has an invalid length.
[  113.049903][ T4148] loop7: detected capacity change from 0 to 1024
[  113.078368][ T4157] loop4: detected capacity change from 0 to 1024
[  113.103582][ T4148] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  113.117514][ T4159] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1493'.
[  113.146104][ T4148] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  113.157791][ T4148] JBD2: no valid journal superblock found
[  113.163952][ T4148] EXT4-fs (loop7): error loading journal
[  113.289662][ T4177] loop4: detected capacity change from 0 to 128
[  113.323696][ T4177] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1500'.
[  113.449414][ T4195] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  113.541074][ T4207] loop8: detected capacity change from 0 to 512
[  113.670393][  T768] Bluetooth: hci0: Frame reassembly failed (-84)
[  113.714630][ T4226] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1521'.
[  113.725710][ T4226] raw_sendmsg: syz.4.1521 forgot to set AF_INET. Fix it!
[  113.764236][ T4236] 9pnet_fd: Insufficient options for proto=fd
[  113.826888][ T4241] netlink: 'syz.7.1528': attribute type 12 has an invalid length.
[  114.100402][ T4249] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  114.318718][ T4256] loop8: detected capacity change from 0 to 512
[  114.357364][ T4256] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  114.634549][ T4266] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.1537' sets config #1
[  114.699108][ T4269] loop2: detected capacity change from 0 to 1024
[  114.713603][ T4269] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.811480][   T28] kauditd_printk_skb: 163 callbacks suppressed
[  114.811498][   T28] audit: type=1400 audit(114.782:2088): avc:  denied  { ioctl } for  pid=4276 comm="syz.5.1540" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  114.891312][ T4283] netlink: 'syz.7.1543': attribute type 12 has an invalid length.
[  115.045941][   T28] audit: type=1400 audit(115.022:2089): avc:  denied  { watch watch_reads } for  pid=4303 comm="syz.5.1554" path="/329" dev="tmpfs" ino=1725 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  115.051756][ T4302] loop7: detected capacity change from 0 to 1024
[  115.081898][ T4302] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  115.096031][ T4302] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  115.105032][ T4302] EXT4-fs (loop7): orphan cleanup on readonly fs
[  115.116553][ T4302] EXT4-fs error (device loop7): ext4_read_inode_bitmap:168: comm syz.7.1551: Inode bitmap for bg 0 marked uninitialized
[  115.139968][ T4302] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:511: comm syz.7.1551: Block bitmap for bg 0 marked uninitialized
[  115.183249][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.193036][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.201040][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.209182][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.218386][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.227509][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.231707][   T28] audit: type=1400 audit(115.202:2090): avc:  denied  { unmount } for  pid=3801 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  115.235736][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.275935][   T28] audit: type=1326 audit(115.242:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.280018][ T4322] loop8: detected capacity change from 0 to 1024
[  115.312005][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.321184][   T28] audit: type=1326 audit(115.242:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.344670][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344700][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344719][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344737][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344756][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344775][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344794][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.344813][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.368643][   T28] audit: type=1326 audit(115.242:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.383260][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.384926][   T28] audit: type=1326 audit(115.242:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.392260][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.400404][   T28] audit: type=1326 audit(115.242:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.408418][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.431686][   T28] audit: type=1326 audit(115.242:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.440927][ T4322] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:477: comm syz.8.1562: Invalid block bitmap block 0 in block_group 0
[  115.464743][   T28] audit: type=1326 audit(115.242:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.7.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  115.473251][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.499039][ T4322] EXT4-fs error (device loop8): ext4_acquire_dquot:6803: comm syz.8.1562: Failed to acquire dquot type 0
[  115.506159][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.532572][ T4322] EXT4-fs error (device loop8): ext4_free_blocks:6205: comm syz.8.1562: Freeing blocks not in datazone - block = 0, count = 4096
[  115.546170][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.571627][ T4322] EXT4-fs error (device loop8): ext4_read_inode_bitmap:140: comm syz.8.1562: Invalid inode bitmap blk 0 in block_group 0
[  115.579377][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.592066][ T4322] EXT4-fs error (device loop8) in ext4_free_inode:362: Corrupt filesystem
[  115.600881][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.615412][ T4322] EXT4-fs (loop8): 1 orphan inode deleted
[  115.622720][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.675119][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.683061][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.691117][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.699190][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.707233][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  115.707456][ T3138] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  115.713503][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.727733][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.735685][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.743551][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.751395][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.759084][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.767112][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.774964][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.783033][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.791012][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.799237][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.806864][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.815086][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.823005][  T837] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  115.831889][  T837] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  115.842273][ T1052] EXT4-fs error (device loop8): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 0
[  115.908534][ T4335] loop8: detected capacity change from 0 to 256
[  115.928264][ T4337] fido_id[4337]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  115.960994][ T4341] netlink: 'syz.2.1570': attribute type 12 has an invalid length.
[  116.070660][ T4352] loop5: detected capacity change from 0 to 128
[  116.123469][ T4352] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1576'.
[  116.139529][ T4362] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1580'.
[  116.172482][ T4367] netlink: 'syz.2.1582': attribute type 12 has an invalid length.
[  116.257863][ T4382] loop5: detected capacity change from 0 to 512
[  116.306271][ T4382] SELinux:  Context @ is not valid (left unmapped).
[  116.315637][ T4391] loop8: detected capacity change from 0 to 1024
[  116.404768][ T4391] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1594: bg 0: block 112: padding at end of block bitmap is not set
[  116.427401][ T4391] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  116.461371][ T4391] EXT4-fs (loop8): This should not happen!! Data will be lost
[  116.461371][ T4391] 
[  116.474736][ T4410] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: block 8: comm syz.8.1594: lblock 8 mapped to illegal pblock 8 (length 1)
[  116.496835][   T43] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: comm kworker/u4:2: lblock 0 mapped to illegal pblock 0 (length 1)
[  116.525101][   T43] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  116.549540][   T43] EXT4-fs (loop8): This should not happen!! Data will be lost
[  116.549540][   T43] 
[  116.597549][ T4423] loop7: detected capacity change from 0 to 512
[  116.626288][ T4423] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.1608: inode has both inline data and extents flags
[  116.651365][ T4423] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.1608: couldn't read orphan inode 15 (err -117)
[  116.712624][ T4423] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  116.866732][ T4450] loop7: detected capacity change from 0 to 512
[  116.881591][ T4453] loop4: detected capacity change from 0 to 2048
[  116.936876][ T4459] netlink: 'syz.2.1622': attribute type 12 has an invalid length.
[  116.946555][ T4453] Alternate GPT is invalid, using primary GPT.
[  116.954449][ T4453]  loop4: p1 p2 p3
[  116.958728][ T4453] loop4: partition table partially beyond EOD, truncated
[  116.961922][ T4463] loop7: detected capacity change from 0 to 128
[  117.010730][ T4463] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1624'.
[  117.043657][ T4468] loop2: detected capacity change from 0 to 1024
[  117.065314][ T4470] loop4: detected capacity change from 0 to 128
[  117.078139][ T4472] syzkaller0: tun_chr_ioctl cmd 35108
[  117.092077][  T387] udevd[387]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  117.101432][  T337] udevd[337]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  117.120860][  T342] udevd[342]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  117.328340][ T4498] loop4: detected capacity change from 0 to 128
[  117.350772][ T4489] loop2: detected capacity change from 0 to 8192
[  117.378158][ T4498] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1639'.
[  118.070085][ T4519] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1646'.
[  118.233084][ T4528] loop4: detected capacity change from 0 to 1024
[  118.275302][ T4528] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  118.290184][ T4540] loop7: detected capacity change from 0 to 512
[  118.290279][ T4528] EXT4-fs (loop4): orphan cleanup on readonly fs
[  118.302039][ T4538] netlink: 'syz.2.1652': attribute type 12 has an invalid length.
[  118.306422][ T4537] loop5: detected capacity change from 0 to 128
[  118.321212][ T4540] FAT-fs (loop7): Unrecognized mount option "7" or missing value
[  118.341349][ T4528] EXT4-fs error (device loop4): __ext4_get_inode_loc:4515: comm syz.4.1649: Invalid inode table block 0 in block_group 0
[  118.346135][ T4542] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1657'.
[  118.356679][ T4528] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5931: Corrupt filesystem
[  118.376902][ T1052] Bluetooth: hci0: Frame reassembly failed (-84)
[  118.386008][ T4528] EXT4-fs error (device loop4): ext4_quota_write:7215: inode #3: comm syz.4.1649: mark_inode_dirty error
[  118.406714][ T4528] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1649: Failed to acquire dquot type 0
[  118.411082][ T4544] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1658'.
[  118.435147][ T4528] EXT4-fs error (device loop4): __ext4_get_inode_loc:4515: comm syz.4.1649: Invalid inode table block 0 in block_group 0
[  118.453277][ T4548] loop8: detected capacity change from 0 to 128
[  118.454837][ T4528] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5931: Corrupt filesystem
[  118.470297][ T4528] EXT4-fs error (device loop4): ext4_ext_truncate:4454: inode #15: comm syz.4.1649: mark_inode_dirty error
[  118.502992][ T4528] EXT4-fs error (device loop4): __ext4_get_inode_loc:4515: comm syz.4.1649: Invalid inode table block 0 in block_group 0
[  118.565569][ T4556] loop5: detected capacity change from 0 to 512
[  118.575282][ T4528] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5931: Corrupt filesystem
[  118.604537][ T4556] EXT4-fs: Ignoring removed oldalloc option
[  118.620460][ T4548] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1660'.
[  118.640631][ T4528] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  118.646814][ T4556] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  118.650601][ T4528] EXT4-fs error (device loop4): __ext4_get_inode_loc:4515: comm syz.4.1649: Invalid inode table block 0 in block_group 0
[  118.662355][ T4556] EXT4-fs (loop5): 1 truncate cleaned up
[  118.674832][ T4528] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5931: Corrupt filesystem
[  118.697863][ T4528] EXT4-fs error (device loop4): ext4_truncate:4320: inode #15: comm syz.4.1649: mark_inode_dirty error
[  118.717802][ T4528] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  118.728360][ T4528] EXT4-fs (loop4): 1 truncate cleaned up
[  118.779826][ T4566] netlink: 'syz.8.1667': attribute type 12 has an invalid length.
[  118.792689][ T4568] loop4: detected capacity change from 0 to 512
[  118.808922][ T4570] syz.8.1670[4570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.809005][ T4570] syz.8.1670[4570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.830822][ T4568] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  119.006269][ T4604] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1686'.
[  119.045842][ T4610] netlink: 76 bytes leftover after parsing attributes in process `syz.8.1689'.
[  119.057522][ T4594] loop4: detected capacity change from 0 to 8192
[  119.065436][ T4594] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  119.152431][ T4622] loop5: detected capacity change from 0 to 2048
[  119.165761][ T4626] loop4: detected capacity change from 0 to 128
[  119.182129][ T4626] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1695'.
[  119.291663][ T4636] device pim6reg1 entered promiscuous mode
[  119.310565][ T4644] loop8: detected capacity change from 0 to 128
[  119.378756][ T4652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1706'.
[  119.538779][ T4677] loop8: detected capacity change from 0 to 512
[  119.547625][ T4677] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  119.572208][ T4677] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  119.573761][ T4682] loop7: detected capacity change from 0 to 128
[  119.596318][ T4677] EXT4-fs (loop8): 1 truncate cleaned up
[  119.605431][ T4683] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.673784][ T4682] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1720'.
[  119.888836][   T28] kauditd_printk_skb: 75 callbacks suppressed
[  119.888884][   T28] audit: type=1400 audit(119.862:2168): avc:  denied  { read } for  pid=4690 comm="syz.7.1722" dev="nsfs" ino=4026532643 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  119.964661][   T28] audit: type=1400 audit(119.892:2169): avc:  denied  { open } for  pid=4690 comm="syz.7.1722" path="net:[4026532643]" dev="nsfs" ino=4026532643 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  119.995618][   T28] audit: type=1400 audit(119.892:2170): avc:  denied  { create } for  pid=4690 comm="syz.7.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  120.033157][   T28] audit: type=1326 audit(119.992:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.7.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  120.057839][   T28] audit: type=1326 audit(119.992:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.7.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  120.107479][   T28] audit: type=1326 audit(119.992:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.7.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  120.131986][   T28] audit: type=1326 audit(119.992:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.7.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  120.138292][ T4697] loop7: detected capacity change from 0 to 8192
[  120.164596][   T28] audit: type=1326 audit(119.992:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.7.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9578f749 code=0x7ffc0000
[  120.207390][   T28] audit: type=1400 audit(120.142:2176): avc:  denied  { validate_trans } for  pid=4698 comm="syz.8.1726" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  120.291052][   T28] audit: type=1400 audit(120.262:2177): avc:  denied  { mounton } for  pid=4700 comm="syz.7.1728" path="/182/file0" dev="tmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  120.424264][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  120.426177][ T3138] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  120.451232][ T4711] netlink: 'syz.7.1729': attribute type 12 has an invalid length.
[  120.530733][ T4723] loop7: detected capacity change from 0 to 128
[  120.573167][ T4723] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1739'.
[  120.665771][ T4747] loop4: detected capacity change from 0 to 1024
[  120.670463][ T4752] random: crng reseeded on system resumption
[  120.703346][ T4747] EXT4-fs: Ignoring removed oldalloc option
[  120.738238][ T4747] EXT4-fs: Ignoring removed bh option
[  120.751072][   T39] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  120.761177][   T39] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  120.771585][ T4747] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  120.791869][ T4764] SELinux: failed to load policy
[  120.856956][ T4765] fido_id[4765]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  120.880489][ T4777] device bridge1 entered promiscuous mode
[  120.935539][ T4785] netlink: 'syz.7.1766': attribute type 12 has an invalid length.
[  120.983856][ T4794] loop7: detected capacity change from 0 to 128
[  121.128946][ T4807] loop2: detected capacity change from 0 to 512
[  121.149637][ T4807] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  121.181883][ T4807] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.1776: invalid indirect mapped block 4294967295 (level 0)
[  121.204253][ T4807] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.1776: invalid indirect mapped block 4294967295 (level 1)
[  121.222517][ T4807] EXT4-fs (loop2): 1 orphan inode deleted
[  121.231710][ T4807] EXT4-fs (loop2): 1 truncate cleaned up
[  121.306842][ T4825] loop5: detected capacity change from 0 to 128
[  121.364265][   T39] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  121.544257][   T39] usb 5-1: device descriptor read/64, error -71
[  121.595624][ T4860] loop2: detected capacity change from 0 to 128
[  121.659548][ T4861] device wg2 entered promiscuous mode
[  121.854254][   T39] usb 5-1: device descriptor read/64, error -71
[  121.911358][ T4872] loop7: detected capacity change from 0 to 512
[  121.938921][ T4872] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  121.943833][ T4876] netlink: 'syz.8.1807': attribute type 12 has an invalid length.
[  122.000582][ T4872] EXT4-fs (loop7): 1 truncate cleaned up
[  122.154249][   T39] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  122.238177][ T4889] loop2: detected capacity change from 0 to 512
[  122.324347][   T39] usb 5-1: device descriptor read/64, error -71
[  122.350049][ T4891] device bridge1 entered promiscuous mode
[  122.404870][ T4889] EXT4-fs error (device loop2): ext4_do_update_inode:5270: inode #2: comm syz.2.1813: corrupted inode contents
[  122.435033][ T4889] EXT4-fs error (device loop2): ext4_dirty_inode:6135: inode #2: comm syz.2.1813: mark_inode_dirty error
[  122.449191][ T4889] EXT4-fs error (device loop2): ext4_do_update_inode:5270: inode #2: comm syz.2.1813: corrupted inode contents
[  122.535822][ T4912] loop2: detected capacity change from 0 to 128
[  122.592741][ T4922] loop8: detected capacity change from 0 to 512
[  122.624344][   T39] usb 5-1: device descriptor read/64, error -71
[  122.649270][ T4922] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.697358][ T4932] loop7: detected capacity change from 0 to 512
[  122.740591][ T4932] EXT4-fs (loop7): too many log groups per flexible block group
[  122.750657][ T4932] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  122.759390][   T39] usb usb5-port1: attempt power cycle
[  122.759928][ T4932] EXT4-fs (loop7): mount failed
[  122.803592][ T4951] tipc: Started in network mode
[  122.809026][ T4951] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  122.818218][ T4951] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  122.827262][ T4951] tipc: Enabled bearer <udp:syz0>, priority 10
[  122.888854][ T4955] loop8: detected capacity change from 0 to 512
[  122.899716][ T4955] EXT4-fs error (device loop8): ext4_xattr_inode_iget:404: inode #11: comm syz.8.1839: ea_inode with extended attributes
[  122.914806][ T4955] EXT4-fs error (device loop8): ext4_xattr_inode_iget:409: comm syz.8.1839: error while reading EA inode 11 err=-117
[  122.928432][ T4955] EXT4-fs (loop8): 1 orphan inode deleted
[  122.967898][ T4961] loop8: detected capacity change from 0 to 256
[  123.059086][ T4963] netlink: 'syz.8.1843': attribute type 12 has an invalid length.
[  123.148447][ T4975] loop8: detected capacity change from 0 to 2048
[  123.184363][   T39] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  123.193163][ T4975]  loop8: p1 p3
[  123.198041][ T4975] loop8: p3 start 8388352 is beyond EOD, truncated
[  123.215446][   T39] usb 5-1: device descriptor read/8, error -71
[  123.244687][  T337] udevd[337]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  123.271530][ T4981] loop8: detected capacity change from 0 to 128
[  123.283228][ T4981] __nla_validate_parse: 9 callbacks suppressed
[  123.283246][ T4981] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1852'.
[  123.326789][ T4984] SELinux: failed to load policy
[  123.375410][   T39] usb 5-1: device descriptor read/8, error -71
[  123.419105][ T5000] netlink: 'syz.2.1860': attribute type 12 has an invalid length.
[  123.468293][ T5008] loop2: detected capacity change from 0 to 128
[  123.511724][ T5010] netlink: 2 bytes leftover after parsing attributes in process `syz.5.1865'.
[  123.638686][ T5025] netlink: 'syz.2.1872': attribute type 12 has an invalid length.
[  123.654377][   T39] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  123.695330][   T39] usb 5-1: device descriptor read/8, error -71
[  123.743020][ T5042] 9pnet_fd: Insufficient options for proto=fd
[  123.825362][  T932] tipc: Node number set to 1
[  123.855322][   T39] usb 5-1: device descriptor read/8, error -71
[  123.865974][ T5052] netlink: 'syz.2.1885': attribute type 12 has an invalid length.
[  123.891727][ T5054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1886'.
[  123.974558][   T39] usb usb5-port1: unable to enumerate USB device
[  124.017418][ T5061] loop2: detected capacity change from 0 to 512
[  124.030703][ T1052] Bluetooth: hci0: Frame reassembly failed (-84)
[  124.233237][ T5078] loop4: detected capacity change from 0 to 128
[  124.249379][ T5078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1896'.
[  124.311803][ T5083] netlink: 'syz.4.1897': attribute type 12 has an invalid length.
[  124.387136][ T5087] usb usb8: usbfs: process 5087 (syz.4.1900) did not claim interface 0 before use
[  124.531460][ T5101] loop4: detected capacity change from 0 to 128
[  124.545316][ T5097] loop8: detected capacity change from 0 to 8192
[  124.559972][ T5101] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1907'.
[  124.600395][ T5105] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1908'.
[  124.634972][ T5109] netlink: 'syz.5.1910': attribute type 12 has an invalid length.
[  124.663330][ T5111] loop4: detected capacity change from 0 to 128
[  124.693270][ T5111] syz.4.1911[5111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.693368][ T5111] syz.4.1911[5111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.726772][ T5121] loop5: detected capacity change from 0 to 128
[  124.778654][ T5126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1918'.
[  124.840998][ T5134] loop5: detected capacity change from 0 to 128
[  124.863473][ T5138] loop8: detected capacity change from 0 to 1024
[  124.882287][ T5138] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  124.899625][ T5134] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1919'.
[  124.925231][ T5138] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3836: comm syz.8.1924: Allocating blocks 385-513 which overlap fs metadata
[  124.950083][ T5137] EXT4-fs (loop8): pa ffff8881145f1a80: logic 16, phys. 129, len 24
[  124.958742][ T5137] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  124.980373][   T28] kauditd_printk_skb: 236 callbacks suppressed
[  124.980389][   T28] audit: type=1400 audit(124.932:2414): avc:  denied  { setopt } for  pid=5147 comm="syz.7.1926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  124.987206][ T5146] SELinux:  Context Ü is not valid (left unmapped).
[  125.049803][   T28] audit: type=1400 audit(124.941:2415): avc:  denied  { mac_admin } for  pid=5145 comm="syz.5.1927" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  125.072434][ T5154] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1931'.
[  125.085435][ T5156] loop5: detected capacity change from 0 to 128
[  125.100735][ T5156] FAT-fs (loop5): Directory bread(block 162) failed
[  125.107936][ T5156] FAT-fs (loop5): Directory bread(block 163) failed
[  125.115120][ T5156] FAT-fs (loop5): Directory bread(block 164) failed
[  125.122271][ T5156] FAT-fs (loop5): Directory bread(block 165) failed
[  125.122602][ T5160] loop8: detected capacity change from 0 to 512
[  125.130145][ T5156] FAT-fs (loop5): Directory bread(block 166) failed
[  125.147055][ T5156] FAT-fs (loop5): Directory bread(block 167) failed
[  125.156347][ T5156] FAT-fs (loop5): Directory bread(block 168) failed
[  125.158297][   T28] audit: type=1400 audit(125.100:2416): avc:  denied  { write } for  pid=5157 comm="syz.7.1932" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  125.166333][   T28] audit: type=1400 audit(125.100:2417): avc:  denied  { open } for  pid=5157 comm="syz.7.1932" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  125.189776][ T5156] FAT-fs (loop5): Directory bread(block 169) failed
[  125.229771][ T5160] EXT4-fs error (device loop8): ext4_xattr_inode_iget:404: inode #11: comm syz.8.1933: ea_inode with extended attributes
[  125.239844][ T5156] FAT-fs (loop5): Directory bread(block 162) failed
[  125.249417][ T5163] loop7: detected capacity change from 0 to 1024
[  125.250748][ T5156] FAT-fs (loop5): Directory bread(block 163) failed
[  125.260302][ T5160] EXT4-fs error (device loop8): ext4_xattr_inode_iget:409: comm syz.8.1933: error while reading EA inode 11 err=-117
[  125.264779][ T5156] bio_check_eod: 25709 callbacks suppressed
[  125.264794][ T5156] syz.5.1930: attempt to access beyond end of device
[  125.264794][ T5156] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[  125.297388][ T5156] syz.5.1930: attempt to access beyond end of device
[  125.297388][ T5156] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[  125.298851][ T5160] EXT4-fs (loop8): 1 orphan inode deleted
[  125.353466][ T5163] EXT4-fs error (device loop7): ext4_map_blocks:745: inode #15: block 3: comm syz.7.1934: lblock 3 mapped to illegal pblock 3 (length 3)
[  125.386435][ T5163] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  125.402153][ T5163] EXT4-fs (loop7): This should not happen!! Data will be lost
[  125.402153][ T5163] 
[  125.415255][   T28] audit: type=1400 audit(125.343:2418): avc:  denied  { map } for  pid=5162 comm="syz.7.1934" path="/214/file1/file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  125.438925][ T5170] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 3: comm syz.7.1934: lblock 3 mapped to illegal pblock 3 (length 1)
[  125.455165][ T5170] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 3: comm syz.7.1934: lblock 3 mapped to illegal pblock 3 (length 1)
[  125.474056][ T5162] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 4: comm syz.7.1934: lblock 4 mapped to illegal pblock 4 (length 2)
[  125.502194][ T5162] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 4: comm syz.7.1934: lblock 4 mapped to illegal pblock 4 (length 2)
[  125.519112][ T5162] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 4: comm syz.7.1934: lblock 4 mapped to illegal pblock 4 (length 2)
[  125.749830][ T5170] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 3: comm syz.7.1934: lblock 3 mapped to illegal pblock 3 (length 1)
[  125.860872][ T5170] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 3: comm syz.7.1934: lblock 3 mapped to illegal pblock 3 (length 1)
[  125.968680][ T5162] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 4: comm syz.7.1934: lblock 4 mapped to illegal pblock 4 (length 2)
[  126.010679][ T5178] netlink: 'syz.8.1939': attribute type 12 has an invalid length.
[  126.019856][ T5162] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #15: block 4: comm syz.7.1934: lblock 4 mapped to illegal pblock 4 (length 2)
[  126.204221][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  126.305339][ T3138] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  126.396757][   T28] audit: type=1326 audit(126.241:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.8.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  126.461012][   T28] audit: type=1326 audit(126.241:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.8.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f652418df90 code=0x7ffc0000
[  126.486035][   T28] audit: type=1326 audit(126.241:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.8.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f652418df90 code=0x7ffc0000
[  126.510446][   T28] audit: type=1326 audit(126.241:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.8.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  126.534288][   T28] audit: type=1326 audit(126.241:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.8.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  126.566680][  T768] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  126.579733][  T768] EXT4-fs (loop7): This should not happen!! Data will be lost
[  126.579733][  T768] 
[  126.596877][ T5196] loop8: detected capacity change from 0 to 2048
[  126.651224][ T5206] loop5: detected capacity change from 0 to 1024
[  126.695743][ T5206] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm syz.5.1951: lblock 0 mapped to illegal pblock 0 (length 2)
[  126.711108][ T5213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1955'.
[  126.720103][ T5206] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117
[  126.747389][ T5206] EXT4-fs (loop5): This should not happen!! Data will be lost
[  126.747389][ T5206] 
[  126.758546][ T5217] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 2: comm syz.5.1951: lblock 2 mapped to illegal pblock 2 (length 3)
[  126.776409][ T5217] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 117
[  126.789178][ T5217] EXT4-fs (loop5): This should not happen!! Data will be lost
[  126.789178][ T5217] 
[  126.866168][ T5225] netlink: 'syz.2.1959': attribute type 12 has an invalid length.
[  126.953441][ T5235] loop8: detected capacity change from 0 to 512
[  126.986043][ T5235] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  127.023860][ T5235] EXT4-fs (loop8): 1 truncate cleaned up
[  127.146984][ T5255] netlink: 'syz.5.1972': attribute type 12 has an invalid length.
[  127.181705][ T5259] loop8: detected capacity change from 0 to 128
[  128.025910][ T3801] EXT4-fs unmount: 105 callbacks suppressed
[  128.025931][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  128.167953][ T5319] loop8: detected capacity change from 0 to 2048
[  128.218554][ T5319] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  128.334568][ T5340] netlink: 'syz.4.1983': attribute type 12 has an invalid length.
[  128.505620][ T5377] loop4: detected capacity change from 0 to 512
[  128.525991][ T5377] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.611179][ T5377] EXT4-fs (loop4): can't mount with both data=journal and delalloc
[  128.827653][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  128.841812][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  128.856840][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  128.874983][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  128.884028][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  128.892752][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  128.902975][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  128.911976][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  128.921000][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  128.938817][ T5399] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  129.096489][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  129.820287][ T5464] loop5: detected capacity change from 0 to 128
[  129.909955][ T5464] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  129.932780][ T5479] loop8: detected capacity change from 0 to 512
[  129.951261][ T5464] __nla_validate_parse: 2 callbacks suppressed
[  129.951279][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2016'.
[  129.960117][ T5478] loop4: detected capacity change from 0 to 1024
[  129.985877][ T5479] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  129.996366][ T5478] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  130.012080][ T5481] loop2: detected capacity change from 0 to 512
[  130.027328][  T813] EXT4-fs (loop5): unmounting filesystem.
[  130.033445][ T5478] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  130.044188][ T5479] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  130.050216][ T5478] JBD2: no valid journal superblock found
[  130.057795][ T5478] EXT4-fs (loop4): error loading journal
[  130.064710][  T337] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  130.091471][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  130.201288][ T5504] loop4: detected capacity change from 0 to 128
[  130.215406][ T5504] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  130.230191][ T5504] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2036'.
[  130.247895][  T284] EXT4-fs (loop4): unmounting filesystem.
[  130.353413][   T28] kauditd_printk_skb: 119 callbacks suppressed
[  130.353433][   T28] audit: type=1400 audit(129.965:2543): avc:  denied  { ioctl } for  pid=5524 comm="syz.4.2045" path="socket:[33045]" dev="sockfs" ino=33045 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  130.435187][ T5535] loop4: detected capacity change from 0 to 128
[  130.451328][ T5535] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  130.464068][ T5535] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2049'.
[  130.483738][  T284] EXT4-fs (loop4): unmounting filesystem.
[  130.552899][   T28] audit: type=1326 audit(130.142:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.600481][   T28] audit: type=1326 audit(130.180:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.627238][   T28] audit: type=1326 audit(130.180:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.652658][   T28] audit: type=1326 audit(130.180:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.677532][   T28] audit: type=1326 audit(130.180:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.701544][   T28] audit: type=1326 audit(130.180:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.725287][   T28] audit: type=1326 audit(130.180:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.749391][   T28] audit: type=1326 audit(130.180:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.773549][   T28] audit: type=1326 audit(130.180:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5544 comm="syz.4.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x7ffc0000
[  130.944694][ T5563] tmpfs: Unsupported parameter 'mpol'
[  130.990633][ T5565] loop7: detected capacity change from 0 to 128
[  131.009805][ T5565] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  131.091936][ T5565] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2063'.
[  131.115553][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  131.249737][ T5591] netlink: 'syz.2.2074': attribute type 12 has an invalid length.
[  131.308789][ T5596] loop8: detected capacity change from 0 to 128
[  131.323135][ T5596] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  131.368320][ T5596] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2077'.
[  131.393059][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  131.449449][ T5611] loop7: detected capacity change from 0 to 1024
[  131.489638][ T5611] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  131.517767][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  131.568213][ T5624] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2089'.
[  131.947166][ T5641] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2096'.
[  131.982549][ T5641] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2096'.
[  132.015089][ T5647] loop7: detected capacity change from 0 to 512
[  132.040741][ T5645] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2096'.
[  132.072884][ T5647] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  132.095491][ T5647] EXT4-fs (loop7): 1 truncate cleaned up
[  132.108789][ T5645] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2096'.
[  132.120461][ T5647] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  132.251937][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  133.280855][ T5668] loop4: detected capacity change from 0 to 1024
[  133.287884][ T5668] EXT4-fs: Ignoring removed orlov option
[  133.364155][ T5668] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  133.421802][ T5679] netlink: 'syz.5.2109': attribute type 12 has an invalid length.
[  133.432027][ T5668] SELinux:  Context system_u:object_r:mtrr_device_t:s0 is not valid (left unmapped).
[  133.478738][  T284] EXT4-fs (loop4): unmounting filesystem.
[  133.527121][ T5684] loop7: detected capacity change from 0 to 512
[  133.579399][ T5684] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  133.666841][ T5684] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.2113: corrupted xattr block 33
[  133.744512][ T5684] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[  133.804303][ T5684] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.2113: corrupted xattr block 33
[  133.822228][ T5712] loop5: detected capacity change from 0 to 1024
[  133.834068][ T5684] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[  133.851863][ T5684] EXT4-fs error (device loop7): ext4_xattr_block_list:719: inode #15: comm syz.7.2113: corrupted xattr block 33
[  133.891053][ T5712] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  133.954017][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  134.024947][  T813] EXT4-fs (loop5): unmounting filesystem.
[  134.052431][ T5720] device wg2 left promiscuous mode
[  134.119022][ T5720] device syzkaller0 entered promiscuous mode
[  134.148791][ T5732] loop5: detected capacity change from 0 to 512
[  134.179389][ T5732] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  134.210155][ T5732] EXT4-fs error (device loop5): ext4_xattr_inode_iget:400: comm syz.5.2133: Parent and EA inode have the same ino 15
[  134.228552][ T5732] EXT4-fs error (device loop5): ext4_xattr_inode_iget:400: comm syz.5.2133: Parent and EA inode have the same ino 15
[  134.251590][ T5739] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  134.282655][ T5739] tipc: Enabled bearer <udp:syz0>, priority 10
[  134.330711][ T5732] EXT4-fs (loop5): 1 orphan inode deleted
[  134.349317][ T5732] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  134.372805][  T813] EXT4-fs (loop5): unmounting filesystem.
[  135.342451][ T5830] device syzkaller0 entered promiscuous mode
[  135.415749][ T5854] __nla_validate_parse: 8 callbacks suppressed
[  135.415767][ T5854] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2190'.
[  135.421974][ T5852] loop4: detected capacity change from 0 to 2048
[  135.471803][  T932] tipc: Node number set to 2886997007
[  135.490330][ T5852] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  135.500924][ T5852] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2189: bg 0: block 345: padding at end of block bitmap is not set
[  135.518542][ T5852] EXT4-fs (loop4): Remounting filesystem read-only
[  135.533450][  T284] EXT4-fs (loop4): unmounting filesystem.
[  135.687036][ T5882] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2201'.
[  135.757438][ T5890] device syzkaller0 entered promiscuous mode
[  135.787119][ T5894] netlink: 'syz.8.2207': attribute type 12 has an invalid length.
[  135.862070][ T5906] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2213'.
[  135.872203][ T5907] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  135.881072][ T5907] tipc: Disabling bearer <eth:syzkaller0>
[  136.051622][   T28] kauditd_printk_skb: 91 callbacks suppressed
[  136.051639][   T28] audit: type=1326 audit(135.297:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.089486][ T5930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2224'.
[  136.106280][   T28] audit: type=1326 audit(135.316:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.146882][   T28] audit: type=1326 audit(135.325:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.183129][   T28] audit: type=1326 audit(135.325:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.200556][ T5944] loop8: detected capacity change from 0 to 512
[  136.214110][   T28] audit: type=1326 audit(135.325:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.229312][ T5944] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  136.247224][   T28] audit: type=1400 audit(135.325:2649): avc:  denied  { watch watch_reads } for  pid=5927 comm="syz.8.2223" path="/178/file1" dev="tmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  136.272651][   T28] audit: type=1326 audit(135.325:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5927 comm="syz.8.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  136.273958][ T5944] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec118, mo2=0002]
[  136.305584][ T5944] System zones: 1-12
[  136.310876][ T5944] EXT4-fs (loop8): 1 truncate cleaned up
[  136.317070][ T5944] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  136.332201][ T5949] syz.2.2233[5949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.332280][ T5949] syz.2.2233[5949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.378175][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  136.389765][ T5953] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  136.440556][ T5957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2238'.
[  136.464122][ T5961] loop8: detected capacity change from 0 to 512
[  136.472345][ T5961] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.496563][   T28] audit: type=1326 audit(135.709:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5964 comm="syz.2.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  136.522018][   T28] audit: type=1326 audit(135.709:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5964 comm="syz.2.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  136.548999][   T28] audit: type=1326 audit(135.709:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5964 comm="syz.2.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f334538f749 code=0x7ffc0000
[  136.549993][ T5961] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  136.578908][ T5971] loop2: detected capacity change from 0 to 512
[  136.614424][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  136.626999][ T5971] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  136.641388][ T5977] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  136.672978][  T285] EXT4-fs (loop2): unmounting filesystem.
[  136.688026][ T5981] loop8: detected capacity change from 0 to 512
[  136.733799][ T5981] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  136.754086][ T5986] loop7: detected capacity change from 0 to 512
[  136.761179][ T5986] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  136.761335][ T5981] EXT4-fs (loop8): 1 truncate cleaned up
[  136.778076][ T5981] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  136.787685][ T5986] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  136.799036][ T5986] EXT4-fs (loop7): group descriptors corrupted!
[  136.827780][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  136.841335][ T1049] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  136.951044][ T6016] loop8: detected capacity change from 0 to 128
[  136.978980][   T39] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  137.040783][ T6030] loop2: detected capacity change from 0 to 512
[  137.091575][ T6030] EXT4-fs (loop2): 1 orphan inode deleted
[  137.101629][ T6030] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  137.128840][ T5412] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:107: Failed to release dquot type 1
[  137.150133][   T39] usb 5-1: device descriptor read/64, error -71
[  137.174457][  T285] EXT4-fs (loop2): unmounting filesystem.
[  137.230915][ T6050] random: crng reseeded on system resumption
[  137.293074][ T6058] loop8: detected capacity change from 0 to 256
[  137.304985][ T6061] loop2: detected capacity change from 0 to 512
[  137.321825][ T6061] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.348103][  T337] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  137.360457][ T6061] EXT4-fs (loop2): 1 orphan inode deleted
[  137.370536][ T6061] EXT4-fs (loop2): 1 truncate cleaned up
[  137.379742][ T6061] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  137.418849][  T285] EXT4-fs (loop2): unmounting filesystem.
[  137.438565][   T39] usb 5-1: device descriptor read/64, error -71
[  137.441119][ T6079] loop8: detected capacity change from 0 to 512
[  137.478925][ T6079] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  137.495090][ T6085] loop2: detected capacity change from 0 to 128
[  137.507609][ T6079] EXT4-fs (loop8): 1 truncate cleaned up
[  137.524927][ T6079] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  137.548834][ T6085] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  137.568705][ T6085] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2297'.
[  137.579901][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  137.600007][  T285] EXT4-fs (loop2): unmounting filesystem.
[  137.737940][   T39] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  137.857306][ T6122] loop2: detected capacity change from 0 to 512
[  137.875054][ T6122] EXT4-fs error (device loop2): ext4_init_orphan_info:582: comm syz.2.2311: inode #0: comm syz.2.2311: iget: illegal inode #
[  137.889117][ T6122] EXT4-fs (loop2): get orphan inode failed
[  137.896866][ T6122] EXT4-fs (loop2): mount failed
[  137.908902][   T39] usb 5-1: device descriptor read/64, error -71
[  138.004582][ T6125] loop2: detected capacity change from 0 to 128
[  138.019008][ T6129] loop8: detected capacity change from 0 to 1024
[  138.026262][ T6129] EXT4-fs: Ignoring removed orlov option
[  138.037596][ T6125] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  138.048711][ T6125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2314'.
[  138.088294][ T6129] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  138.113706][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  138.121392][  T285] EXT4-fs (loop2): unmounting filesystem.
[  138.197554][   T39] usb 5-1: device descriptor read/64, error -71
[  138.325826][   T39] usb usb5-port1: attempt power cycle
[  138.344378][ T6155] loop5: detected capacity change from 0 to 2048
[  138.407316][ T6155] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  138.470987][ T6162] loop2: detected capacity change from 0 to 128
[  138.478880][  T813] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  138.498698][  T813] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6165: Corrupt filesystem
[  138.511582][ T6162] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  138.531466][  T813] EXT4-fs (loop5): unmounting filesystem.
[  138.562241][ T6162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2327'.
[  138.596814][  T285] EXT4-fs (loop2): unmounting filesystem.
[  138.689935][ T6170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2329'.
[  138.766441][   T39] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  138.824820][   T39] usb 5-1: device descriptor read/8, error -71
[  138.843169][ T6180] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  138.989618][   T39] usb 5-1: device descriptor read/8, error -71
[  139.130321][ T6190] loop5: detected capacity change from 0 to 128
[  139.175946][ T6190] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  139.203637][ T6190] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2339'.
[  139.289152][   T39] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  139.302317][  T813] EXT4-fs (loop5): unmounting filesystem.
[  139.332231][   T39] usb 5-1: device descriptor read/8, error -71
[  139.491215][ T6208] tmpfs: Unsupported parameter 'mpol'
[  139.491994][   T39] usb 5-1: device descriptor read/8, error -71
[  139.526290][ T6210] loop8: detected capacity change from 0 to 512
[  139.574966][ T6210] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  139.610071][ T6210] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #16: comm syz.8.2348: invalid indirect mapped block 4294967295 (level 0)
[  139.630158][ T6210] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #16: comm syz.8.2348: invalid indirect mapped block 4294967295 (level 1)
[  139.641219][   T39] usb usb5-port1: unable to enumerate USB device
[  139.653647][ T6210] EXT4-fs (loop8): 1 orphan inode deleted
[  139.660113][ T6210] EXT4-fs (loop8): 1 truncate cleaned up
[  139.667002][ T6210] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  139.786488][ T3801] EXT4-fs (loop8): unmounting filesystem.
[  139.816969][ T6227] random: crng reseeded on system resumption
[  140.005123][ T6241] loop4: detected capacity change from 0 to 512
[  140.063052][ T6241] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2363: error while reading EA inode 32 err=-116
[  140.124422][ T6241] EXT4-fs (loop4): Remounting filesystem read-only
[  140.154645][ T6241] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2363: error while reading EA inode 32 err=-116
[  140.213645][ T6241] EXT4-fs (loop4): Remounting filesystem read-only
[  140.248929][ T6241] EXT4-fs (loop4): 1 orphan inode deleted
[  140.268911][ T6241] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  140.322114][ T6241] EXT4-fs (loop4): unmounting filesystem.
[  140.797402][ T6283] __nla_validate_parse: 1 callbacks suppressed
[  140.797469][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2381'.
[  140.890150][ T6296] loop7: detected capacity change from 0 to 1024
[  140.902743][ T6296] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  140.980334][ T6296] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  140.981306][ T6308] device bridge0 entered promiscuous mode
[  141.042844][ T2719] EXT4-fs (loop7): unmounting filesystem.
[  141.077285][ T6308] bridge0: port 3(macsec0) entered blocking state
[  141.092283][ T6308] bridge0: port 3(macsec0) entered disabled state
[  141.120715][ T6308] device bridge0 left promiscuous mode
[  141.195282][ T6323] 9pnet: Could not find request transport: rdma
[  141.270686][ T6334] loop2: detected capacity change from 0 to 512
[  141.297021][ T6338] syz.7.2406[6338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.297102][ T6338] syz.7.2406[6338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.311549][ T6334] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  141.400288][ T6347] loop8: detected capacity change from 0 to 512
[  141.412044][ T6334] EXT4-fs (loop2): 1 orphan inode deleted
[  141.446478][ T6334] EXT4-fs (loop2): 1 truncate cleaned up
[  141.468626][ T6334] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  141.524256][ T6334] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1440: inode #12: block 7: comm syz.2.2404: path /504/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[  141.557662][ T6334] EXT4-fs (loop2): Remounting filesystem read-only
[  141.558224][ T6347] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  141.571935][ T6357] loop4: detected capacity change from 0 to 128
[  141.599984][ T6334] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1440: inode #12: block 7: comm syz.2.2404: path /504/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[  141.614326][ T6357] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  141.651889][ T6334] EXT4-fs (loop2): Remounting filesystem read-only
[  141.683931][ T6357] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2413'.
[  141.727831][   T28] kauditd_printk_skb: 176 callbacks suppressed
[  141.727848][   T28] audit: type=1326 audit(140.602:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6362 comm="syz.8.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  141.760338][   T28] audit: type=1326 audit(140.639:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6362 comm="syz.8.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  141.784948][ T6367] syz.8.2417[6367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.785029][ T6367] syz.8.2417[6367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.805829][   T28] audit: type=1326 audit(140.639:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6362 comm="syz.8.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  141.848711][ T6365] loop2: detected capacity change from 0 to 1024
[  141.876175][ T6372] netlink: 'syz.7.2420': attribute type 12 has an invalid length.
[  141.920421][ T6365] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.2415: bg 0: block 112: padding at end of block bitmap is not set
[  141.942228][ T6365] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  141.955844][ T6365] EXT4-fs (loop2): This should not happen!! Data will be lost
[  141.955844][ T6365] 
[  142.004250][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2427'.
[  142.037460][ T6391] loop2: detected capacity change from 0 to 1024
[  142.056990][   T28] audit: type=1326 audit(140.911:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6394 comm="syz.4.2430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b69d8f749 code=0x0
[  142.104039][ T6391] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  142.117829][ T6399] netlink: 'syz.5.2432': attribute type 12 has an invalid length.
[  142.147963][ T6391] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3836: comm syz.2.2428: Allocating blocks 385-513 which overlap fs metadata
[  142.170098][ T6407] loop7: detected capacity change from 0 to 1024
[  142.170645][ T6391] EXT4-fs (loop2): pa ffff88813ad913f0: logic 16, phys. 129, len 24
[  142.183956][ T6407] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.185783][ T6391] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  142.231552][   T28] audit: type=1326 audit(141.079:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6411 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa761f8f749 code=0x7ffc0000
[  142.263203][ T6407] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  142.283381][   T28] audit: type=1326 audit(141.079:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6411 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa761f8f749 code=0x7ffc0000
[  142.315054][ T6407] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  142.322753][   T28] audit: type=1326 audit(141.079:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6411 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fa761f8f749 code=0x7ffc0000
[  142.347901][ T6407] System zones: 0-1, 3-36
[  142.348479][   T28] audit: type=1326 audit(141.079:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6411 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa761f8f749 code=0x7ffc0000
[  142.377125][   T28] audit: type=1326 audit(141.079:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6411 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa761f8f749 code=0x7ffc0000
[  142.454097][ T6427] loop2: detected capacity change from 0 to 128
[  142.462980][ T6425] netlink: 'syz.5.2443': attribute type 12 has an invalid length.
[  142.495802][ T6427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2444'.
[  142.556194][ T6434] random: crng reseeded on system resumption
[  142.691688][   T28] audit: type=1400 audit(141.509:2838): avc:  denied  { create } for  pid=6447 comm="syz.2.2453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  142.757423][ T6452] netlink: 'syz.2.2455': attribute type 12 has an invalid length.
[  142.830521][ T6458] netlink: 'syz.2.2458': attribute type 3 has an invalid length.
[  142.840591][ T6458] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2458'.
[  142.906539][ T6462] loop2: detected capacity change from 0 to 512
[  142.929282][ T6462] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  142.957875][ T6462] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  142.980421][ T6462] EXT4-fs (loop2): 1 truncate cleaned up
[  143.022156][ T6473] netlink: 8 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  143.085264][ T6477] loop4: detected capacity change from 0 to 128
[  143.131379][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2467'.
[  143.143862][ T6482] loop8: detected capacity change from 0 to 512
[  143.200526][ T6482] EXT4-fs (loop8): can't mount with commit=2, fs mounted w/o journal
[  143.261038][ T6488] loop8: detected capacity change from 0 to 512
[  143.270286][ T6488] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  143.282788][ T6488] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  143.304544][ T6488] EXT4-fs (loop8): 1 truncate cleaned up
[  143.390764][ T6496] loop4: detected capacity change from 0 to 512
[  143.444648][ T6496] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  143.480094][ T6500] 9pnet_virtio: no channels available for device 127.0.0.1
[  143.508663][ T6496] EXT4-fs (loop4): 1 truncate cleaned up
[  143.932674][ T6516] loop2: detected capacity change from 0 to 128
[  143.940612][ T6517] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2481'.
[  143.995001][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2479'.
[  144.186585][ T6527] loop5: detected capacity change from 0 to 512
[  144.255074][ T6533] loop4: detected capacity change from 0 to 1024
[  144.278694][ T6527] EXT4-fs warning (device loop5): ext4_xattr_inode_get:509: inode #11: comm gtp: EA inode hash validation failed
[  144.342726][ T6527] EXT4-fs error (device loop5): ext4_do_update_inode:5270: inode #15: comm gtp: corrupted inode contents
[  144.375653][ T6533] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 3: comm syz.4.2489: lblock 3 mapped to illegal pblock 3 (length 1)
[  144.420766][ T6546] loop7: detected capacity change from 0 to 128
[  144.429098][ T6527] EXT4-fs error (device loop5): ext4_dirty_inode:6135: inode #15: comm gtp: mark_inode_dirty error
[  144.447354][ T6533] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  144.489685][ T6546] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  144.509176][ T6527] EXT4-fs error (device loop5): ext4_do_update_inode:5270: inode #15: comm gtp: corrupted inode contents
[  144.547004][ T6546] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  144.556043][ T6527] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2964: inode #15: comm gtp: mark_inode_dirty error
[  144.568427][ T6533] EXT4-fs (loop4): This should not happen!! Data will be lost
[  144.568427][ T6533] 
[  144.579583][ T6546] FAT-fs (loop7): Filesystem has been set read-only
[  144.580326][ T6527] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2967: inode #15: comm gtp: mark inode dirty (error -117)
[  144.601288][ T6549] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.2489: lblock 0 mapped to illegal pblock 0 (length 3)
[  144.601367][ T6527] EXT4-fs warning (device loop5): ext4_evict_inode:299: xattr delete (err -117)
[  144.626714][ T6546] syz.7.2494: attempt to access beyond end of device
[  144.626714][ T6546] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  144.626849][ T6527] EXT4-fs (loop5): 1 orphan inode deleted
[  144.648657][ T6549] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  144.679194][ T6546] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  144.681217][ T6549] EXT4-fs (loop4): This should not happen!! Data will be lost
[  144.681217][ T6549] 
[  144.713009][ T6546] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  144.721462][ T5284] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:21: lblock 4 mapped to illegal pblock 4 (length 1)
[  144.737671][ T6546] syz.7.2494: attempt to access beyond end of device
[  144.737671][ T6546] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  144.745690][ T5284] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 117
[  144.768531][ T6546] syz.7.2494: attempt to access beyond end of device
[  144.768531][ T6546] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  144.784017][ T5284] EXT4-fs (loop4): This should not happen!! Data will be lost
[  144.784017][ T5284] 
[  144.861029][ T6557] loop4: detected capacity change from 0 to 128
[  144.913553][ T6557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  145.096746][ T5284] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.187568][ T6584] loop5: detected capacity change from 0 to 128
[  145.398712][ T6612] kernel profiling enabled (shift: 17)
[  145.408977][ T6610] netlink: 'syz.5.2522': attribute type 12 has an invalid length.
[  145.444886][ T6612] loop2: detected capacity change from 0 to 2048
[  145.479682][ T6612]  loop2: p1 < > p4
[  145.489657][ T6612] loop2: p4 size 8388608 extends beyond EOD, truncated
[  145.553203][ T6627] loop5: detected capacity change from 0 to 512
[  145.577253][ T6634] loop7: detected capacity change from 0 to 512
[  145.586782][ T6627] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  145.622217][ T6641] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  145.645697][ T6634] EXT4-fs error (device loop7): ext4_do_update_inode:5270: inode #2: comm syz.7.2532: corrupted inode contents
[  145.646692][ T6643] netlink: 'syz.5.2535': attribute type 12 has an invalid length.
[  145.679927][ T6634] EXT4-fs error (device loop7): ext4_dirty_inode:6135: inode #2: comm syz.7.2532: mark_inode_dirty error
[  145.694861][ T6634] EXT4-fs error (device loop7): ext4_do_update_inode:5270: inode #2: comm syz.7.2532: corrupted inode contents
[  145.696242][ T6646] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6646 comm=wg1
[  145.776196][ T6648] loop2: detected capacity change from 0 to 4096
[  145.776980][ T6651] loop7: detected capacity change from 0 to 1024
[  145.783541][ T6648] EXT4-fs: Ignoring removed i_version option
[  145.802155][ T6651] EXT4-fs: Ignoring removed orlov option
[  145.834491][ T6651] EXT4-fs (loop7): re-mounted. Quota mode: none.
[  145.861404][ T6659] loop5: detected capacity change from 0 to 128
[  146.384222][ T6678] loop5: detected capacity change from 0 to 128
[  146.395701][ T6678] FAT-fs (loop5): error, clusters badly computed (2 != 0)
[  146.403122][ T6678] FAT-fs (loop5): Filesystem has been set read-only
[  146.411357][ T6678] FAT-fs (loop5): error, clusters badly computed (3 != 1)
[  146.427197][ T6678] FAT-fs (loop5): error, clusters badly computed (4 != 2)
[  146.683199][ T6711] loop5: detected capacity change from 0 to 512
[  146.804617][ T6742] netlink: 'syz.5.2576': attribute type 12 has an invalid length.
[  147.241558][ T3138] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  147.241590][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  147.254677][ T6571] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  147.448730][   T28] kauditd_printk_skb: 131 callbacks suppressed
[  147.448748][   T28] audit: type=1400 audit(145.953:2970): avc:  denied  { connect } for  pid=6755 comm="syz.2.2583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  147.459540][ T6760] loop4: detected capacity change from 0 to 128
[  147.505048][   T28] audit: type=1400 audit(145.990:2971): avc:  denied  { read } for  pid=6755 comm="syz.2.2583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  147.541832][ T5410] Bluetooth: hci0: Frame reassembly failed (-84)
[  147.558788][ T6774] loop2: detected capacity change from 0 to 2040
[  147.560822][ T6772] netlink: 'syz.7.2589': attribute type 12 has an invalid length.
[  147.609736][ T6774] Alternate GPT is invalid, using primary GPT.
[  147.617331][ T6774]  loop2: p2 p3 p7
[  147.666810][   T28] audit: type=1400 audit(146.158:2972): avc:  denied  { getopt } for  pid=6793 comm="syz.2.2598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  147.686352][ T6798] loop7: detected capacity change from 0 to 512
[  147.744772][   T28] audit: type=1400 audit(146.233:2973): avc:  denied  { watch } for  pid=6811 comm="syz.2.2608" path="/control" dev="ramfs" ino=37949 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  147.784053][ T6816] __nla_validate_parse: 2 callbacks suppressed
[  147.784073][ T6816] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2610'.
[  147.822437][ T6820] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2612'.
[  147.884250][ T6825] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  147.904037][ T6827] loop7: detected capacity change from 0 to 128
[  147.942910][   T28] audit: type=1326 audit(146.411:2974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  147.985196][   T28] audit: type=1326 audit(146.411:2975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  147.992391][ T6834] loop8: detected capacity change from 0 to 8192
[  148.010435][   T28] audit: type=1326 audit(146.411:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  148.044487][ T6834]  loop8: p1 p2 p3 p4
[  148.049177][ T6834] loop8: p1 size 196608 extends beyond EOD, truncated
[  148.051581][   T28] audit: type=1326 audit(146.411:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  148.082136][   T28] audit: type=1326 audit(146.411:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  148.106937][ T6834] loop8: p2 start 164919041 is beyond EOD, truncated
[  148.114606][ T6834] loop8: p3 size 66846464 extends beyond EOD, truncated
[  148.122331][   T28] audit: type=1326 audit(146.411:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.8.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f652418f749 code=0x7ffc0000
[  148.133515][ T6834] loop8: p4 size 37048832 extends beyond EOD, truncated
[  148.173365][ T6848] netlink: 'syz.2.2625': attribute type 12 has an invalid length.
[  148.184836][ T6850] SELinux:  Context system_u:object_r:fsa is not valid (left unmapped).
[  148.222031][ T6858] netlink: 'syz.7.2631': attribute type 13 has an invalid length.
[  148.270337][ T6858] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.278452][ T6858] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.306674][ T6864] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2627'.
[  148.337832][ T6872] loop2: detected capacity change from 0 to 512
[  148.351933][ T6874] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2637'.
[  148.380333][ T6864] loop8: detected capacity change from 0 to 512
[  148.400814][ T6864] EXT4-fs warning (device loop8): ext4_xattr_inode_get:495: inode #11: comm syz.8.2627: ea_inode file size=0 entry size=6
[  148.415595][ T6864] ------------[ cut here ]------------
[  148.421441][ T6864] EA inode 11 i_nlink=2
[  148.423150][ T6864] WARNING: CPU: 1 PID: 6864 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x4ad/0x510
[  148.437971][ T6864] Modules linked in:
[  148.442588][ T6864] CPU: 1 PID: 6864 Comm: syz.8.2627 Not tainted syzkaller #0
[  148.450240][ T6885] loop2: detected capacity change from 0 to 128
[  148.456253][ T6885] FAT-fs (loop2): Directory bread(block 524322) failed
[  148.457151][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  148.474808][ T6864] RIP: 0010:ext4_xattr_inode_update_ref+0x4ad/0x510
[  148.475202][ T6885] FAT-fs (loop2): Directory bread(block 524323) failed
[  148.481855][ T6864] Code: 8d 7d 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 84 14 bb ff 49 8b 37 48 c7 c7 c0 e8 94 85 89 da e8 c3 cf 47 ff <0f> 0b 4c 8b 6c 24 10 4c 8b 7c 24 08 4c 8d 64 24 60 e9 b4 fe ff ff
[  148.481880][ T6864] RSP: 0018:ffffc90003c6f180 EFLAGS: 00010246
[  148.516488][ T6885] FAT-fs (loop2): Directory bread(block 524324) failed
[  148.516522][ T6885] FAT-fs (loop2): Directory bread(block 524325) failed
[  148.516737][ T6885] FAT-fs (loop2): Directory bread(block 524326) failed
[  148.523808][ T6864] RAX: 5e63f4219d6a3d00 RBX: 0000000000000002 RCX: 0000000000080000
[  148.523832][ T6864] RDX: ffffc9000165a000 RSI: 0000000000008c14 RDI: 0000000000008c15
[  148.523845][ T6864] RBP: ffffc90003c6f270 R08: dffffc0000000000 R09: fffff5200078ddad
[  148.523859][ T6864] R10: fffff5200078ddad R11: 1ffff9200078ddac R12: ffffc90003c6f1e0
[  148.523873][ T6864] R13: ffff88813adeaf28 R14: dffffc0000000000 R15: ffff88813adeaf68
[  148.564840][ T6885] FAT-fs (loop2): Directory bread(block 524327) failed
[  148.573580][ T6864] FS:  00007f65250b56c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  148.573608][ T6864] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  148.573622][ T6864] CR2: 00007f4c98c16195 CR3: 000000011d9f9000 CR4: 00000000003506a0
[  148.573639][ T6864] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  148.616515][ T6885] FAT-fs (loop2): Directory bread(block 524328) failed
[  148.616548][ T6885] FAT-fs (loop2): Directory bread(block 524329) failed
[  148.640864][ T6864] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  148.648655][ T6885] FAT-fs (loop2): Directory bread(block 524322) failed
[  148.649619][ T6864] Call Trace:
[  148.660798][ T6864]  <TASK>
[  148.663787][ T6864]  ? ext4_xattr_block_csum+0x500/0x500
[  148.668529][ T6888] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  148.669802][ T6864]  ? kasan_save_alloc_info+0x25/0x30
[  148.679426][ T6885] FAT-fs (loop2): Directory bread(block 524323) failed
[  148.685323][ T6864]  ? __kasan_kmalloc+0x95/0xb0
[  148.685358][ T6864]  ? ext4_xattr_inode_dec_ref_all+0x423/0xfe0
[  148.692782][ T6888] device bridge_slave_1 left promiscuous mode
[  148.697459][ T6864]  ? kmalloc_trace+0x40/0xb0
[  148.711802][ T6888] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.714991][ T6864]  ext4_xattr_inode_dec_ref_all+0xa91/0xfe0
[  148.715039][ T6864]  ? errseq_check+0x41/0x80
[  148.734007][ T6864]  ? ext4_xattr_delete_inode+0xbb0/0xbb0
[  148.740375][ T6864]  ? __cfi___ext4_journal_get_write_access+0x10/0x10
[  148.747610][ T6864]  ? __kasan_check_write+0x14/0x20
[  148.752948][ T6864]  ext4_xattr_delete_inode+0x9f1/0xbb0
[  148.758866][ T6864]  ? ext4_truncate+0xbde/0xf90
[  148.763933][ T6864]  ? __cfi_ext4_xattr_delete_inode+0x10/0x10
[  148.770894][ T6864]  ext4_evict_inode+0xe58/0x1460
[  148.775989][ T6864]  ? _raw_spin_unlock+0x4c/0x70
[  148.781196][ T6864]  ? __cfi_ext4_evict_inode+0x10/0x10
[  148.786851][ T6864]  ? unlock_new_inode+0x97/0xc0
[  148.792019][ T6864]  ? __cfi_ext4_evict_inode+0x10/0x10
[  148.797515][ T6864]  evict+0x493/0x890
[  148.801619][ T6864]  ? proc_nr_inodes+0x2f0/0x2f0
[  148.806964][ T6864]  ? __kasan_check_write+0x14/0x20
[  148.812467][ T6864]  iput+0x620/0x670
[  148.816908][ T6864]  ext4_process_orphan+0x2b1/0x320
[  148.822788][ T6864]  ext4_orphan_cleanup+0xb02/0x1210
[  148.828154][ T6864]  ? proc_register+0x546/0x720
[  148.833217][ T6864]  ? __cfi_ext4_orphan_cleanup+0x10/0x10
[  148.839235][ T6864]  ? ext4_register_sysfs+0x285/0x2c0
[  148.844886][ T6864]  ? errseq_check_and_advance+0x66/0x130
[  148.850934][ T6864]  ext4_fill_super+0x7439/0x7970
[  148.856332][ T6864]  ? __cfi_ext4_fill_super+0x10/0x10
[  148.861812][ T6864]  ? snprintf+0xd7/0x120
[  148.873841][ T6864]  ? set_blocksize+0x1df/0x360
[  148.879291][ T6864]  ? sb_set_blocksize+0xaa/0xf0
[  148.884617][ T6864]  get_tree_bdev+0x444/0x680
[  148.889271][ T6864]  ? __cfi_ext4_fill_super+0x10/0x10
[  148.894866][ T6864]  ext4_get_tree+0x1c/0x20
[  148.899633][ T6864]  vfs_get_tree+0x9a/0x270
[  148.904360][ T6864]  do_new_mount+0x25a/0xa20
[  148.909436][ T6864]  path_mount+0x675/0x1010
[  148.914164][ T6864]  ? user_path_at_empty+0x161/0x1c0
[  148.920252][ T6864]  __se_sys_mount+0x318/0x380
[  148.925453][ T6864]  ? do_mkdirat+0x459/0x4c0
[  148.930358][ T6864]  ? __x64_sys_mount+0xd0/0xd0
[  148.935375][ T6864]  ? __secure_computing+0xea/0x290
[  148.940967][ T6864]  __x64_sys_mount+0xbf/0xd0
[  148.946403][ T6864]  x64_sys_call+0x65d/0x9a0
[  148.951336][ T6864]  do_syscall_64+0x4c/0xa0
[  148.956678][ T6864]  ? clear_bhb_loop+0x30/0x80
[  148.961746][ T6864]  ? clear_bhb_loop+0x30/0x80
[  148.966764][ T6864]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  148.973618][ T6864] RIP: 0033:0x7f6524190eea
[  148.978349][ T6864] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.999140][ T6864] RSP: 002b:00007f65250b4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.007803][ T6864] RAX: ffffffffffffffda RBX: 00007f65250b4ef0 RCX: 00007f6524190eea
[  149.016330][ T6864] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f65250b4eb0
[  149.024465][ T6864] RBP: 0000200000000180 R08: 00007f65250b4ef0 R09: 0000000000800700
[  149.032907][ T6864] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  149.041941][ T6864] R13: 00007f65250b4eb0 R14: 0000000000000473 R15: 0000200000000680
[  149.050853][ T6864]  </TASK>
[  149.054181][ T6864] ---[ end trace 0000000000000000 ]---
[  149.060207][ T6864] EXT4-fs (loop8): 1 orphan inode deleted
[  149.067162][ T6888] device bridge_slave_0 left promiscuous mode
[  149.073857][ T6888] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.152555][ T6899] device pim6reg1 entered promiscuous mode
[  149.154572][ T6905] loop8: detected capacity change from 0 to 1024
[  149.166145][ T6905] EXT4-fs: Ignoring removed orlov option
[  149.212728][ T6917] loop8: detected capacity change from 0 to 512
[  149.241034][ T6917] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #2: comm syz.8.2655: corrupted inode contents
[  149.255070][ T6917] EXT4-fs error (device loop8): ext4_dirty_inode:6135: inode #2: comm syz.8.2655: mark_inode_dirty error
[  149.268624][ T6917] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #2: comm syz.8.2655: corrupted inode contents
[  149.282618][ T6923] netlink: 'syz.7.2658': attribute type 3 has an invalid length.
[  149.337505][ T6931] usb usb1: usbfs: interface 0 claimed by hub while 'syz.7.2662' sets config #1
[  149.409939][ T6946] UHID_CREATE from different security context by process 1072 (syz.4.2668), this is not allowed.
[  149.449829][ T6950] hub 9-0:1.0: USB hub found
[  149.455782][ T6950] hub 9-0:1.0: 1 port detected
[  149.546029][ T6970] usb usb8: usbfs: process 6970 (syz.8.2681) did not claim interface 0 before use
[  149.604552][ T6979] loop8: detected capacity change from 0 to 512
[  149.636436][ T6979] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  149.645537][ T6979] EXT4-fs (loop8): orphan cleanup on readonly fs
[  149.654310][ T6979] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #16: comm syz.8.2685: corrupted inode contents
[  149.675840][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.683851][ T6979] EXT4-fs error (device loop8): ext4_dirty_inode:6135: inode #16: comm syz.8.2685: mark_inode_dirty error
[  149.694746][ T6989] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2689'.
[  149.696295][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.714354][ T6979] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #16: comm syz.8.2685: corrupted inode contents
[  149.729036][ T3414] Bluetooth: hci0: command 0x1003 tx timeout
[  149.736206][ T3138] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  149.736702][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.752493][ T6771] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  149.757115][ T6979] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #16: comm syz.8.2685: mark_inode_dirty error
[  149.787860][ T6995] loop2: detected capacity change from 0 to 512
[  149.795351][ T6995] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.824071][ T6995] EXT4-fs (loop2): 1 truncate cleaned up
[  149.872362][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.891980][ T6979] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #16: comm syz.8.2685: corrupted inode contents
[  149.894332][ T6998] loop5: detected capacity change from 0 to 128
[  149.911950][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.915289][ T7000] syz.4.2693 uses obsolete (PF_INET,SOCK_PACKET)
[  149.925756][ T6979] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[  149.937513][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.944671][ T6979] EXT4-fs error (device loop8): ext4_do_update_inode:5270: inode #16: comm syz.8.2685: corrupted inode contents
[  149.958377][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.965391][ T6979] EXT4-fs error (device loop8): ext4_truncate:4320: inode #16: comm syz.8.2685: mark_inode_dirty error
[  149.978245][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  149.981435][ T6998] syz.5.2692: attempt to access beyond end of device
[  149.981435][ T6998] loop5: rw=2049, sector=617, nr_sectors = 64 limit=128
[  149.999719][ T6979] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[  150.010348][ T6979] EXT4-fs (loop8): Remounting filesystem read-only
[  150.023378][ T6979] EXT4-fs (loop8): 1 truncate cleaned up
[  150.030676][ T5410] EXT4-fs error (device loop8): ext4_release_dquot:6839: comm kworker/u4:106: Failed to release dquot type 1
[  150.043282][ T5410] EXT4-fs (loop8): Remounting filesystem read-only
[  150.285600][ T7016] netlink: 'syz.5.2700': attribute type 12 has an invalid length.
[  150.632450][ T7039] netlink: 'syz.5.2713': attribute type 12 has an invalid length.
[  150.644158][ T7037] loop7: detected capacity change from 0 to 128
[  150.660796][ T7040] loop2: detected capacity change from 0 to 512
[  150.671368][ T7040] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  150.687448][ T7037] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2710'.
[  150.712804][ T7032] SELinux: failed to load policy
[  150.735510][ T7040] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  150.740730][ T7049] loop7: detected capacity change from 0 to 4096
[  150.749689][ T7040] FAT-fs (loop2): Filesystem has been set read-only
[  150.761856][ T7040] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  150.781272][ T7040] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  150.790588][ T7040] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  150.810980][ T7058] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2721'.
[  150.833492][    C1] ==================================================================
[  150.842484][    C1] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[  150.850282][    C1] Write of size 8 at addr ffff88811c750a00 by task syz.4.2723/7061
[  150.858719][    C1] 
[  150.861069][    C1] CPU: 1 PID: 7061 Comm: syz.4.2723 Tainted: G        W          syzkaller #0
[  150.870445][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  150.881398][    C1] Call Trace:
[  150.884780][    C1]  <IRQ>
[  150.887711][    C1]  __dump_stack+0x21/0x24
[  150.892048][    C1]  dump_stack_lvl+0xee/0x150
[  150.896643][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[  150.901757][    C1]  ? enqueue_timer+0xae/0x480
[  150.906705][    C1]  print_address_description+0x71/0x200
[  150.912517][    C1]  print_report+0x4a/0x60
[  150.917233][    C1]  kasan_report+0x122/0x150
[  150.922284][    C1]  ? enqueue_timer+0xae/0x480
[  150.927590][    C1]  __asan_report_store8_noabort+0x17/0x20
[  150.933628][    C1]  enqueue_timer+0xae/0x480
[  150.938788][    C1]  __mod_timer+0x84a/0xbf0
[  150.943386][    C1]  mod_timer+0x1f/0x30
[  150.947688][    C1]  tipc_disc_timeout+0x628/0x830
[  150.953123][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[  150.958794][    C1]  ? __kasan_check_write+0x14/0x20
[  150.964383][    C1]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  150.971164][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[  150.977003][    C1]  call_timer_fn+0x46/0x2a0
[  150.982120][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[  150.987867][    C1]  __run_timers+0x644/0x9b0
[  150.992636][    C1]  ? calc_index+0x200/0x200
[  150.997486][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  151.002815][    C1]  run_timer_softirq+0x6a/0xf0
[  151.007741][    C1]  handle_softirqs+0x1d7/0x600
[  151.013063][    C1]  __irq_exit_rcu+0x52/0xf0
[  151.018871][    C1]  irq_exit_rcu+0x9/0x10
[  151.023482][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  151.029408][    C1]  </IRQ>
[  151.032359][    C1]  <TASK>
[  151.035707][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  151.042074][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x1/0x90
[  151.049383][    C1] Code: 10 48 89 74 11 18 48 89 44 11 20 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 7d 47 2f 67 55 <48> 89 e5 48 8b 45 08 65 48 8b 15 20 41 92 7e 65 8b 0d 21 41 92 7e
[  151.070832][    C1] RSP: 0018:ffffc900082ef990 EFLAGS: 00000246
[  151.077254][    C1] RAX: ffffffff86ef83a0 RBX: ffff88812edf1df8 RCX: 0000000000080000
[  151.085504][    C1] RDX: ffffc9000225d000 RSI: 0000000000000000 RDI: 0000000000000000
[  151.093746][    C1] RBP: ffffc900082efbb0 R08: dffffc0000000000 R09: fffff5200105df0d
[  151.102239][    C1] R10: fffff5200105df0d R11: 1ffff9200105df0c R12: 0000000000008002
[  151.111292][    C1] R13: ffffc900082efc00 R14: 1ffff11024813648 R15: dffffc0000000000
[  151.119987][    C1]  ? path_openat+0x2211/0x2f50
[  151.124846][    C1]  ? kasan_set_track+0x4b/0x70
[  151.129615][    C1]  ? getname_flags+0xb9/0x500
[  151.134418][    C1]  ? getname+0x19/0x20
[  151.138758][    C1]  ? x64_sys_call+0x783/0x9a0
[  151.143697][    C1]  ? do_syscall_64+0x4c/0xa0
[  151.148461][    C1]  ? do_filp_open+0x3c0/0x3c0
[  151.153247][    C1]  do_filp_open+0x1c1/0x3c0
[  151.157752][    C1]  ? __cfi_do_filp_open+0x10/0x10
[  151.163738][    C1]  ? alloc_fd+0x4e6/0x590
[  151.168386][    C1]  do_sys_openat2+0x185/0x7e0
[  151.173343][    C1]  ? __se_sys_futex+0x273/0x2e0
[  151.178564][    C1]  ? do_sys_open+0xe0/0xe0
[  151.183269][    C1]  ? __this_cpu_preempt_check+0x13/0x20
[  151.189301][    C1]  ? xfd_validate_state+0x70/0x150
[  151.194691][    C1]  __x64_sys_openat+0x136/0x160
[  151.199724][    C1]  x64_sys_call+0x783/0x9a0
[  151.204407][    C1]  do_syscall_64+0x4c/0xa0
[  151.209030][    C1]  ? clear_bhb_loop+0x30/0x80
[  151.213709][    C1]  ? clear_bhb_loop+0x30/0x80
[  151.218910][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.225334][    C1] RIP: 0033:0x7f0b69d8df90
[  151.230180][    C1] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  151.251248][    C1] RSP: 002b:00007f0b6acb8b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  151.259923][    C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0b69d8df90
[  151.268247][    C1] RDX: 0000000000000002 RSI: 00007f0b6acb8c10 RDI: 00000000ffffff9c
[  151.276706][    C1] RBP: 00007f0b6acb8c10 R08: 0000000000000000 R09: 00007f0b6acb8987
[  151.285201][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  151.293885][    C1] R13: 00007f0b69fe6038 R14: 00007f0b69fe5fa0 R15: 00007fff2b6414d8
[  151.303299][    C1]  </TASK>
[  151.306696][    C1] 
[  151.309409][    C1] Allocated by task 6771:
[  151.314302][    C1]  kasan_set_track+0x4b/0x70
[  151.318994][    C1]  kasan_save_alloc_info+0x25/0x30
[  151.324284][    C1]  __kasan_kmalloc+0x95/0xb0
[  151.329418][    C1]  __kmalloc+0xb1/0x1e0
[  151.334002][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[  151.339455][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[  151.345196][    C1]  tty_ioctl+0x8ef/0xc60
[  151.349442][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  151.354395][    C1]  __x64_sys_ioctl+0x7b/0x90
[  151.359022][    C1]  x64_sys_call+0x58b/0x9a0
[  151.365027][    C1]  do_syscall_64+0x4c/0xa0
[  151.369739][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.375983][    C1] 
[  151.378423][    C1] Freed by task 6771:
[  151.382485][    C1]  kasan_set_track+0x4b/0x70
[  151.387192][    C1]  kasan_save_free_info+0x31/0x50
[  151.393373][    C1]  ____kasan_slab_free+0x132/0x180
[  151.398845][    C1]  __kasan_slab_free+0x11/0x20
[  151.404857][    C1]  slab_free_freelist_hook+0xc2/0x190
[  151.410620][    C1]  __kmem_cache_free+0xb7/0x1b0
[  151.416247][    C1]  kfree+0x6f/0xf0
[  151.420351][    C1]  hci_release_dev+0x12a3/0x13b0
[  151.425591][    C1]  bt_host_release+0x82/0x90
[  151.431259][    C1]  device_release+0xa4/0x1d0
[  151.436132][    C1]  kobject_put+0x19d/0x280
[  151.441101][    C1]  put_device+0x1f/0x30
[  151.446115][    C1]  hci_dev_cmd+0x265/0x720
[  151.451966][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  151.457800][    C1]  sock_do_ioctl+0x101/0x310
[  151.463395][    C1]  sock_ioctl+0x4d8/0x6e0
[  151.469461][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  151.474839][    C1]  __x64_sys_ioctl+0x7b/0x90
[  151.480781][    C1]  x64_sys_call+0x58b/0x9a0
[  151.485915][    C1]  do_syscall_64+0x4c/0xa0
[  151.490797][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.497501][    C1] 
[  151.500627][    C1] Last potentially related work creation:
[  151.507252][    C1]  kasan_save_stack+0x3a/0x60
[  151.512818][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  151.518542][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  151.524890][    C1]  insert_work+0x51/0x300
[  151.529402][    C1]  __queue_work+0x9b1/0xd30
[  151.534385][    C1]  queue_work_on+0xd2/0x140
[  151.539377][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  151.545166][    C1]  hci_cmd_sync_status+0x53/0x120
[  151.550633][    C1]  hci_dev_cmd+0x33b/0x720
[  151.555590][    C1]  hci_sock_ioctl+0x41e/0x7f0
[  151.561869][    C1]  sock_do_ioctl+0x101/0x310
[  151.567280][    C1]  sock_ioctl+0x4d8/0x6e0
[  151.573663][    C1]  __se_sys_ioctl+0x12f/0x1b0
[  151.580135][    C1]  __x64_sys_ioctl+0x7b/0x90
[  151.585711][    C1]  x64_sys_call+0x58b/0x9a0
[  151.591407][    C1]  do_syscall_64+0x4c/0xa0
[  151.597241][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.606602][    C1] 
[  151.609757][    C1] Second to last potentially related work creation:
[  151.619863][    C1]  kasan_save_stack+0x3a/0x60
[  151.626605][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[  151.634713][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  151.642860][    C1]  insert_work+0x51/0x300
[  151.648534][    C1]  __queue_work+0x9b1/0xd30
[  151.654555][    C1]  queue_work_on+0xd2/0x140
[  151.660390][    C1]  hci_cmd_timeout+0x191/0x200
[  151.665821][    C1]  process_one_work+0x71f/0xc40
[  151.671563][    C1]  worker_thread+0xa29/0x11f0
[  151.677221][    C1]  kthread+0x281/0x320
[  151.681982][    C1]  ret_from_fork+0x1f/0x30
[  151.687205][    C1] 
[  151.689987][    C1] The buggy address belongs to the object at ffff88811c750000
[  151.689987][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  151.706754][    C1] The buggy address is located 2560 bytes inside of
[  151.706754][    C1]  8192-byte region [ffff88811c750000, ffff88811c752000)
[  151.721979][    C1] 
[  151.724609][    C1] The buggy address belongs to the physical page:
[  151.731997][    C1] page:ffffea000471d400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11c750
[  151.744170][    C1] head:ffffea000471d400 order:3 compound_mapcount:0 compound_pincount:0
[  151.753752][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  151.761939][    C1] raw: 4000000000010200 ffffea00046f9c00 dead000000000002 ffff888100043500
[  151.773347][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  151.782911][    C1] page dumped because: kasan: bad access detected
[  151.789786][    C1] page_owner tracks the page as allocated
[  151.796139][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6170, tgid 6169 (syz.2.2329), ts 138669549402, free_ts 138667233312
[  151.822077][    C1]  post_alloc_hook+0x1f5/0x210
[  151.827425][    C1]  prep_new_page+0x1c/0x110
[  151.832793][    C1]  get_page_from_freelist+0x2c7b/0x2cf0
[  151.839741][    C1]  __alloc_pages+0x1c3/0x450
[  151.845892][    C1]  alloc_slab_page+0x6e/0xf0
[  151.851652][    C1]  new_slab+0x98/0x3d0
[  151.856375][    C1]  ___slab_alloc+0x6bd/0xb20
[  151.861832][    C1]  __slab_alloc+0x5e/0xa0
[  151.867324][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[  151.873482][    C1]  kmalloc_trace+0x29/0xb0
[  151.878336][    C1]  audit_log_d_path+0xc6/0x240
[  151.883711][    C1]  audit_log_d_path_exe+0x42/0x70
[  151.889005][    C1]  audit_log_task+0x205/0x2e0
[  151.894243][    C1]  audit_seccomp+0x7f/0x160
[  151.899198][    C1]  __seccomp_filter+0xaec/0x19e0
[  151.904246][    C1]  __secure_computing+0xea/0x290
[  151.909568][    C1] page last free stack trace:
[  151.914765][    C1]  free_unref_page_prepare+0x742/0x750
[  151.920336][    C1]  free_unref_page+0x8f/0x530
[  151.925472][    C1]  __free_pages+0x67/0x100
[  151.930259][    C1]  __free_slab+0xca/0x1a0
[  151.934901][    C1]  __unfreeze_partials+0x160/0x190
[  151.940551][    C1]  put_cpu_partial+0xa9/0x100
[  151.945850][    C1]  __slab_free+0x1c4/0x280
[  151.951772][    C1]  ___cache_free+0xbf/0xd0
[  151.957786][    C1]  qlist_free_all+0xc6/0x140
[  151.962866][    C1]  kasan_quarantine_reduce+0x14a/0x170
[  151.969221][    C1]  __kasan_slab_alloc+0x24/0x80
[  151.974864][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  151.980196][    C1]  kmem_cache_alloc+0x16e/0x330
[  151.985837][    C1]  audit_log_start+0x3a4/0x8b0
[  151.990912][    C1]  audit_seccomp+0x62/0x160
[  151.995606][    C1]  __seccomp_filter+0xaec/0x19e0
[  152.000634][    C1] 
[  152.003137][    C1] Memory state around the buggy address:
[  152.009213][    C1]  ffff88811c750900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.017631][    C1]  ffff88811c750980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.026206][    C1] >ffff88811c750a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.034524][    C1]                    ^
[  152.038985][    C1]  ffff88811c750a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.047468][    C1]  ffff88811c750b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.056308][    C1] ==================================================================
[  152.064945][    C1] Disabling lock debugging due to kernel taint
[  152.072468][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  152.086648][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  152.095777][    C1] CPU: 1 PID: 7061 Comm: syz.4.2723 Tainted: G    B   W          syzkaller #0
[  152.105253][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  152.116523][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  152.122248][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 78 e3 28 00 4c 89 ff e8 10 28 ad 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 cc 5b 6d 00 49 8b 7d 00 e8 f3 23
[  152.143094][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  152.149583][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888132e58000
[  152.157815][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  152.166594][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  152.175485][    C1] R10: ffffed10238ea139 R11: 1ffff110238ea139 R12: dffffc0000000000
[  152.183925][    C1] R13: 0000000000000000 R14: ffff88811c7509c8 R15: 0000000000000008
[  152.192358][    C1] FS:  00007f0b6acb96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  152.202163][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.208941][    C1] CR2: 0000001b2ea23ffc CR3: 000000011ca94000 CR4: 00000000003506a0
[  152.217531][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  152.226823][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  152.235593][    C1] Call Trace:
[  152.239324][    C1]  <IRQ>
[  152.242465][    C1]  delayed_work_timer_fn+0x61/0x80
[  152.248728][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  152.255047][    C1]  call_timer_fn+0x46/0x2a0
[  152.259565][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  152.266120][    C1]  __run_timers+0x672/0x9b0
[  152.270657][    C1]  ? calc_index+0x200/0x200
[  152.275376][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  152.280774][    C1]  run_timer_softirq+0x6a/0xf0
[  152.286012][    C1]  handle_softirqs+0x1d7/0x600
[  152.290980][    C1]  __irq_exit_rcu+0x52/0xf0
[  152.295878][    C1]  irq_exit_rcu+0x9/0x10
[  152.300991][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  152.306816][    C1]  </IRQ>
[  152.309833][    C1]  <TASK>
[  152.312968][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  152.319310][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x1/0x90
[  152.326969][    C1] Code: 10 48 89 74 11 18 48 89 44 11 20 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 7d 47 2f 67 55 <48> 89 e5 48 8b 45 08 65 48 8b 15 20 41 92 7e 65 8b 0d 21 41 92 7e
[  152.347902][    C1] RSP: 0018:ffffc900082ef990 EFLAGS: 00000246
[  152.354687][    C1] RAX: ffffffff86ef83a0 RBX: ffff88812edf1df8 RCX: 0000000000080000
[  152.363237][    C1] RDX: ffffc9000225d000 RSI: 0000000000000000 RDI: 0000000000000000
[  152.372381][    C1] RBP: ffffc900082efbb0 R08: dffffc0000000000 R09: fffff5200105df0d
[  152.381257][    C1] R10: fffff5200105df0d R11: 1ffff9200105df0c R12: 0000000000008002
[  152.389598][    C1] R13: ffffc900082efc00 R14: 1ffff11024813648 R15: dffffc0000000000
[  152.397930][    C1]  ? path_openat+0x2211/0x2f50
[  152.402966][    C1]  ? kasan_set_track+0x4b/0x70
[  152.408040][    C1]  ? getname_flags+0xb9/0x500
[  152.413397][    C1]  ? getname+0x19/0x20
[  152.419044][    C1]  ? x64_sys_call+0x783/0x9a0
[  152.423922][    C1]  ? do_syscall_64+0x4c/0xa0
[  152.428738][    C1]  ? do_filp_open+0x3c0/0x3c0
[  152.433526][    C1]  do_filp_open+0x1c1/0x3c0
[  152.438237][    C1]  ? __cfi_do_filp_open+0x10/0x10
[  152.443371][    C1]  ? alloc_fd+0x4e6/0x590
[  152.447813][    C1]  do_sys_openat2+0x185/0x7e0
[  152.452855][    C1]  ? __se_sys_futex+0x273/0x2e0
[  152.458382][    C1]  ? do_sys_open+0xe0/0xe0
[  152.463096][    C1]  ? __this_cpu_preempt_check+0x13/0x20
[  152.469533][    C1]  ? xfd_validate_state+0x70/0x150
[  152.475017][    C1]  __x64_sys_openat+0x136/0x160
[  152.480051][    C1]  x64_sys_call+0x783/0x9a0
[  152.484819][    C1]  do_syscall_64+0x4c/0xa0
[  152.489346][    C1]  ? clear_bhb_loop+0x30/0x80
[  152.494315][    C1]  ? clear_bhb_loop+0x30/0x80
[  152.499780][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  152.505940][    C1] RIP: 0033:0x7f0b69d8df90
[  152.510980][    C1] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  152.533633][    C1] RSP: 002b:00007f0b6acb8b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  152.542687][    C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0b69d8df90
[  152.551753][    C1] RDX: 0000000000000002 RSI: 00007f0b6acb8c10 RDI: 00000000ffffff9c
[  152.560122][    C1] RBP: 00007f0b6acb8c10 R08: 0000000000000000 R09: 00007f0b6acb8987
[  152.568878][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  152.577286][    C1] R13: 00007f0b69fe6038 R14: 00007f0b69fe5fa0 R15: 00007fff2b6414d8
[  152.586263][    C1]  </TASK>
[  152.589303][    C1] Modules linked in:
[  152.593574][    C1] ---[ end trace 0000000000000000 ]---
[  152.599658][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  152.605413][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 78 e3 28 00 4c 89 ff e8 10 28 ad 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 cc 5b 6d 00 49 8b 7d 00 e8 f3 23
[  152.627647][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  152.634780][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888132e58000
[  152.644557][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  152.653249][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  152.662060][    C1] R10: ffffed10238ea139 R11: 1ffff110238ea139 R12: dffffc0000000000
[  152.670907][    C1] R13: 0000000000000000 R14: ffff88811c7509c8 R15: 0000000000000008
[  152.679766][    C1] FS:  00007f0b6acb96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  152.689500][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.696704][    C1] CR2: 0000001b2ea23ffc CR3: 000000011ca94000 CR4: 00000000003506a0
[  152.705748][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  152.714717][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  152.723144][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  152.730823][    C1] Kernel Offset: disabled
[  152.736064][    C1] Rebooting in 86400 seconds..