last executing test programs:

16.355398127s ago: executing program 0 (id=949):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r0, 0x4b4b, &(0x7f0000000200))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000045c3023b000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_free_percpu\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000040000000000000000000000000000000000000000000000a53cf7abb3d6259635a4a8c7bf70da144523d553a7282d799228684e52c8a795cabd26979cce6751d07f1fdd76086fcfb2d08a4d39535166e98ba9df1e1777094051a874b551508e3fdac7a147499f1993f8b14096732f196736f35dff139e46d4ef67fbcd8afded7b4d3c56a7112a"], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000020a17647769fd3f25f62b3a57f44daea02e97abcd7b0499aadd02c73b3ed212822078563a4dd38f711f4f756ce83e5010000005b429400000077dd88f3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xfedd, 0x2, 0x4}, &(0x7f0000000140), &(0x7f0000000280))
io_uring_enter(r5, 0xa32, 0x0, 0x47, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000009060102000000e0ffffff00000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c000280080001407f000001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

9.787398485s ago: executing program 3 (id=979):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
getpid()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x13, 0x0)

9.602759448s ago: executing program 3 (id=970):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)

9.228149813s ago: executing program 3 (id=973):
prctl$PR_SET_NAME(0xf, &(0x7f0000000680)='+}[@\x00[$oB\xfa=\xee\xc4F\xba\xed\x97')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = creat(0x0, 0x0)
close(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r4 = fsmount(r3, 0x1, 0x71)
signalfd4(r4, 0x0, 0x0, 0x1000)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000001c0)="8b7b0aec79948004bb372b0227fd", 0xe}, {0x0}], 0x2, 0x0, 0x9)

9.150201874s ago: executing program 1 (id=974):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = dup(r0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000200)={0x6, 0x0, 0x100, 0x1, 0x9, "90897f0000030000000000f4ff1d277fffffeb"})
r2 = dup(0xffffffffffffffff)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000080)={0x9, 0x2, 0x0, 0x82fa, 0x1a, "e8540000808000"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff)

9.044326366s ago: executing program 2 (id=975):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

8.970712237s ago: executing program 1 (id=976):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@mangle={'mangle\x00', 0x64, 0x6, 0x548, 0x0, 0x0, 0x2a8, 0x2a8, 0x1b8, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x5, 0x703}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x7, 0x6, @ipv4=@local, 0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1a, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a654, 0x0, 0x0, 0x0, 0x1}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc2001}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0xb)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
mkdir(&(0x7f0000000180)='./file0\x00', 0x334)

8.73174791s ago: executing program 2 (id=977):
r0 = socket$inet(0x2, 0x3, 0x4)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x7f, 0xfffb}, &(0x7f0000000280)=0x8)
socket$inet_sctp(0x2, 0x5, 0x84)
write(r0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x482080, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0xb00, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r3, 0x4004743a, &(0x7f0000000300))
pwritev(r2, 0x0, 0x0, 0x20000002, 0x100400)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f00000003c0)=0xc26080b)
write$binfmt_aout(r4, &(0x7f0000000280)=ANY=[], 0xfce1)

8.531279383s ago: executing program 2 (id=978):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
getpid()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x13, 0x0)

8.411161055s ago: executing program 2 (id=980):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x80ff, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x0)
pipe(&(0x7f00000001c0))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2)

8.210216718s ago: executing program 3 (id=981):
r0 = socket$inet(0x2, 0x3, 0x4)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x7f, 0xfffb}, &(0x7f0000000280)=0x8)
socket$inet_sctp(0x2, 0x5, 0x84)
write(r0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x482080, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0xb00, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x4004743a, &(0x7f0000000300))
pwritev(r3, 0x0, 0x0, 0x20000002, 0x100400)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r5, 0x40047459, &(0x7f00000003c0)=0xc26080b)
write$binfmt_aout(r5, &(0x7f0000000280)=ANY=[], 0xfce1)

8.011759771s ago: executing program 0 (id=982):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00'})
connect$can_bcm(r0, 0x0, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000600)=ANY=[@ANYBLOB="01000000000100"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000008001000000000000000900000018f19185e9e9e293b2f1239d923196ef2b496c3a2c13184d32dac37f7683be3df88f582be7bb8465b81749718edbfd9da9626e5e23c774be9a10aec5cacff21c53d91d4e23cd66916bb31c7df4482213461e7910c6f4ae"], 0x48}}, 0x0)

8.007163301s ago: executing program 1 (id=983):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, &(0x7f0000001c00), &(0x7f0000001c40)=r3}, 0x20)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/fib_trie\x00')
read$FUSE(r4, &(0x7f0000006180)={0x2020}, 0x2020)

7.698411046s ago: executing program 0 (id=984):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3804422, &(0x7f0000000240), 0x0, 0x578, &(0x7f0000000ac0)="$eJzs3d9rW1UcAPDvTdv96uo6GMOJSGEPTubStfXHBB/mo+hwoO+ztFkZTZfSpGOtA7cH9+KLDEHEgfisvu9x+A/4Vwx0MGQURXyp3PSmy5pkydrMZubzgdudc+/Nzjn33O/pObkpCaBvjaU/chHHIuKrJOJQ3bHByA6ObZy39vDaTLolsb7+8R9JJNm+2vlD2b/D6Y8k4sWI+OWLiJO5xnLLK6vz08ViYSnLj1cWFsfLK6unLi1MzxXmCpcnp6bOvDk1+c7bb3Wtra+d/+vbj+6+f+bL42vf/Hz/8K0kzsbB7Fh9O3bgen1mLMaq1yi9Mme3nDjRhcJ6SbLbFWBbBrI4T2P3WByKgSzqgf+/zyNiHehTifiHPlWbB9TW9l1aBz83Hry3sQBqbP/gxnsjsa+6Njqwljy2MkrXu6NdKD8t487vt2+lW3TvfQiAtq7fiIjTg4ON41+SjX8du7N1x+kOXrS1jDbjX5N3koHtupvOf15vNv/Jbc5/osn8Z7hJ7G5H+/jP3e9CMS2l8793m85/N4ea0YEsN1Kd8w0lFy8VC+nY9kJEnIihvWn+Sc9zzqzdW291rH7+l25p+bW5YFaP+4N7H3/N7HRleidtrvfgRsRLTee/yWb/J036P70e5zss42jh9iutjrVv/7O1/kPEq439P1J/TvLk55Pj1fthvHZXNPrz5tFfW5W/2+1P+//ARvv/zpaEm/2fGU3qn9eWn76M7/f9U2h1bLv3/57kk2p6T7bv6nSlsjQRsSf5sHH/5KPX1vK189P2nzj+5PGv2f2/PyI+7bD9N4/89PL22/9spe2fbTr+bfb/8OP9//SJex989l2r8scirrfv/zeqqRPZnk7Gv04ruJNrBwAAAAAAAL0mFxEHI8nlN9O5XD6/8fmOI3EgVyyVKycvlpYvz0b1b2VHYyhXe9J9qO7zEBPZ52Fr+ckt+amIOBwRXw/sr+bzM6Xi7G43HgAAAAAAAAAAAAAAAAAAAHrEcIu//0/9NrDbtQOeOV/5Df2rbfx345uegJ7k9z/0L/EP/Uv8Q/8S/9C/xD/0L/EP/Uv8Q/8S/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBV58+dS7f1tYfXZtL87JWV5fnSlVOzhfJ8fmF5Jj9TWlrMz5VKc8VCfqa00O7/K5ZKixOTsXx1vFIoV8bLK6sXFkrLlysXLi38OBJRGPpPWgUAAAAAAAAAAAAAAAAAAADPl/LK6vx0sVhYkqgm9kZPVOM5Sgz2RjV2klgcieiBavRWYrdHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45N8AAAD//2MBOTw=")
r0 = socket(0x10, 0x3, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
splice(r0, 0x0, r1, &(0x7f0000000340)=0x4, 0x400000002, 0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x80980, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r6}, &(0x7f0000001c00), &(0x7f0000001c40)}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x9, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x32)

6.994523036s ago: executing program 1 (id=985):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

4.393097725s ago: executing program 0 (id=986):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000040)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0]}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001180)={0x38, r4, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)

3.635963286s ago: executing program 4 (id=991):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
tee(r2, 0xffffffffffffffff, 0x4e, 0x0)
write$binfmt_script(r3, &(0x7f0000000800)={'#! ', './file0'}, 0xb)

3.498612518s ago: executing program 4 (id=992):
r0 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
pwritev(r0, &(0x7f0000000780)=[{&(0x7f00000001c0)="8b7b0aec79948004bb372b0227fd", 0xe}, {0x0}], 0x2, 0x0, 0x9)

3.469521138s ago: executing program 4 (id=993):
prctl$PR_SET_NAME(0xf, &(0x7f0000000680)='+}[@\x00[$oB\xfa=\xee\xc4F\xba\xed\x97')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = creat(0x0, 0x0)
close(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r4 = fsmount(r3, 0x1, 0x71)
signalfd4(r4, 0x0, 0x0, 0x1000)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000001c0)="8b7b0aec79948004bb372b0227fd", 0xe}, {0x0}], 0x2, 0x0, 0x9)

2.877260987s ago: executing program 1 (id=994):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@mangle={'mangle\x00', 0x64, 0x6, 0x548, 0x0, 0x0, 0x2a8, 0x2a8, 0x1b8, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x5, 0x703}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x7, 0x6, @ipv4=@local, 0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1a, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a654, 0x0, 0x0, 0x0, 0x1}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc2001}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac600"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0xb)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
mkdir(&(0x7f0000000180)='./file0\x00', 0x334)

2.876246157s ago: executing program 0 (id=995):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, &(0x7f0000001c00), &(0x7f0000001c40)=r3}, 0x20)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/fib_trie\x00')
read$FUSE(r4, &(0x7f0000006180)={0x2020}, 0x2020)

2.780986039s ago: executing program 2 (id=996):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x80ff, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x0)
pipe(&(0x7f00000001c0))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2)

2.635291921s ago: executing program 3 (id=997):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
r0 = syz_pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x13, 0x0)

2.634712591s ago: executing program 4 (id=998):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
fallocate(r3, 0x8, 0x4000, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
r7 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

2.183806377s ago: executing program 3 (id=999):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
fallocate(r3, 0x8, 0x4000, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
r7 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

1.806532783s ago: executing program 1 (id=1000):
prctl$PR_SET_NAME(0xf, &(0x7f0000000680)='+}[@\x00[$oB\xfa=\xee\xc4F\xba\xed\x97')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r3 = fsmount(0xffffffffffffffff, 0x1, 0x71)
signalfd4(r3, 0x0, 0x0, 0x1000)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
write$UHID_DESTROY(r4, &(0x7f0000000080), 0x4)
pwritev(r5, &(0x7f0000000780)=[{&(0x7f00000001c0)="8b7b0aec79948004bb372b0227fd", 0xe}, {0x0}], 0x2, 0x0, 0x9)

1.707521204s ago: executing program 0 (id=1001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
fallocate(r3, 0x8, 0x4000, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
r7 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

1.475566948s ago: executing program 2 (id=1002):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3804422, &(0x7f0000000240), 0x0, 0x578, &(0x7f0000000ac0)="$eJzs3d9rW1UcAPDvTdv96uo6GMOJSGEPTubStfXHBB/mo+hwoO+ztFkZTZfSpGOtA7cH9+KLDEHEgfisvu9x+A/4Vwx0MGQURXyp3PSmy5pkydrMZubzgdudc+/Nzjn33O/pObkpCaBvjaU/chHHIuKrJOJQ3bHByA6ObZy39vDaTLolsb7+8R9JJNm+2vlD2b/D6Y8k4sWI+OWLiJO5xnLLK6vz08ViYSnLj1cWFsfLK6unLi1MzxXmCpcnp6bOvDk1+c7bb3Wtra+d/+vbj+6+f+bL42vf/Hz/8K0kzsbB7Fh9O3bgen1mLMaq1yi9Mme3nDjRhcJ6SbLbFWBbBrI4T2P3WByKgSzqgf+/zyNiHehTifiHPlWbB9TW9l1aBz83Hry3sQBqbP/gxnsjsa+6Njqwljy2MkrXu6NdKD8t487vt2+lW3TvfQiAtq7fiIjTg4ON41+SjX8du7N1x+kOXrS1jDbjX5N3koHtupvOf15vNv/Jbc5/osn8Z7hJ7G5H+/jP3e9CMS2l8793m85/N4ea0YEsN1Kd8w0lFy8VC+nY9kJEnIihvWn+Sc9zzqzdW291rH7+l25p+bW5YFaP+4N7H3/N7HRleidtrvfgRsRLTee/yWb/J036P70e5zss42jh9iutjrVv/7O1/kPEq439P1J/TvLk55Pj1fthvHZXNPrz5tFfW5W/2+1P+//ARvv/zpaEm/2fGU3qn9eWn76M7/f9U2h1bLv3/57kk2p6T7bv6nSlsjQRsSf5sHH/5KPX1vK189P2nzj+5PGv2f2/PyI+7bD9N4/89PL22/9spe2fbTr+bfb/8OP9//SJex989l2r8scirrfv/zeqqRPZnk7Gv04ruJNrBwAAAAAAAL0mFxEHI8nlN9O5XD6/8fmOI3EgVyyVKycvlpYvz0b1b2VHYyhXe9J9qO7zEBPZ52Fr+ckt+amIOBwRXw/sr+bzM6Xi7G43HgAAAAAAAAAAAAAAAAAAAHrEcIu//0/9NrDbtQOeOV/5Df2rbfx345uegJ7k9z/0L/EP/Uv8Q/8S/9C/xD/0L/EP/Uv8Q/8S/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBV58+dS7f1tYfXZtL87JWV5fnSlVOzhfJ8fmF5Jj9TWlrMz5VKc8VCfqa00O7/K5ZKixOTsXx1vFIoV8bLK6sXFkrLlysXLi38OBJRGPpPWgUAAAAAAAAAAAAAAAAAAADPl/LK6vx0sVhYkqgm9kZPVOM5Sgz2RjV2klgcieiBavRWYrdHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45N8AAAD//2MBOTw=")
r0 = socket(0x10, 0x3, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
splice(r0, 0x0, r1, &(0x7f0000000340)=0x4, 0x400000002, 0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x80980, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r6}, &(0x7f0000001c00), &(0x7f0000001c40)}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x9, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x32)

333.561695ms ago: executing program 4 (id=1003):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x303}, "fbffffffffffffff", "1fd33c81cf7995313c09de00fd6ded74", '\x00', "1e00040000000100"}, 0x28)
write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
writev(r0, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1000000000000054)

0s ago: executing program 4 (id=1004):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

kernel console output (not intermixed with test programs):

: attempt to access beyond end of device
[  286.979238][ T6002] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  287.029218][ T5981] syz.0.351: attempt to access beyond end of device
[  287.029218][ T5981] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  287.103488][ T6002] syz.0.351: attempt to access beyond end of device
[  287.103488][ T6002] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  287.118883][ T5981] syz.0.351: attempt to access beyond end of device
[  287.118883][ T5981] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  288.601412][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  288.601452][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  289.297636][ T6014] loop4: detected capacity change from 0 to 1024
[  289.548143][ T6018] loop3: detected capacity change from 0 to 4096
[  290.658239][ T4361] Bluetooth: hci5: Frame reassembly failed (-84)
[  291.173502][   T26] kauditd_printk_skb: 5 callbacks suppressed
[  291.173517][   T26] audit: type=1800 audit(1749740826.871:100): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.357" name="file1" dev="loop3" ino=33 res=0 errno=0
[  291.222996][   T26] audit: type=1326 audit(1749740826.921:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.318525][   T26] audit: type=1326 audit(1749740826.921:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.380507][   T26] audit: type=1326 audit(1749740826.941:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.436589][ T6032] loop0: detected capacity change from 0 to 1024
[  291.450455][   T26] audit: type=1326 audit(1749740826.941:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.480175][   T26] audit: type=1326 audit(1749740826.941:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.514178][   T26] audit: type=1326 audit(1749740826.941:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.537626][   T26] audit: type=1326 audit(1749740826.941:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.571812][ T4850] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  291.603815][   T26] audit: type=1326 audit(1749740826.941:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.682008][   T26] audit: type=1326 audit(1749740826.941:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6028 comm="syz.1.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  291.928284][ T6036] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  292.145655][   T32] Bluetooth: hci6: Frame reassembly failed (-84)
[  292.701833][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  292.852008][ T6044] loop4: detected capacity change from 0 to 256
[  292.876704][ T6044] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  293.321129][ T6039] loop3: detected capacity change from 0 to 32768
[  293.369344][ T6039] XFS (loop3): Mounting V5 Filesystem
[  293.424338][ T6039] XFS (loop3): Ending clean mount
[  293.497307][ T6039] XFS (loop3): Quotacheck needed: Please wait.
[  293.644464][ T6039] XFS (loop3): Quotacheck: Done.
[  293.814872][ T6039] XFS (loop3): Metadata CRC error detected at xfs_refcountbt_read_verify+0x3a/0xd0, xfs_refcountbt block 0x28 
[  293.840202][ T6039] XFS (loop3): Unmount and run xfs_repair
[  293.846641][ T6039] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  293.854607][ T6039] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff  R...............
[  293.863864][ T6039] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00  .......(........
[  293.874054][ T6039] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  293.888210][ T6039] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00  .......]........
[  293.906880][ T6039] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  293.917065][ T6039] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  293.927170][ T6039] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  293.941302][ T6039] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  293.970538][ T4254] Bluetooth: hci6: command 0x1003 tx timeout
[  293.970860][ T4261] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  293.979165][ T6039] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1d3/0x2c0" at daddr 0x28 len 8 error 74
[  294.002333][ T6039] XFS (loop3): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1784/0x1e50 (fs/xfs/libxfs/xfs_defer.c:580).  Shutting down filesystem.
[  294.115617][ T6039] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  294.267894][ T4260] XFS (loop3): Unmounting Filesystem
[  294.727270][ T6058] loop2: detected capacity change from 0 to 40427
[  294.741869][ T6058] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  294.750585][ T6058] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  294.777916][ T6058] F2FS-fs (loop2): invalid crc value
[  294.862276][ T6058] F2FS-fs (loop2): Found nat_bits in checkpoint
[  295.043812][ T6058] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  295.051294][ T6058] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  295.171976][ T6058] bio_check_eod: 1 callbacks suppressed
[  295.171992][ T6058] syz.2.363: attempt to access beyond end of device
[  295.171992][ T6058] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  295.194603][ T6058] syz.2.363: attempt to access beyond end of device
[  295.194603][ T6058] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  295.248053][   T32] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  295.261320][   T32] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  295.396729][ T6062] loop3: detected capacity change from 0 to 32768
[  295.449532][ T6062] XFS (loop3): Mounting V5 Filesystem
[  295.557416][ T6062] XFS (loop3): Ending clean mount
[  295.569714][ T6062] XFS (loop3): Quotacheck needed: Please wait.
[  295.665439][ T6062] XFS (loop3): Quotacheck: Done.
[  295.749537][ T4260] XFS (loop3): Unmounting Filesystem
[  296.256003][ T6078] loop2: detected capacity change from 0 to 40427
[  296.263886][ T6078] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  296.275112][ T6078] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  296.285048][ T6078] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  296.542370][ T6078] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  296.900559][ T6078] F2FS-fs (loop2): invalid crc value
[  296.948606][ T6078] F2FS-fs (loop2): Found nat_bits in checkpoint
[  297.101516][ T6089] loop0: detected capacity change from 0 to 4096
[  297.199706][ T6078] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  297.226453][ T6078] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  297.274637][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  297.274652][   T26] audit: type=1800 audit(1749740832.971:117): pid=6089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.370" name="file1" dev="loop0" ino=33 res=0 errno=0
[  297.376108][ T6078] syz.2.367: attempt to access beyond end of device
[  297.376108][ T6078] loop2: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  297.587008][ T4257] syz-executor: attempt to access beyond end of device
[  297.587008][ T4257] loop2: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  297.689774][   T26] audit: type=1326 audit(1749740833.381:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  297.758424][   T26] audit: type=1326 audit(1749740833.381:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  297.830565][   T26] audit: type=1326 audit(1749740833.381:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  297.910005][   T26] audit: type=1326 audit(1749740833.381:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  297.999171][   T26] audit: type=1326 audit(1749740833.381:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  298.206038][   T26] audit: type=1326 audit(1749740833.411:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  298.292954][ T6093] loop3: detected capacity change from 0 to 32768
[  298.739713][   T26] audit: type=1326 audit(1749740833.411:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  298.826511][ T6093] XFS (loop3): Mounting V5 Filesystem
[  299.003856][   T26] audit: type=1326 audit(1749740833.411:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  299.089609][   T26] audit: type=1326 audit(1749740833.411:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.1.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  299.234095][ T6093] XFS (loop3): Ending clean mount
[  299.246177][ T6113] loop1: detected capacity change from 0 to 1024
[  299.261708][ T6093] XFS (loop3): Quotacheck needed: Please wait.
[  299.299218][ T6093] XFS (loop3): Quotacheck: Done.
[  299.635750][ T6118] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  299.896241][ T6037] Bluetooth: hci5: Frame reassembly failed (-84)
[  301.390263][ T4260] XFS (loop3): Unmounting Filesystem
[  301.552060][ T6121] loop4: detected capacity change from 0 to 4096
[  301.650655][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  301.658572][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  301.856779][ T6108] loop2: detected capacity change from 0 to 32768
[  302.048906][ T6108] XFS (loop2): Mounting V5 Filesystem
[  302.263570][ T6108] XFS (loop2): log mount failed
[  302.821802][ T6127] loop1: detected capacity change from 0 to 1024
[  302.932511][ T4849] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  304.069775][ T6142] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  305.048612][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  305.048627][   T26] audit: type=1326 audit(1749740840.741:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.114499][   T26] audit: type=1326 audit(1749740840.741:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.298184][   T26] audit: type=1326 audit(1749740840.741:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.331806][   T26] audit: type=1326 audit(1749740840.741:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.361663][   T26] audit: type=1326 audit(1749740840.741:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.389922][   T26] audit: type=1326 audit(1749740840.771:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.498862][   T26] audit: type=1326 audit(1749740840.771:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.666227][   T26] audit: type=1326 audit(1749740840.771:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.733887][   T26] audit: type=1326 audit(1749740840.771:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.880044][   T26] audit: type=1326 audit(1749740840.771:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  305.968534][ T6154] loop3: detected capacity change from 0 to 32768
[  306.145840][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  306.152617][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  307.048793][ T6154] XFS (loop3): Mounting V5 Filesystem
[  307.094773][ T6167] loop0: detected capacity change from 0 to 1024
[  307.156125][ T4849] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  307.176881][ T6154] XFS (loop3): Ending clean mount
[  307.233816][ T6154] XFS (loop3): Quotacheck needed: Please wait.
[  307.416761][ T6154] XFS (loop3): Quotacheck: Done.
[  307.473033][ T6174] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  308.372481][ T4260] XFS (loop3): Unmounting Filesystem
[  308.848583][ T6182] loop4: detected capacity change from 0 to 1024
[  308.868673][ T6168] loop1: detected capacity change from 0 to 32768
[  308.884716][ T6168] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[  308.924017][ T4849] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  309.208767][ T6184] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  309.228991][ T4510] Bluetooth: hci6: Frame reassembly failed (-84)
[  309.561967][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  309.568524][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  310.194163][ T4850] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[  310.968984][ T6186] loop1: detected capacity change from 0 to 32768
[  310.996561][ T6186] XFS: attr2 mount option is deprecated.
[  311.065148][ T6189] loop3: detected capacity change from 0 to 32768
[  311.128472][ T6186] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  311.145616][ T6186] XFS (loop1): Mounting V5 Filesystem
[  311.154184][ T6189] XFS (loop3): Mounting V5 Filesystem
[  311.250231][ T6189] XFS (loop3): Ending clean mount
[  311.251080][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  311.261143][ T6186] XFS (loop1): Ending clean mount
[  311.261879][ T4254] Bluetooth: hci6: command 0x1003 tx timeout
[  311.312082][ T6192] loop0: detected capacity change from 0 to 32768
[  311.338594][ T6189] XFS (loop3): Quotacheck needed: Please wait.
[  311.346082][ T6186] XFS (loop1): Quotacheck needed: Please wait.
[  311.474034][ T6186] XFS (loop1): Quotacheck: Done.
[  311.479582][ T6189] XFS (loop3): Quotacheck: Done.
[  311.484905][ T6192] XFS (loop0): Mounting V5 Filesystem
[  311.521867][ T6215] loop4: detected capacity change from 0 to 1024
[  311.558117][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  311.558133][   T26] audit: type=1800 audit(1749740847.251:148): pid=6189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.393" name="file2" dev="loop3" ino=4423 res=0 errno=0
[  311.581471][ T6192] XFS (loop0): Ending clean mount
[  311.853159][ T4250] XFS (loop1): Unmounting Filesystem
[  311.873255][ T4260] XFS (loop3): Unmounting Filesystem
[  311.997560][ T6223] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  312.644079][ T4251] XFS (loop0): Unmounting Filesystem
[  312.980621][ T6227] loop0: detected capacity change from 0 to 1024
[  313.115677][ T4850] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  314.070578][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  315.260273][ T6243] loop1: detected capacity change from 0 to 1024
[  315.333644][ T4850] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  315.719047][ T6246] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  315.808445][ T6245] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  315.900517][ T4381] Bluetooth: hci5: Frame reassembly failed (-84)
[  316.369503][ T6235] loop2: detected capacity change from 0 to 32768
[  316.451234][ T6235] XFS (loop2): Mounting V5 Filesystem
[  316.532849][ T6241] loop4: detected capacity change from 0 to 32768
[  316.596598][ T6237] loop3: detected capacity change from 0 to 32768
[  316.629019][ T6235] XFS (loop2): Ending clean mount
[  316.636275][ T6235] XFS (loop2): Quotacheck needed: Please wait.
[  316.656264][ T6237] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  316.669604][ T6241] XFS (loop4): Mounting V5 Filesystem
[  316.742067][ T6235] XFS (loop2): Quotacheck: Done.
[  316.916925][ T6241] XFS (loop4): Ending clean mount
[  316.938440][ T6241] XFS (loop4): Quotacheck needed: Please wait.
[  316.949253][ T4260] ocfs2: Unmounting device (7,3) on (node local)
[  317.054814][ T6241] XFS (loop4): Quotacheck: Done.
[  317.101446][ T4257] XFS (loop2): Unmounting Filesystem
[  317.269564][ T4259] XFS (loop4): Unmounting Filesystem
[  317.518877][ T6268] loop3: detected capacity change from 0 to 1024
[  317.821752][ T4261] Bluetooth: hci5: command 0x1003 tx timeout
[  317.828148][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  318.017322][ T4254] Bluetooth: hci6: command 0x1003 tx timeout
[  318.024393][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  319.078326][ T6270] loop2: detected capacity change from 0 to 32768
[  319.119170][ T6270] XFS: attr2 mount option is deprecated.
[  319.180639][ T6270] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  319.207515][ T6270] XFS (loop2): Mounting V5 Filesystem
[  319.289531][ T6270] XFS (loop2): Ending clean mount
[  319.334999][ T6270] XFS (loop2): Quotacheck needed: Please wait.
[  319.394094][ T6270] XFS (loop2): Quotacheck: Done.
[  319.420066][ T6270] XFS (loop2): User initiated shutdown received.
[  319.455282][ T6270] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[  319.510775][ T6270] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  319.741369][ T4257] XFS (loop2): Unmounting Filesystem
[  319.782309][ T6277] loop1: detected capacity change from 0 to 32768
[  319.789326][ T6276] loop0: detected capacity change from 0 to 32768
[  319.907265][ T6277] XFS (loop1): Mounting V5 Filesystem
[  319.934439][ T6276] XFS (loop0): Mounting V5 Filesystem
[  319.988110][ T6277] XFS (loop1): Ending clean mount
[  320.102263][ T6276] XFS (loop0): Ending clean mount
[  320.112090][ T6276] XFS (loop0): Quotacheck needed: Please wait.
[  320.130494][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  320.130521][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  320.240680][ T6276] XFS (loop0): Quotacheck: Done.
[  320.333360][ T4250] XFS (loop1): Unmounting Filesystem
[  321.412848][ T4251] XFS (loop0): Unmounting Filesystem
[  322.682152][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  322.689507][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  323.561541][ T6323] loop2: detected capacity change from 0 to 32768
[  323.680512][ T6323] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  323.935476][ T6323] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  324.166078][ T6323] BTRFS info (device loop2): metadata ratio 2
[  324.298851][ T6323] BTRFS info (device loop2): allowing degraded mounts
[  324.339937][ T6323] BTRFS info (device loop2): force zlib compression, level 3
[  324.400659][ T6323] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  324.420461][ T6323] BTRFS info (device loop2): use zstd compression, level 3
[  324.427740][ T6323] BTRFS info (device loop2): force clearing of disk cache
[  324.460504][ T6323] BTRFS info (device loop2): max_inline at 0
[  324.466536][ T6323] BTRFS info (device loop2): using free space tree
[  324.577889][ T6338] loop1: detected capacity change from 0 to 1024
[  324.664640][ T4849] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  324.682451][ T6347] loop3: detected capacity change from 0 to 1024
[  324.776534][ T6329] loop4: detected capacity change from 0 to 32768
[  325.028567][ T6362] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  325.109447][ T6037] Bluetooth: hci5: Frame reassembly failed (-84)
[  325.144244][ T6329] XFS (loop4): Mounting V5 Filesystem
[  325.262247][ T6323] BTRFS info (device loop2): enabling ssd optimizations
[  325.344932][ T6323] BTRFS info (device loop2): rebuilding free space tree
[  325.654806][ T6329] XFS (loop4): Ending clean mount
[  325.686622][ T6329] XFS (loop4): Quotacheck needed: Please wait.
[  325.755997][ T6329] XFS (loop4): Quotacheck: Done.
[  325.781870][   T26] audit: type=1800 audit(1749740861.481:149): pid=6323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.418" name="bus" dev="loop2" ino=263 res=0 errno=0
[  325.865637][ T6325] loop0: detected capacity change from 0 to 32768
[  325.963461][ T6325] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  325.983266][ T4259] XFS (loop4): Unmounting Filesystem
[  326.022373][ T4257] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  326.141809][ T6354] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  326.156415][ T4457] Bluetooth: hci6: Frame reassembly failed (-84)
[  326.470234][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  326.549795][ T4850] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop2 scanned by udevd (4850)
[  327.091752][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  327.100892][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  328.562913][ T6382] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  328.852165][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  328.881669][ T4261] Bluetooth: hci6: command 0x1003 tx timeout
[  330.104190][ T6388] loop4: detected capacity change from 0 to 32768
[  330.120311][ T6388] XFS: attr2 mount option is deprecated.
[  330.188861][ T6388] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  330.212524][ T6388] XFS (loop4): Mounting V5 Filesystem
[  330.325644][ T6388] XFS (loop4): Ending clean mount
[  330.371818][ T6388] XFS (loop4): Quotacheck needed: Please wait.
[  330.457426][ T6388] XFS (loop4): Quotacheck: Done.
[  330.571259][ T6388] XFS (loop4): User initiated shutdown received.
[  330.577684][ T6388] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[  330.610565][ T6388] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  330.814637][ T4259] XFS (loop4): Unmounting Filesystem
[  330.931089][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  330.939135][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  331.157695][ T6392] loop2: detected capacity change from 0 to 40427
[  331.206796][ T6392] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  331.229617][ T6392] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  331.263283][ T6392] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  331.296194][ T6392] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  331.344948][ T6392] F2FS-fs (loop2): invalid crc value
[  331.394914][ T6392] F2FS-fs (loop2): Found nat_bits in checkpoint
[  331.530648][ T6392] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  331.547264][ T6392] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  332.617571][ T4257] syz-executor: attempt to access beyond end of device
[  332.617571][ T4257] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  333.009050][ T6414] loop0: detected capacity change from 0 to 32768
[  333.415310][ T6414] XFS (loop0): Mounting V5 Filesystem
[  333.470655][ T6430] loop3: detected capacity change from 0 to 1024
[  334.388883][ T6421] loop4: detected capacity change from 0 to 32768
[  334.451328][ T6414] XFS (loop0): Ending clean mount
[  334.517649][ T6414] XFS (loop0): Quotacheck needed: Please wait.
[  334.704075][ T6443] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  335.407207][ T6414] XFS (loop0): Quotacheck: Done.
[  335.415527][ T6421] XFS (loop4): Mounting V5 Filesystem
[  335.468489][ T4251] XFS (loop0): Unmounting Filesystem
[  335.572165][ T6421] XFS (loop4): Ending clean mount
[  335.593670][ T6421] XFS (loop4): Quotacheck needed: Please wait.
[  335.658372][ T6421] XFS (loop4): Quotacheck: Done.
[  335.727413][ T4259] XFS (loop4): Unmounting Filesystem
[  335.857045][ T6435] loop2: detected capacity change from 0 to 40427
[  335.903478][ T6435] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  335.924391][ T6435] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  335.947820][ T6435] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  335.979561][ T6446] loop1: detected capacity change from 0 to 32768
[  335.990525][ T6435] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  336.026077][ T6435] F2FS-fs (loop2): invalid crc value
[  336.050146][ T6446] XFS (loop1): Mounting V5 Filesystem
[  336.069324][ T6435] F2FS-fs (loop2): Found nat_bits in checkpoint
[  336.187672][ T6446] XFS (loop1): Ending clean mount
[  336.212202][ T6446] XFS (loop1): Quotacheck needed: Please wait.
[  336.333929][ T6446] XFS (loop1): Quotacheck: Done.
[  336.374932][ T6435] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  336.394264][ T6435] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  336.590694][   T26] audit: type=1804 audit(1749740872.271:150): pid=6466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.438" name="/newroot/95/file0/bus" dev="loop1" ino=9291 res=1 errno=0
[  336.850860][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  337.277333][ T6471] loop3: detected capacity change from 0 to 1024
[  337.362181][ T4250] XFS (loop1): Unmounting Filesystem
[  337.367902][ T4812] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  337.666631][ T4257] syz-executor: attempt to access beyond end of device
[  337.666631][ T4257] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  337.680458][ T4665] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  337.762706][ T6474] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  337.887463][ T4665] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  337.906122][ T4665] usb 5-1: config 179 has no interface number 0
[  337.938039][ T4665] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  337.991542][ T4665] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  338.038965][ T4381] Bluetooth: hci5: Frame reassembly failed (-84)
[  338.071994][ T4665] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  338.206164][ T4665] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  338.241836][ T4665] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  338.252475][ T4665] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.333948][ T6470] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  338.728474][ T4336] usb 5-1: USB disconnect, device number 3
[  339.810643][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  339.810675][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  341.742252][ T6486] loop2: detected capacity change from 0 to 32768
[  341.784983][ T6486] XFS: attr2 mount option is deprecated.
[  341.929094][ T6486] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  341.938706][ T6486] XFS (loop2): Mounting V5 Filesystem
[  341.961126][ T6490] loop0: detected capacity change from 0 to 40427
[  341.990873][ T6490] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  341.999283][ T6486] XFS (loop2): Ending clean mount
[  342.025566][ T6490] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  342.067655][ T6486] XFS (loop2): Quotacheck needed: Please wait.
[  342.089387][ T6490] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x3ffff
[  342.140527][ T6490] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x1f8
[  342.149254][ T6495] loop4: detected capacity change from 0 to 32768
[  342.156758][ T6486] XFS (loop2): Quotacheck: Done.
[  342.216169][ T6490] F2FS-fs (loop0): invalid crc value
[  342.264804][ T6507] loop1: detected capacity change from 0 to 4096
[  342.266892][ T4257] XFS (loop2): Unmounting Filesystem
[  342.356920][ T6495] XFS (loop4): Mounting V5 Filesystem
[  342.359229][ T6515] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  342.406815][ T6490] F2FS-fs (loop0): Found nat_bits in checkpoint
[  342.475957][ T6493] loop3: detected capacity change from 0 to 40427
[  342.485120][ T6507] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 524288
[  342.508041][ T6495] XFS (loop4): Ending clean mount
[  342.510582][ T6507] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15)
[  342.529358][ T6490] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  342.543919][ T6490] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  342.560241][ T6493] F2FS-fs (loop3): invalid crc value
[  342.590025][ T6507] Remounting filesystem read-only
[  342.629503][ T6507] NILFS (loop1): error -5 truncating bmap (ino=15)
[  342.659463][ T6493] F2FS-fs (loop3): Found nat_bits in checkpoint
[  342.675304][   T26] audit: type=1800 audit(1749740878.371:151): pid=6490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.447" name="file1" dev="loop0" ino=10 res=0 errno=0
[  342.795315][ T4259] XFS (loop4): Unmounting Filesystem
[  342.877159][ T4250] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  342.988720][ T4251] syz-executor: attempt to access beyond end of device
[  342.988720][ T4251] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  343.028653][ T6493] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  343.301752][ T4260] syz-executor: attempt to access beyond end of device
[  343.301752][ T4260] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  343.622980][ T6531] loop4: detected capacity change from 0 to 1024
[  343.991659][ T6535] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  344.200510][ T6037] Bluetooth: hci5: Frame reassembly failed (-84)
[  344.912814][ T6529] loop2: detected capacity change from 0 to 32768
[  344.945372][ T6527] loop1: detected capacity change from 0 to 32768
[  345.147607][ T6529] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  345.181299][ T6527] XFS (loop1): Mounting V5 Filesystem
[  345.342070][ T6529] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  345.463968][ T6529] BTRFS info (device loop2): metadata ratio 2
[  345.655322][ T6529] BTRFS info (device loop2): allowing degraded mounts
[  345.906727][ T6529] BTRFS info (device loop2): force zlib compression, level 3
[  346.015108][ T6527] XFS (loop1): Ending clean mount
[  346.033592][ T6529] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  346.052394][ T6527] XFS (loop1): Quotacheck needed: Please wait.
[  346.098017][ T6529] BTRFS info (device loop2): use zstd compression, level 3
[  346.123355][ T6527] XFS (loop1): Quotacheck: Done.
[  346.138556][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  346.168236][ T6556] loop3: detected capacity change from 0 to 1024
[  346.181534][ T6529] BTRFS info (device loop2): force clearing of disk cache
[  346.188745][ T6529] BTRFS info (device loop2): max_inline at 0
[  346.280754][ T6529] BTRFS info (device loop2): using free space tree
[  346.548867][ T6562] loop4: detected capacity change from 0 to 1024
[  346.708140][ T6576] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  346.769765][ T6529] BTRFS error (device loop2): open_ctree failed: -12
[  347.316363][ T4250] XFS (loop1): Unmounting Filesystem
[  347.588895][ T6545] loop0: detected capacity change from 0 to 40427
[  347.610295][ T6545] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  347.633054][ T6545] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  347.664370][ T6545] F2FS-fs (loop0): invalid crc value
[  347.693528][ T6545] F2FS-fs (loop0): Found nat_bits in checkpoint
[  348.770521][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  349.384388][ T6593] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  351.450764][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  352.334484][ T6605] loop4: detected capacity change from 0 to 4096
[  352.548294][ T6610] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  352.576675][ T6605] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 524288
[  352.610592][ T6605] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=15)
[  352.662870][ T6612] xt_SECMARK: invalid mode: 2
[  352.850318][ T6605] Remounting filesystem read-only
[  353.045815][ T6605] NILFS (loop4): error -5 truncating bmap (ino=15)
[  353.424519][ T6597] loop2: detected capacity change from 0 to 32768
[  353.542403][ T4259] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  353.607628][ T6601] loop0: detected capacity change from 0 to 40427
[  353.666565][ T6601] F2FS-fs (loop0): invalid crc value
[  353.722988][ T6601] F2FS-fs (loop0): Found nat_bits in checkpoint
[  353.905531][ T6601] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  354.126603][ T6607] loop1: detected capacity change from 0 to 32768
[  354.183094][ T4251] syz-executor: attempt to access beyond end of device
[  354.183094][ T4251] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  354.314733][ T6607] XFS (loop1): Mounting V5 Filesystem
[  354.410612][ T6607] XFS (loop1): Ending clean mount
[  354.445478][ T6607] XFS (loop1): Quotacheck needed: Please wait.
[  354.507020][ T6607] XFS (loop1): Quotacheck: Done.
[  354.542461][   T26] audit: type=1800 audit(1749740890.241:152): pid=6607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.467" name="file2" dev="loop1" ino=4423 res=0 errno=0
[  354.705918][ T4250] XFS (loop1): Unmounting Filesystem
[  354.823649][ T6616] loop3: detected capacity change from 0 to 40427
[  354.836384][ T6623] loop4: detected capacity change from 0 to 32768
[  354.849351][ T6616] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  354.849455][ T6618] loop2: detected capacity change from 0 to 40427
[  354.898609][ T6616] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  354.927672][ T6616] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x3ffff
[  354.961231][ T6618] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  354.968249][ T6618] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  354.997931][ T6623] XFS (loop4): Mounting V5 Filesystem
[  355.010537][ T6616] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8
[  355.025778][ T6616] F2FS-fs (loop3): invalid crc value
[  355.090687][ T6618] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  355.098400][ T6616] F2FS-fs (loop3): Found nat_bits in checkpoint
[  355.102702][ T6618] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  355.174344][ T6618] F2FS-fs (loop2): invalid crc value
[  355.291516][ T6623] XFS (loop4): Ending clean mount
[  355.314072][ T6616] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  355.346945][ T6623] XFS (loop4): Quotacheck needed: Please wait.
[  355.380493][ T6616] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  355.421032][ T6618] F2FS-fs (loop2): Found nat_bits in checkpoint
[  356.274265][ T6623] XFS (loop4): Quotacheck: Done.
[  356.306404][   T26] audit: type=1800 audit(1749740892.001:153): pid=6616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.469" name="file1" dev="loop3" ino=10 res=0 errno=0
[  356.399005][ T6618] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  356.430422][ T6618] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  356.496989][ T4260] syz-executor: attempt to access beyond end of device
[  356.496989][ T4260] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  356.590863][ T4259] XFS (loop4): Unmounting Filesystem
[  356.602705][ T6618] syz.2.471: attempt to access beyond end of device
[  356.602705][ T6618] loop2: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  356.819023][ T4257] syz-executor: attempt to access beyond end of device
[  356.819023][ T4257] loop2: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  357.293388][ T6654] loop0: detected capacity change from 0 to 32768
[  357.331148][ T6654] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.474 (6654)
[  357.401237][ T6654] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  357.441503][ T6654] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  357.467309][ T6654] BTRFS info (device loop0): metadata ratio 2
[  357.510441][ T6654] BTRFS info (device loop0): allowing degraded mounts
[  357.517271][ T6654] BTRFS info (device loop0): force zlib compression, level 3
[  357.530547][ T6654] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  357.585897][ T6656] loop1: detected capacity change from 0 to 40427
[  357.611029][ T6654] BTRFS info (device loop0): use zstd compression, level 3
[  357.622876][ T6656] F2FS-fs (loop1): invalid crc value
[  357.650530][ T6654] BTRFS info (device loop0): force clearing of disk cache
[  357.657847][ T6654] BTRFS info (device loop0): max_inline at 0
[  357.683065][ T6656] F2FS-fs (loop1): Found nat_bits in checkpoint
[  357.714952][ T6654] BTRFS info (device loop0): using free space tree
[  357.822962][ T6656] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  357.935460][   T26] audit: type=1800 audit(1749740893.631:154): pid=6656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.473" name="bus" dev="loop1" ino=10 res=0 errno=0
[  358.027219][ T6654] BTRFS info (device loop0): enabling ssd optimizations
[  358.034643][ T4250] syz-executor: attempt to access beyond end of device
[  358.034643][ T4250] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  358.088379][ T6654] BTRFS info (device loop0): rebuilding free space tree
[  358.169318][   T26] audit: type=1800 audit(1749740893.861:155): pid=6654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.474" name="bus" dev="loop0" ino=263 res=0 errno=0
[  358.356865][ T4251] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  358.432738][ T6660] loop3: detected capacity change from 0 to 32768
[  358.539824][ T6472] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop0 scanned by udevd (6472)
[  358.564416][ T6658] loop4: detected capacity change from 0 to 32768
[  358.755721][ T6658] XFS (loop4): Mounting V5 Filesystem
[  358.761385][ T6660] XFS (loop3): Mounting V5 Filesystem
[  358.808481][ T6683] loop2: detected capacity change from 0 to 32768
[  359.059978][ T6660] XFS (loop3): Ending clean mount
[  359.095614][ T6683] XFS (loop2): Mounting V5 Filesystem
[  359.132779][ T6660] XFS (loop3): Quotacheck needed: Please wait.
[  359.145170][ T6658] XFS (loop4): Ending clean mount
[  359.167680][ T6658] XFS (loop4): Quotacheck needed: Please wait.
[  359.647832][ T6660] XFS (loop3): Quotacheck: Done.
[  359.961082][ T6658] XFS (loop4): Quotacheck: Done.
[  360.073175][   T26] audit: type=1804 audit(1749740895.771:156): pid=6658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.476" name="/newroot/93/file0/bus" dev="loop4" ino=9291 res=1 errno=0
[  360.150878][ T6683] XFS (loop2): Ending clean mount
[  360.211778][ T6683] XFS (loop2): Quotacheck needed: Please wait.
[  360.572492][ T4260] XFS (loop3): Unmounting Filesystem
[  360.590114][ T4259] XFS (loop4): Unmounting Filesystem
[  361.033544][ T6683] XFS (loop2): Quotacheck: Done.
[  361.305687][ T4257] XFS (loop2): Unmounting Filesystem
[  363.451346][ T6724] loop0: detected capacity change from 0 to 32768
[  364.021292][ T6749] xt_SECMARK: invalid mode: 2
[  365.031415][ T6751] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  366.329705][ T6754] loop4: detected capacity change from 0 to 1024
[  366.378508][ T6756] loop1: detected capacity change from 0 to 512
[  366.400037][ T6756] EXT4-fs: Ignoring removed nobh option
[  366.691255][ T6756] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  366.783474][ T6761] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  366.810980][ T4361] Bluetooth: hci6: Frame reassembly failed (-84)
[  366.986573][ T6756] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.490: invalid indirect mapped block 2683928664 (level 1)
[  367.405994][ T6756] EXT4-fs (loop1): Remounting filesystem read-only
[  367.442323][ T6756] EXT4-fs (loop1): 1 truncate cleaned up
[  367.453091][ T6756] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  367.667710][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  367.674858][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  367.752672][ T4250] EXT4-fs (loop1): unmounting filesystem.
[  368.850633][ T4254] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  369.215084][ T6773] loop1: detected capacity change from 0 to 32768
[  369.322343][ T6773] XFS (loop1): Mounting V5 Filesystem
[  369.349479][ T6771] loop2: detected capacity change from 0 to 32768
[  369.429702][ T6775] loop3: detected capacity change from 0 to 40427
[  369.461919][ T6771] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  369.468888][ T6775] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  369.526005][ T6775] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  369.582154][ T6775] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x3ffff
[  369.620490][ T6775] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8
[  369.752518][ T6773] XFS (loop1): Ending clean mount
[  369.758284][ T6775] F2FS-fs (loop3): invalid crc value
[  369.778515][ T4257] ocfs2: Unmounting device (7,2) on (node local)
[  369.797486][ T6773] XFS (loop1): Quotacheck needed: Please wait.
[  369.808384][ T6775] F2FS-fs (loop3): Found nat_bits in checkpoint
[  369.883232][ T6795] xt_SECMARK: invalid mode: 2
[  370.561894][ T6773] XFS (loop1): Quotacheck: Done.
[  370.742159][ T6775] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  370.878248][ T6775] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  370.920018][ T6800] loop0: detected capacity change from 0 to 1024
[  370.978732][ T6775] syz.3.495: attempt to access beyond end of device
[  370.978732][ T6775] loop3: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  371.018833][ T4812] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  371.029840][ T6777] loop4: detected capacity change from 0 to 32768
[  371.063284][ T4250] XFS (loop1): Unmounting Filesystem
[  371.223828][ T6777] XFS (loop4): Mounting V5 Filesystem
[  371.401441][ T6777] XFS (loop4): Ending clean mount
[  371.428123][ T6777] XFS (loop4): Quotacheck needed: Please wait.
[  371.591393][ T6814] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  372.320925][ T4260] syz-executor: attempt to access beyond end of device
[  372.320925][ T4260] loop3: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  372.484737][ T6777] XFS (loop4): Quotacheck: Done.
[  372.631585][ T4259] XFS (loop4): Unmounting Filesystem
[  374.060489][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  374.067071][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  374.310020][ T6827] loop0: detected capacity change from 0 to 1024
[  374.689161][ T6831] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  375.696610][ T6821] loop3: detected capacity change from 0 to 32768
[  375.764641][ T6821] XFS (loop3): Mounting V5 Filesystem
[  375.866223][ T6821] XFS (loop3): Ending clean mount
[  375.882219][ T6821] XFS (loop3): Quotacheck needed: Please wait.
[  375.896248][ T6829] loop4: detected capacity change from 0 to 32768
[  375.923903][ T6821] XFS (loop3): Quotacheck: Done.
[  375.982788][ T6829] XFS (loop4): Mounting V5 Filesystem
[  376.102990][ T4260] XFS (loop3): Unmounting Filesystem
[  376.117753][ T6829] XFS (loop4): Ending clean mount
[  376.139263][ T6829] XFS (loop4): Quotacheck needed: Please wait.
[  376.213952][ T6829] XFS (loop4): Quotacheck: Done.
[  376.257530][   T26] audit: type=1800 audit(1749740911.951:157): pid=6829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.502" name="file1" dev="loop4" ino=9286 res=0 errno=0
[  376.340152][ T4259] XFS (loop4): Unmounting Filesystem
[  376.577988][ T6840] loop2: detected capacity change from 0 to 32768
[  376.691513][ T6840] XFS (loop2): Mounting V5 Filesystem
[  376.791865][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  376.798367][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  377.584495][ T6840] XFS (loop2): Ending clean mount
[  377.609170][ T6840] XFS (loop2): Quotacheck needed: Please wait.
[  377.663409][ T6840] XFS (loop2): Quotacheck: Done.
[  380.258402][ T4257] XFS (loop2): Unmounting Filesystem
[  380.428022][ T6878] xt_SECMARK: invalid mode: 2
[  385.200840][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  385.210012][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  387.127517][ T6910] xt_SECMARK: invalid mode: 2
[  389.310564][ T6912] xt_SECMARK: invalid mode: 2
[  390.076341][ T6921] loop2: detected capacity change from 0 to 1024
[  390.183372][ T6923] loop3: detected capacity change from 0 to 1024
[  390.915102][ T6925] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  391.144780][ T6928] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  392.256585][ T6931] loop1: detected capacity change from 0 to 40427
[  392.277207][ T6931] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  392.286689][ T6931] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  392.302980][ T6931] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff
[  392.314368][ T6931] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8
[  392.334263][ T6931] F2FS-fs (loop1): invalid crc value
[  392.336606][ T6932] loop0: detected capacity change from 0 to 32768
[  392.373972][ T6931] F2FS-fs (loop1): Found nat_bits in checkpoint
[  392.420064][ T6932] XFS (loop0): Mounting V5 Filesystem
[  392.458278][ T6931] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  392.475793][ T6931] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  392.506615][ T6946] loop4: detected capacity change from 0 to 1024
[  392.577887][ T6932] XFS (loop0): Ending clean mount
[  392.608909][ T6932] XFS (loop0): Quotacheck needed: Please wait.
[  392.764182][ T6932] XFS (loop0): Quotacheck: Done.
[  392.890881][ T6948] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  392.930950][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  393.507883][ T4269] Bluetooth: hci6: command 0x1003 tx timeout
[  393.512670][   T47] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  393.711315][   T26] audit: type=1804 audit(1749740929.411:158): pid=6932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.527" name="/newroot/105/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  393.724413][ T6951] loop2: detected capacity change from 0 to 1024
[  393.848799][ T6953] loop3: detected capacity change from 0 to 1024
[  393.863806][ T4250] syz-executor: attempt to access beyond end of device
[  393.863806][ T4250] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  393.880607][ T6815] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  394.031963][ T4251] XFS (loop0): Unmounting Filesystem
[  394.238907][ T6956] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  394.930467][ T4261] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  395.307489][ T6958] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  395.390473][   T51] Bluetooth: hci6: Frame reassembly failed (-84)
[  396.350537][   T47] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  397.420467][ T4261] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  397.420546][   T47] Bluetooth: hci6: command 0x1003 tx timeout
[  397.508189][ T6965] loop0: detected capacity change from 0 to 40427
[  397.533483][ T6969] loop2: detected capacity change from 0 to 32768
[  397.607352][ T6965] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  397.677686][ T6965] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  397.700531][ T6965] F2FS-fs (loop0): invalid crc value
[  397.749083][ T6965] F2FS-fs (loop0): Found nat_bits in checkpoint
[  397.819976][ T6969] XFS (loop2): Mounting V5 Filesystem
[  398.213660][ T6969] XFS (loop2): Ending clean mount
[  398.260135][ T6969] XFS (loop2): Quotacheck needed: Please wait.
[  398.270291][ T6965] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  398.370095][ T6965] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  398.440721][ T6969] XFS (loop2): Quotacheck: Done.
[  398.662843][ T6965] syz.0.533: attempt to access beyond end of device
[  398.662843][ T6965] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  398.706084][ T4257] XFS (loop2): Unmounting Filesystem
[  398.721870][ T6995] syz.0.533: attempt to access beyond end of device
[  398.721870][ T6995] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  398.975598][ T4474] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  399.011495][ T4474] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  399.052292][ T6977] loop4: detected capacity change from 0 to 32768
[  399.160369][ T6977] XFS (loop4): Mounting V5 Filesystem
[  399.331526][ T6977] XFS (loop4): Ending clean mount
[  399.380530][ T6977] XFS (loop4): Quotacheck needed: Please wait.
[  399.448959][ T6977] XFS (loop4): Quotacheck: Done.
[  399.634008][ T4259] XFS (loop4): Unmounting Filesystem
[  400.100988][ T7007] loop1: detected capacity change from 0 to 40427
[  400.125959][ T7007] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  400.127787][ T6997] loop3: detected capacity change from 0 to 32768
[  400.163725][ T7007] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  400.248086][ T7007] F2FS-fs (loop1): invalid crc value
[  400.277887][ T6997] XFS (loop3): Mounting V5 Filesystem
[  400.294564][ T7007] F2FS-fs (loop1): Found nat_bits in checkpoint
[  400.515043][ T7007] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  400.544922][ T6997] XFS (loop3): Ending clean mount
[  400.567187][ T6997] XFS (loop3): Quotacheck needed: Please wait.
[  400.576833][ T7007] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  400.731791][ T6997] XFS (loop3): Quotacheck: Done.
[  400.946474][ T7007] syz.1.543: attempt to access beyond end of device
[  400.946474][ T7007] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  400.967175][ T7007] syz.1.543: attempt to access beyond end of device
[  400.967175][ T7007] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  401.066868][ T4260] XFS (loop3): Unmounting Filesystem
[  401.253562][   T32] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  401.288591][   T32] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  401.622457][ T7023] loop4: detected capacity change from 0 to 32768
[  401.694672][ T7023] XFS (loop4): Mounting V5 Filesystem
[  401.783222][ T7023] XFS (loop4): Ending clean mount
[  401.858734][ T7023] XFS (loop4): Quotacheck needed: Please wait.
[  402.034553][ T7041] loop3: detected capacity change from 0 to 1024
[  402.045246][ T7023] XFS (loop4): Quotacheck: Done.
[  402.090297][   T26] audit: type=1800 audit(1749740937.781:159): pid=7023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.544" name="file2" dev="loop4" ino=4423 res=0 errno=0
[  402.145251][ T4850] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  402.493211][ T7045] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  402.656001][ T4474] Bluetooth: hci5: Frame reassembly failed (-84)
[  403.278137][ T7036] loop0: detected capacity change from 0 to 40427
[  403.278207][ T4259] XFS (loop4): Unmounting Filesystem
[  403.303089][ T7036] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  403.310085][ T7036] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  403.340755][ T7036] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x3ffff
[  403.349336][ T7036] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x1f8
[  403.385040][ T7036] F2FS-fs (loop0): invalid crc value
[  403.425356][ T7036] F2FS-fs (loop0): Found nat_bits in checkpoint
[  403.503873][ T7036] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  403.523421][ T7036] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  403.615010][ T7036] syz.0.547: attempt to access beyond end of device
[  403.615010][ T7036] loop0: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  403.688358][ T4251] syz-executor: attempt to access beyond end of device
[  403.688358][ T4251] loop0: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  403.706387][ T7047] loop1: detected capacity change from 0 to 32768
[  403.756091][ T7047] XFS (loop1): Mounting V5 Filesystem
[  403.876573][ T7047] XFS (loop1): Ending clean mount
[  403.936770][ T7047] XFS (loop1): Quotacheck needed: Please wait.
[  403.994972][ T7047] XFS (loop1): Quotacheck: Done.
[  404.199799][ T4250] XFS (loop1): Unmounting Filesystem
[  404.387015][ T7061] loop2: detected capacity change from 0 to 32768
[  404.440393][ T4424] usb 1-1: new low-speed USB device number 4 using dummy_hcd
[  404.506500][ T7061] XFS (loop2): Mounting V5 Filesystem
[  404.530523][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  404.742538][ T4424] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  404.818944][ T7075] xt_SECMARK: invalid mode: 2
[  405.290693][ T7061] XFS (loop2): Ending clean mount
[  405.594866][ T4424] usb 1-1: config 179 has no interface number 0
[  405.601917][ T4424] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  405.617346][ T4424] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  405.628404][ T4424] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  405.639675][ T4424] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8
[  405.660581][ T4424] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  405.801988][ T4424] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  405.811706][ T4424] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.830087][ T7063] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  406.686373][ T7063] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  406.711435][ T7061] XFS (loop2): Quotacheck needed: Please wait.
[  406.816764][ T7081] loop4: detected capacity change from 0 to 1024
[  406.825717][ T7061] XFS (loop2): Quotacheck: Done.
[  408.700525][ T7089] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  409.468403][ T4257] XFS (loop2): Unmounting Filesystem
[  409.478315][ T4664] usb 1-1: USB disconnect, device number 4
[  409.484217][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  409.484262][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  410.230938][ T7091] loop1: detected capacity change from 0 to 40427
[  410.263625][ T7091] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  410.285723][ T7091] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  410.312175][ T7091] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff
[  410.325264][ T7099] loop2: detected capacity change from 0 to 1024
[  410.345996][ T7091] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8
[  410.399915][ T7091] F2FS-fs (loop1): invalid crc value
[  410.529578][ T7091] F2FS-fs (loop1): Found nat_bits in checkpoint
[  412.058050][ T7105] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  412.094710][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  412.095899][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  412.177055][ T7091] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  412.250521][ T7091] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  412.319628][   T26] audit: type=1800 audit(1749740948.011:160): pid=7091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.555" name="file1" dev="loop1" ino=10 res=0 errno=0
[  412.472503][ T4250] syz-executor: attempt to access beyond end of device
[  412.472503][ T4250] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  413.117232][ T7118] loop3: detected capacity change from 0 to 1024
[  413.479102][ T7122] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  413.577150][ T4457] Bluetooth: hci5: Frame reassembly failed (-84)
[  413.629286][ T4457] Bluetooth: hci5: Frame reassembly failed (-84)
[  414.130624][   T47] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  414.233759][ T7113] loop4: detected capacity change from 0 to 32768
[  414.319038][ T7113] XFS (loop4): Mounting V5 Filesystem
[  414.546582][ T7113] XFS (loop4): Ending clean mount
[  414.554113][ T7113] XFS (loop4): Quotacheck needed: Please wait.
[  414.610169][ T7113] XFS (loop4): Quotacheck: Done.
[  414.845742][ T4259] XFS (loop4): Unmounting Filesystem
[  415.575917][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  416.615133][ T7135] loop0: detected capacity change from 0 to 32768
[  416.702914][ T7135] XFS (loop0): Mounting V5 Filesystem
[  416.820180][ T7135] XFS (loop0): Ending clean mount
[  416.859529][ T7135] XFS (loop0): Quotacheck needed: Please wait.
[  416.971417][ T7135] XFS (loop0): Quotacheck: Done.
[  417.265089][ T4251] XFS (loop0): Unmounting Filesystem
[  417.664031][ T7161] loop0: detected capacity change from 0 to 1024
[  417.905282][ T7157] loop1: detected capacity change from 0 to 40427
[  417.930891][ T7157] F2FS-fs (loop1): invalid crc value
[  418.025396][ T7165] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  418.179091][ T4410] Bluetooth: hci5: Frame reassembly failed (-84)
[  418.243593][ T4410] Bluetooth: hci5: Frame reassembly failed (-84)
[  418.695815][ T7157] F2FS-fs (loop1): Found nat_bits in checkpoint
[  418.820050][ T7157] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  419.824152][ T7168] loop2: detected capacity change from 0 to 40427
[  419.850456][ T7168] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  419.878722][ T7168] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  419.898204][ T7168] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  419.930284][ T7168] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  419.973071][ T7168] F2FS-fs (loop2): invalid crc value
[  420.020442][ T7168] F2FS-fs (loop2): Found nat_bits in checkpoint
[  420.097815][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  420.335207][ T7175] loop1: detected capacity change from 0 to 32768
[  420.467338][ T7168] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  420.484448][ T7168] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  420.555061][ T7179] loop4: detected capacity change from 0 to 32768
[  420.557790][ T7175] XFS (loop1): Mounting V5 Filesystem
[  420.696096][ T7179] XFS (loop4): Mounting V5 Filesystem
[  420.772319][ T7175] XFS (loop1): Ending clean mount
[  420.778142][   T26] audit: type=1800 audit(1749740956.471:161): pid=7168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.573" name="file1" dev="loop2" ino=10 res=0 errno=0
[  420.795543][ T7175] XFS (loop1): Quotacheck needed: Please wait.
[  420.839442][ T7179] XFS (loop4): Ending clean mount
[  420.858318][ T7179] XFS (loop4): Quotacheck needed: Please wait.
[  420.902202][ T7175] XFS (loop1): Quotacheck: Done.
[  420.940515][ T7179] XFS (loop4): Quotacheck: Done.
[  420.958125][ T4257] syz-executor: attempt to access beyond end of device
[  420.958125][ T4257] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  421.005814][   T26] audit: type=1804 audit(1749740956.701:162): pid=7175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.575" name="/newroot/128/file0/bus" dev="loop1" ino=9291 res=1 errno=0
[  421.205384][ T4250] XFS (loop1): Unmounting Filesystem
[  421.556633][ T4259] XFS (loop4): Unmounting Filesystem
[  422.306131][ T7217] xt_SECMARK: invalid mode: 2
[  423.652912][ T7207] loop3: detected capacity change from 0 to 40427
[  423.702515][ T7207] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  423.739640][ T7207] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  423.783447][ T7207] F2FS-fs (loop3): invalid crc value
[  424.504615][ T7207] F2FS-fs (loop3): Found nat_bits in checkpoint
[  426.127030][ T7240] loop0: detected capacity change from 0 to 1024
[  426.465191][ T7242] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  426.698492][ T4457] Bluetooth: hci5: Frame reassembly failed (-84)
[  429.042057][   T47] Bluetooth: hci5: command 0x1003 tx timeout
[  429.090834][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  430.046607][ T7244] loop1: detected capacity change from 0 to 40427
[  430.067050][ T7244] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  430.094308][ T7244] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  430.116199][ T7254] loop4: detected capacity change from 0 to 32768
[  430.119307][ T7244] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff
[  430.144544][ T7254] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.593 (7254)
[  430.159565][ T7244] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8
[  430.197189][ T7244] F2FS-fs (loop1): invalid crc value
[  430.215389][ T7254] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  430.248320][ T7254] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  430.266899][ T7244] F2FS-fs (loop1): Found nat_bits in checkpoint
[  430.273930][ T7254] BTRFS info (device loop4): enabling auto defrag
[  430.296759][ T7254] BTRFS info (device loop4): use no compression
[  430.348359][ T7254] BTRFS info (device loop4): force clearing of disk cache
[  430.376876][ T7254] BTRFS info (device loop4): max_inline at 4096
[  430.398690][ T7254] BTRFS info (device loop4): disabling free space tree
[  430.576729][ T7260] loop3: detected capacity change from 0 to 40427
[  430.640233][ T7260] F2FS-fs (loop3): invalid crc value
[  430.941780][ T7260] F2FS-fs (loop3): Found nat_bits in checkpoint
[  431.412746][ T7254] BTRFS error (device loop4): open_ctree failed: -12
[  431.494035][ T7260] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[  431.528470][ T7260] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  431.675049][   T26] audit: type=1800 audit(1749740967.371:163): pid=7260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.594" name="file1" dev="loop3" ino=10 res=0 errno=0
[  431.807549][ T4260] syz-executor: attempt to access beyond end of device
[  431.807549][ T4260] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  434.416079][ T7315] loop2: detected capacity change from 0 to 1024
[  434.602756][ T7316] loop4: detected capacity change from 0 to 1024
[  434.692769][ T7318] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  435.673567][ T7320] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  435.691519][ T4555] Bluetooth: hci6: Frame reassembly failed (-84)
[  436.098075][ T7311] loop1: detected capacity change from 0 to 40427
[  436.137469][ T7311] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  436.145526][ T7311] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  436.164284][ T7311] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff
[  436.190441][ T7311] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8
[  436.230512][ T7311] F2FS-fs (loop1): invalid crc value
[  436.288824][ T7311] F2FS-fs (loop1): Found nat_bits in checkpoint
[  436.770509][   T47] Bluetooth: hci5: command 0x1003 tx timeout
[  436.815377][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  437.730596][ T4254] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  437.730959][ T4261] Bluetooth: hci6: command 0x1003 tx timeout
[  439.643510][ T7337] loop2: detected capacity change from 0 to 32768
[  439.903303][ T7337] XFS (loop2): Mounting V5 Filesystem
[  440.450871][ T7337] XFS (loop2): Ending clean mount
[  440.505685][ T7337] XFS (loop2): Quotacheck needed: Please wait.
[  440.648774][ T7337] XFS (loop2): Quotacheck: Done.
[  440.878524][ T4257] XFS (loop2): Unmounting Filesystem
[  440.961139][ T7374] loop0: detected capacity change from 0 to 1024
[  441.351571][ T7376] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  441.457433][   T32] Bluetooth: hci5: Frame reassembly failed (-84)
[  441.512834][   T32] Bluetooth: hci5: Frame reassembly failed (-84)
[  443.410524][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  443.560966][ T7370] loop4: detected capacity change from 0 to 32768
[  443.671691][ T7372] loop1: detected capacity change from 0 to 32768
[  443.965025][ T7388] loop2: detected capacity change from 0 to 4096
[  444.006384][ T7388] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  444.493102][ T7401] loop2: detected capacity change from 0 to 1024
[  444.988685][ T7410] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  445.117957][ T6037] Bluetooth: hci5: Frame reassembly failed (-84)
[  445.194022][ T6037] Bluetooth: hci5: Frame reassembly failed (-84)
[  445.880853][ T7390] loop3: detected capacity change from 0 to 32768
[  445.953442][ T7390] XFS (loop3): Mounting V5 Filesystem
[  446.134506][ T7390] XFS (loop3): Ending clean mount
[  446.143522][ T7390] XFS (loop3): Quotacheck needed: Please wait.
[  446.213519][ T7390] XFS (loop3): Quotacheck: Done.
[  447.091185][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  447.091246][ T4261] Bluetooth: hci5: command 0x1003 tx timeout
[  447.410023][ T4260] XFS (loop3): Unmounting Filesystem
[  450.133331][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  450.139698][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  451.089989][ T7478] loop2: detected capacity change from 0 to 1024
[  451.554938][ T7487] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  451.736160][ T4295] Bluetooth: hci5: Frame reassembly failed (-84)
[  451.831494][ T4295] Bluetooth: hci5: Frame reassembly failed (-84)
[  452.884618][ T7495] loop4: detected capacity change from 0 to 1024
[  453.722386][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  453.729815][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  453.741271][ T6472] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  454.117194][ T7500] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  454.206166][ T4361] Bluetooth: hci5: Frame reassembly failed (-84)
[  456.210481][ T4261] Bluetooth: hci5: command 0x1003 tx timeout
[  456.218553][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  456.496741][ T7498] loop3: detected capacity change from 0 to 40427
[  456.618173][ T7498] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  456.688950][ T7498] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  456.754209][ T7498] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x3ffff
[  456.807924][ T7498] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8
[  456.866791][ T7498] F2FS-fs (loop3): invalid crc value
[  456.908874][ T7498] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  458.925941][ T7538] loop4: detected capacity change from 0 to 1024
[  459.175235][ T6472] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  459.723836][ T7546] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  462.004665][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  464.335133][ T7563] loop2: detected capacity change from 0 to 40427
[  464.503403][ T7563] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  464.511698][ T7563] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  464.532174][ T7563] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  464.667242][ T7563] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  464.719687][ T7563] F2FS-fs (loop2): invalid crc value
[  464.765196][ T7568] loop3: detected capacity change from 0 to 40427
[  465.290938][ T7568] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  465.305735][ T7563] F2FS-fs (loop2): Found nat_bits in checkpoint
[  465.326474][ T7568] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  466.019274][ T7568] F2FS-fs (loop3): invalid crc value
[  466.080745][ T7568] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  466.371717][ T7594] usb usb8: usbfs: process 7594 (syz.0.682) did not claim interface 0 before use
[  466.605669][ T7600] loop4: detected capacity change from 0 to 1024
[  466.990410][ T7606] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  467.113517][   T51] Bluetooth: hci5: Frame reassembly failed (-84)
[  469.011220][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  469.017733][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  470.745356][ T7612] loop2: detected capacity change from 0 to 32768
[  470.886193][ T7639] loop0: detected capacity change from 0 to 1024
[  470.996640][ T4850] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  471.111217][ T7648] usb usb8: usbfs: process 7648 (syz.2.700) did not claim interface 0 before use
[  471.360497][ T7651] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  471.501064][   T75] Bluetooth: hci5: Frame reassembly failed (-84)
[  472.682576][ T7628] loop4: detected capacity change from 0 to 40427
[  473.533502][ T7664] xt_SECMARK: invalid mode: 2
[  473.542906][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  473.549464][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  473.874324][ T7663] loop3: detected capacity change from 0 to 1024
[  474.523798][ T7677] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  476.620537][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  476.628575][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  479.035726][ T7708] loop1: detected capacity change from 0 to 128
[  479.042955][   T26] audit: type=1326 audit(1749741014.741:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.103638][   T26] audit: type=1326 audit(1749741014.741:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.138673][ T7709] netlink: 88 bytes leftover after parsing attributes in process `+}[@'.
[  479.232971][   T26] audit: type=1326 audit(1749741014.771:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.338545][   T26] audit: type=1326 audit(1749741014.771:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.385820][ T7712] syz.1.719: attempt to access beyond end of device
[  479.385820][ T7712] loop1: rw=2049, sector=145, nr_sectors = 224 limit=128
[  479.458991][   T26] audit: type=1326 audit(1749741014.771:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.530425][   T26] audit: type=1326 audit(1749741014.791:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.583463][   T26] audit: type=1326 audit(1749741014.801:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.678049][   T26] audit: type=1326 audit(1749741014.801:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.750936][   T26] audit: type=1326 audit(1749741014.801:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.0.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  479.877152][   T26] audit: type=1326 audit(1749741014.801:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  485.196520][ T7750] loop0: detected capacity change from 0 to 32768
[  485.305104][ T7750] XFS (loop0): Mounting V5 Filesystem
[  485.391444][ T7750] XFS (loop0): Ending clean mount
[  485.404646][ T7750] XFS (loop0): Quotacheck needed: Please wait.
[  485.502366][ T7750] XFS (loop0): Quotacheck: Done.
[  485.728463][ T7756] loop2: detected capacity change from 0 to 40427
[  485.781105][ T7756] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  485.791737][ T7756] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  485.800745][ T7756] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  485.822683][ T4251] XFS (loop0): Unmounting Filesystem
[  485.870461][ T7756] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  485.927882][ T7756] F2FS-fs (loop2): invalid crc value
[  486.030758][ T7756] F2FS-fs (loop2): Found nat_bits in checkpoint
[  486.221501][ T7756] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  486.238158][ T7756] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  486.323670][ T7783] loop4: detected capacity change from 0 to 128
[  486.448930][ T4257] syz-executor: attempt to access beyond end of device
[  486.448930][ T4257] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  486.474474][   T26] kauditd_printk_skb: 61 callbacks suppressed
[  486.474489][   T26] audit: type=1326 audit(1749741022.171:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  486.553991][   T26] audit: type=1326 audit(1749741022.231:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  486.589429][ T7786] netlink: 88 bytes leftover after parsing attributes in process `+}[@'.
[  486.748070][   T26] audit: type=1326 audit(1749741022.281:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  486.821239][   T26] audit: type=1326 audit(1749741022.281:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  486.930379][   T26] audit: type=1326 audit(1749741022.281:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  487.074609][   T26] audit: type=1326 audit(1749741022.281:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  487.240554][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.1.746'.
[  487.345659][   T26] audit: type=1326 audit(1749741022.281:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  488.306864][   T26] audit: type=1326 audit(1749741022.281:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  488.410415][   T26] audit: type=1326 audit(1749741022.281:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  488.496307][   T26] audit: type=1326 audit(1749741022.281:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85dd8e929 code=0x7ffc0000
[  488.678098][ T7808] loop4: detected capacity change from 0 to 512
[  489.702623][ T7808] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  489.717734][ T7808] ext4 filesystem being mounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.665548][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  491.840668][ T7792] team0 (unregistering): Port device team_slave_0 removed
[  491.982505][ T7792] team0 (unregistering): Port device team_slave_1 removed
[  492.126639][ T7832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.756'.
[  492.733991][ T7834] netlink: 'syz.3.757': attribute type 10 has an invalid length.
[  492.829709][ T7834] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.862213][ T7834] team0: Port device bond0 added
[  492.882711][ T7837] netlink: 4 bytes leftover after parsing attributes in process `syz.3.757'.
[  492.902384][ T7831] loop4: detected capacity change from 0 to 40427
[  492.955632][ T7831] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  492.973442][ T7831] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  493.041446][ T7831] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x3ffff
[  493.097538][ T7831] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8
[  493.171560][ T7831] F2FS-fs (loop4): invalid crc value
[  493.239625][ T7831] F2FS-fs (loop4): Found nat_bits in checkpoint
[  493.249795][ T7846] netlink: 'syz.3.764': attribute type 10 has an invalid length.
[  493.354569][ T7851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.764'.
[  493.424526][ T7831] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  493.440391][ T7831] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  493.646327][ T7860] netlink: 88 bytes leftover after parsing attributes in process `+}[@'.
[  493.695951][ T4259] syz-executor: attempt to access beyond end of device
[  493.695951][ T4259] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  494.209589][ T7873] loop1: detected capacity change from 0 to 1024
[  494.995227][ T7876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[  495.639696][ T7883] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  496.979029][ T7892] netlink: 88 bytes leftover after parsing attributes in process `+}[@'.
[  497.202181][ T7889] netlink: 'syz.0.776': attribute type 10 has an invalid length.
[  497.218277][ T7895] loop3: detected capacity change from 0 to 1024
[  497.292276][ T7889] 8021q: adding VLAN 0 to HW filter on device bond0
[  497.328720][ T6472] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  497.337284][ T7889] team0: Port device bond0 added
[  497.401007][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.776'.
[  497.708672][ T7902] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  497.962209][ T4582] Bluetooth: hci6: Frame reassembly failed (-84)
[  498.024996][ T4582] Bluetooth: hci6: Frame reassembly failed (-84)
[  498.108067][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  498.120868][ T4261] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  499.740848][ T4254] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  499.789429][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  499.789444][   T26] audit: type=1326 audit(1749741035.481:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  499.909801][   T26] audit: type=1326 audit(1749741035.481:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  499.939205][ T7922] netlink: 'syz.3.787': attribute type 10 has an invalid length.
[  499.959378][ T7922] netlink: 4 bytes leftover after parsing attributes in process `syz.3.787'.
[  500.013325][   T26] audit: type=1326 audit(1749741035.481:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.160469][   T26] audit: type=1326 audit(1749741035.481:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.192223][ T7897] loop4: detected capacity change from 0 to 40427
[  500.255771][   T26] audit: type=1326 audit(1749741035.481:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.387967][   T26] audit: type=1326 audit(1749741035.481:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.505377][   T26] audit: type=1326 audit(1749741035.481:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.667961][   T26] audit: type=1326 audit(1749741035.481:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.707286][   T26] audit: type=1326 audit(1749741035.481:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.796145][   T26] audit: type=1326 audit(1749741035.481:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7913 comm="syz.0.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0294d8e929 code=0x7ffc0000
[  500.943254][ T7922] team0 (unregistering): Port device team_slave_0 removed
[  500.994222][ T7922] team0 (unregistering): Port device team_slave_1 removed
[  501.018907][ T7922] team0 (unregistering): Port device bond0 removed
[  501.080206][ T7925] netlink: 'syz.1.786': attribute type 10 has an invalid length.
[  501.107300][ T7926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.786'.
[  501.509308][ T7949] smc: net device bond0 applied user defined pnetid SYZ0
[  501.553332][ T7949] smc: net device bond0 erased user defined pnetid SYZ0
[  501.706206][ T7956] loop3: detected capacity change from 0 to 1024
[  501.716191][ T7954] capability: warning: `syz.2.793' uses deprecated v2 capabilities in a way that may be insecure
[  501.990434][ T4336] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  502.076741][ T7962] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  502.416886][ T4474] Bluetooth: hci5: Frame reassembly failed (-84)
[  502.822225][ T4336] usb 3-1: Using ep0 maxpacket: 32
[  502.834936][ T4336] usb 3-1: config 4 has an invalid interface number: 128 but max is 0
[  502.834965][ T4336] usb 3-1: config 4 has no interface number 0
[  502.834997][ T4336] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11
[  502.835026][ T4336] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid maxpacket 59360, setting to 1024
[  502.835066][ T4336] usb 3-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00
[  502.835091][ T4336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.837958][ T7954] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  502.840027][ T4336] hub 3-1:4.128: USB hub found
[  502.919850][ T7967] netlink: 'syz.0.799': attribute type 10 has an invalid length.
[  502.988501][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.799'.
[  503.076627][ T7953] loop2: detected capacity change from 0 to 512
[  503.147691][ T7953] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  503.328596][ T7953] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #16: comm syz.2.793: corrupted inode contents
[  503.358978][ T7953] EXT4-fs error (device loop2): ext4_dirty_inode:6118: inode #16: comm syz.2.793: mark_inode_dirty error
[  503.385506][ T7953] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #16: comm syz.2.793: corrupted inode contents
[  503.429704][ T7953] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.793: mark_inode_dirty error
[  503.459942][ T7953] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #16: comm syz.2.793: corrupted inode contents
[  503.482774][ T7953] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  503.499294][ T7953] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #16: comm syz.2.793: corrupted inode contents
[  503.522983][ T7953] EXT4-fs error (device loop2): ext4_truncate:4312: inode #16: comm syz.2.793: mark_inode_dirty error
[  503.534910][ T7953] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  503.556729][ T7953] EXT4-fs (loop2): 1 truncate cleaned up
[  503.563659][ T7953] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  503.583447][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:3: Failed to release dquot type 1
[  503.589609][ T7953] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  503.634618][ T7969] team0 (unregistering): Port device team_slave_0 removed
[  503.647454][ T7953] EXT4-fs (loop2): unmounting filesystem.
[  503.681170][ T7969] team0 (unregistering): Port device team_slave_1 removed
[  503.696496][ T7969] team0 (unregistering): Port device bond0 removed
[  503.793603][ T7973] netlink: 'syz.4.801': attribute type 10 has an invalid length.
[  503.821638][ T4336] hub 3-1:4.128: config failed, can't read hub descriptor (err -22)
[  503.862307][ T7973] 8021q: adding VLAN 0 to HW filter on device bond0
[  503.881090][ T4336] usb 3-1: USB disconnect, device number 3
[  503.887983][ T7973] team0: Port device bond0 added
[  503.909536][ T7974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.801'.
[  504.131887][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  504.371419][ T7974] team0 (unregistering): Port device team_slave_0 removed
[  504.383363][ T7974] team0 (unregistering): Port device team_slave_1 removed
[  504.428009][ T7974] team0 (unregistering): Port device bond0 removed
[  504.484925][ T4336] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  504.494856][ T7980] netlink: 'syz.1.802': attribute type 10 has an invalid length.
[  504.494969][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.802'.
[  504.596682][ T7993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.805'.
[  504.598063][ T7993] IPVS: Error joining to the multicast group
[  504.733625][ T4336] usb 1-1: Using ep0 maxpacket: 32
[  504.740458][ T4336] usb 1-1: config 4 has an invalid interface number: 128 but max is 0
[  504.740490][ T4336] usb 1-1: config 4 has no interface number 0
[  504.740520][ T4336] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11
[  504.740547][ T4336] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid maxpacket 59360, setting to 1024
[  504.740584][ T4336] usb 1-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00
[  504.740607][ T4336] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.752307][ T7987] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  504.753666][ T4336] hub 1-1:4.128: USB hub found
[  505.307786][ T4336] hub 1-1:4.128: 2 ports detected
[  505.373792][ T4336] hub 1-1:4.128: Using single TT (err -22)
[  505.712809][ T4336] hub 1-1:4.128: hub_hub_status failed (err = -71)
[  505.730099][ T4336] hub 1-1:4.128: config failed, can't get hub status (err -71)
[  505.811458][ T4336] usb 1-1: USB disconnect, device number 5
[  505.938328][ T8017] netlink: 12 bytes leftover after parsing attributes in process `syz.2.816'.
[  505.990183][ T8019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.815'.
[  506.040551][ T8019] IPVS: Error joining to the multicast group
[  506.371809][   T26] kauditd_printk_skb: 35 callbacks suppressed
[  506.371822][   T26] audit: type=1326 audit(1749741042.071:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.478282][   T26] audit: type=1326 audit(1749741042.111:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.520140][   T26] audit: type=1326 audit(1749741042.111:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.637590][   T26] audit: type=1326 audit(1749741042.111:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.698096][   T26] audit: type=1326 audit(1749741042.121:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.766147][   T26] audit: type=1326 audit(1749741042.121:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.819786][   T26] audit: type=1326 audit(1749741042.121:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.869779][   T26] audit: type=1326 audit(1749741042.121:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.918985][   T26] audit: type=1326 audit(1749741042.121:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  506.979192][   T26] audit: type=1326 audit(1749741042.121:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  507.951695][ T4298] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  508.113382][ T8063] xt_hashlimit: size too large, truncated to 1048576
[  508.120108][ T8063] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  508.140399][ T4298] usb 5-1: Using ep0 maxpacket: 32
[  508.147209][ T4298] usb 5-1: config 4 has an invalid interface number: 128 but max is 0
[  508.165784][ T4298] usb 5-1: config 4 has no interface number 0
[  508.172732][ T4298] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11
[  508.214798][ T4298] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid maxpacket 59360, setting to 1024
[  508.275841][ T4298] usb 5-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00
[  508.330254][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.359998][ T8049] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  508.396502][ T4298] hub 5-1:4.128: USB hub found
[  508.740530][ T4424] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  508.870874][ T8044] loop4: detected capacity change from 0 to 512
[  508.930980][ T4424] usb 2-1: Using ep0 maxpacket: 32
[  508.945132][ T4424] usb 2-1: config 4 has an invalid interface number: 128 but max is 0
[  508.978153][ T4424] usb 2-1: config 4 has no interface number 0
[  508.994488][ T8044] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.826: corrupted inode contents
[  509.006403][ T4424] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11
[  509.006952][ T8044] EXT4-fs error (device loop4): ext4_dirty_inode:6118: inode #16: comm syz.4.826: mark_inode_dirty error
[  509.037159][ T8044] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.826: corrupted inode contents
[  509.053475][ T8044] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.826: mark_inode_dirty error
[  509.068919][ T4424] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid maxpacket 59360, setting to 1024
[  509.097473][ T4424] usb 2-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00
[  509.116732][ T8044] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.826: corrupted inode contents
[  509.134443][ T4424] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.159170][ T8071] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  509.227874][ T4424] hub 2-1:4.128: USB hub found
[  509.266260][ T8044] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  509.295432][ T8044] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.826: corrupted inode contents
[  509.319894][ T8044] EXT4-fs error (device loop4): ext4_truncate:4312: inode #16: comm syz.4.826: mark_inode_dirty error
[  509.350892][ T8044] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  509.380980][ T8044] EXT4-fs (loop4): 1 truncate cleaned up
[  509.395791][ T8044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  509.426154][ T8044] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  509.508871][ T4510] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:15: Failed to release dquot type 1
[  509.577827][ T8044] EXT4-fs (loop4): unmounting filesystem.
[  509.597092][ T4424] hub 2-1:4.128: 2 ports detected
[  509.607967][ T4424] hub 2-1:4.128: Using single TT (err -22)
[  509.773143][ T4298] hub 5-1:4.128: config failed, can't read hub descriptor (err -22)
[  509.809241][ T4424] hub 2-1:4.128: hub_hub_status failed (err = -71)
[  509.826980][ T4424] hub 2-1:4.128: config failed, can't get hub status (err -71)
[  509.832941][ T4298] usb 5-1: USB disconnect, device number 4
[  509.926299][ T4424] usb 2-1: USB disconnect, device number 3
[  510.509626][ T8091] xt_hashlimit: size too large, truncated to 1048576
[  510.526667][ T8091] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  511.582407][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  511.588895][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  512.274691][ T8086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.839'.
[  512.565591][ T8108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.845'.
[  512.607517][ T8108] IPVS: Error joining to the multicast group
[  513.705477][ T8119] loop4: detected capacity change from 0 to 1024
[  514.107251][ T8133] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  514.130954][ T4546] Bluetooth: hci5: Frame reassembly failed (-84)
[  514.144149][ T4546] Bluetooth: hci5: Frame reassembly failed (-84)
[  514.884206][ T8139] loop2: detected capacity change from 0 to 512
[  515.009672][ T8139] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  515.044350][ T8139] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  515.162272][ T8151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'.
[  515.180587][ T8151] IPVS: Error joining to the multicast group
[  515.446635][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  515.641024][ T8160] loop2: detected capacity change from 0 to 512
[  516.003435][ T8160] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  516.125195][ T8160] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  516.138377][ T4269] Bluetooth: hci5: command 0x1003 tx timeout
[  516.144866][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  517.608723][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  518.020014][ T8187] netlink: 'syz.0.879': attribute type 10 has an invalid length.
[  518.123303][ T8190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.879'.
[  518.134405][ T8154] loop3: detected capacity change from 0 to 40427
[  518.173310][ T8154] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  518.190314][ T8154] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  518.218402][ T8154] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x3ffff
[  518.260421][ T8154] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8
[  518.321499][ T8154] F2FS-fs (loop3): invalid crc value
[  518.345004][ T8154] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  518.631625][ T8204] netlink: 8 bytes leftover after parsing attributes in process `syz.1.875'.
[  518.675407][ T8204] IPVS: Error joining to the multicast group
[  518.767580][ T8206] loop3: detected capacity change from 0 to 1024
[  519.229196][ T8210] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  519.287050][ T4510] Bluetooth: hci5: Frame reassembly failed (-84)
[  521.092096][   T26] kauditd_printk_skb: 108 callbacks suppressed
[  521.092120][   T26] audit: type=1326 audit(1749741056.791:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  521.139331][ T8227] xt_hashlimit: size too large, truncated to 1048576
[  521.156496][ T8227] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  521.189742][   T26] audit: type=1326 audit(1749741056.821:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  521.336737][ T8231] tipc: Started in network mode
[  521.364742][ T8231] tipc: Node identity ded2bf2984f9, cluster identity 4711
[  521.383689][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  521.391442][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  522.270906][ T8231] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  522.387564][   T26] audit: type=1326 audit(1749741056.821:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.409895][   T26] audit: type=1326 audit(1749741056.821:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.432876][   T26] audit: type=1326 audit(1749741056.821:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.456058][   T26] audit: type=1326 audit(1749741056.821:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.478564][   T26] audit: type=1326 audit(1749741056.821:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.507089][   T26] audit: type=1326 audit(1749741056.821:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.589359][ T8224] tipc: Disabling bearer <eth:syzkaller0>
[  522.630663][   T26] audit: type=1326 audit(1749741056.821:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.681669][   T26] audit: type=1326 audit(1749741056.821:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  522.770423][ T8242] netlink: 'syz.3.889': attribute type 10 has an invalid length.
[  522.802316][ T8242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.889'.
[  523.395473][ T8230] loop4: detected capacity change from 0 to 40427
[  523.416809][ T8230] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  523.459216][ T8230] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  523.520158][ T8230] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x3ffff
[  523.590469][ T8230] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8
[  523.803319][ T8230] F2FS-fs (loop4): invalid crc value
[  524.049460][ T8230] F2FS-fs (loop4): Found nat_bits in checkpoint
[  525.093432][ T8279] loop2: detected capacity change from 0 to 1024
[  525.434072][ T8284] mmap: syz.1.901 (8284) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  525.607499][ T8277] loop1: detected capacity change from 0 to 2048
[  525.927925][ T8279] EXT4-fs: Ignoring removed nobh option
[  525.945615][ T8277]  loop1: p1 < > p4
[  525.950335][ T8279] EXT4-fs: Ignoring removed bh option
[  525.970390][ T8279] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  526.073064][ T8290] loop0: detected capacity change from 0 to 512
[  526.157643][ T8277] loop1: p4 size 8388608 extends beyond EOD, truncated
[  526.215805][ T3623]  loop1: p1 < > p4
[  526.260244][ T8279] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  526.337875][ T3623] loop1: p4 size 8388608 extends beyond EOD, truncated
[  526.669362][ T8290] EXT4-fs (loop0): 1 orphan inode deleted
[  526.685758][ T4546] __quota_error: 18 callbacks suppressed
[  526.685774][ T4546] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  526.725301][ T8290] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  526.734547][ T4546] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:17: Failed to release dquot type 1
[  526.766876][ T8290] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.969851][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  528.250839][ T8308] loop0: detected capacity change from 0 to 512
[  528.295668][   T26] audit: type=1326 audit(1749741063.991:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.362095][ T4301] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  528.399956][   T26] audit: type=1326 audit(1749741064.021:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.461250][ T4301] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  528.488653][ T8308] EXT4-fs (loop0): 1 orphan inode deleted
[  528.500997][ T8308] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  528.510697][ T4510] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  528.520461][   T26] audit: type=1326 audit(1749741064.021:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.520497][   T26] audit: type=1326 audit(1749741064.021:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.520531][   T26] audit: type=1326 audit(1749741064.021:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.588401][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  528.596976][ T4510] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:15: Failed to release dquot type 1
[  528.663767][ T8308] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.780035][   T26] audit: type=1326 audit(1749741064.021:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  528.940345][   T26] audit: type=1326 audit(1749741064.021:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  529.050647][   T26] audit: type=1326 audit(1749741064.021:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8309 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  529.196878][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  529.362668][ T8324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.913'.
[  529.417819][ T8324] IPVS: Error joining to the multicast group
[  529.427269][ T8326] xt_hashlimit: size too large, truncated to 1048576
[  529.434723][ T8326] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  530.756771][ T4338] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  530.816235][ T4338] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  531.717904][ T8345] loop0: detected capacity change from 0 to 1024
[  531.773798][ T8345] EXT4-fs: Ignoring removed nobh option
[  531.789938][ T8345] EXT4-fs: Ignoring removed bh option
[  531.815978][ T8345] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  531.931525][ T8345] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  532.015354][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.921'.
[  532.341504][ T8281] Set syz1 is full, maxelem 65536 reached
[  532.554540][ T8352] loop3: detected capacity change from 0 to 1024
[  532.944888][ T8354] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  532.992118][   T75] Bluetooth: hci5: Frame reassembly failed (-84)
[  533.743963][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  535.025894][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  535.033512][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  535.333416][ T8361] loop3: detected capacity change from 0 to 1024
[  535.378250][ T8361] EXT4-fs: Ignoring removed nobh option
[  535.425548][ T8361] EXT4-fs: Ignoring removed bh option
[  535.452137][ T8361] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  535.547776][ T8361] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  535.865923][ T8312] Set syz1 is full, maxelem 65536 reached
[  536.181207][ T8360] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.924: Allocating blocks 497-513 which overlap fs metadata
[  536.206568][ T8360] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.924: Allocating blocks 497-513 which overlap fs metadata
[  536.206681][ T8349] IPVS: Error joining to the multicast group
[  536.550740][ T8360] EXT4-fs (loop3): pa ffff888054fea0e0: logic 740, phys. 369, len 9
[  536.559342][ T8360] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  536.664567][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  537.608234][   T26] kauditd_printk_skb: 133 callbacks suppressed
[  537.608248][   T26] audit: type=1326 audit(1749741073.301:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.618877][   T26] audit: type=1326 audit(1749741073.311:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.619979][   T26] audit: type=1326 audit(1749741073.311:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.620923][   T26] audit: type=1326 audit(1749741073.321:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.635389][   T26] audit: type=1326 audit(1749741073.331:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.639418][   T26] audit: type=1326 audit(1749741073.331:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.646782][   T26] audit: type=1326 audit(1749741073.341:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.646980][   T26] audit: type=1326 audit(1749741073.341:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.647344][   T26] audit: type=1326 audit(1749741073.341:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.647538][   T26] audit: type=1326 audit(1749741073.341:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efcd8e929 code=0x7ffc0000
[  537.721400][ T4296] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  537.722743][ T4296] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  537.846784][ T8397] loop0: detected capacity change from 0 to 1024
[  537.863263][ T8381] loop4: detected capacity change from 0 to 2048
[  537.924759][ T8381]  loop4: p1 < > p4
[  538.010636][ T8381] loop4: p4 size 8388608 extends beyond EOD, truncated
[  538.010832][ T8381]  loop4: p4 could not be added: -ENOMEM
[  539.012584][ T8388] tty tty26: ldisc open failed (-12), clearing slot 25
[  539.020064][ T8393] tty tty1: ldisc open failed (-12), clearing slot 0
[  539.030042][ T8397] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  539.051669][ T8390] tty tty26: ldisc open failed (-12), clearing slot 25
[  539.435434][ T8416] loop3: detected capacity change from 0 to 1024
[  539.448972][ T8415] loop4: detected capacity change from 0 to 2048
[  539.502477][ T8416] EXT4-fs: Ignoring removed nobh option
[  539.528891][ T8416] EXT4-fs: Ignoring removed bh option
[  539.545371][ T8415]  loop4: p1 < > p4
[  539.563667][ T8415] loop4: p4 size 8388608 extends beyond EOD, truncated
[  539.578535][ T8416] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  539.765869][ T8416] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  539.800752][ T8424] xt_hashlimit: size too large, truncated to 1048576
[  539.828696][ T8424] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  539.941327][ T8432] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  540.386338][ T6472] udevd[6472]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  540.430418][ T4850] udevd[4850]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  540.841437][ T4850] udevd[4850]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  540.913066][ T6472] udevd[6472]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  541.098983][ T8440] loop4: detected capacity change from 0 to 1024
[  541.127002][ T8440] EXT4-fs: Ignoring removed nobh option
[  541.170387][ T8440] EXT4-fs: Ignoring removed bh option
[  541.188985][ T8447] loop2: detected capacity change from 0 to 1024
[  541.210478][ T8440] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  541.252898][ T8447] EXT4-fs: Ignoring removed nobh option
[  541.258655][ T8447] EXT4-fs: Ignoring removed bh option
[  541.285852][ T8447] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  541.341267][ T8447] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  541.375624][ T8440] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  541.976289][ T4260] EXT4-fs (loop3): unmounting filesystem.
[  542.061406][ T8456] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.947: Allocating blocks 497-513 which overlap fs metadata
[  543.139073][ T8469] netlink: 87 bytes leftover after parsing attributes in process `syz.3.954'.
[  543.141543][ T8467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.953'.
[  543.192563][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  543.211926][ T8467] IPVS: Error joining to the multicast group
[  543.416266][ T8472] loop3: detected capacity change from 0 to 2048
[  543.435814][ T8473] loop4: detected capacity change from 0 to 2048
[  543.546562][ T8472]  loop3: p1 < > p4
[  543.565999][ T8473]  loop4: p1 < > p4
[  543.596586][ T8473] loop4: p4 size 8388608 extends beyond EOD, truncated
[  543.604427][ T8472] loop3: p4 size 8388608 extends beyond EOD, truncated
[  544.697732][   T26] kauditd_printk_skb: 65 callbacks suppressed
[  544.697746][   T26] audit: type=1326 audit(1749741080.391:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  544.764551][ T6472] udevd[6472]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  544.781291][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  544.793215][   T26] audit: type=1326 audit(1749741080.391:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  544.886086][ T6815] udevd[6815]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  544.886250][ T6472] udevd[6472]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  544.920004][   T26] audit: type=1326 audit(1749741080.391:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  544.924388][ T8489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.962'.
[  545.031567][   T26] audit: type=1326 audit(1749741080.391:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  545.077639][ T8489] IPVS: Error joining to the multicast group
[  545.097359][   T26] audit: type=1326 audit(1749741080.391:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  545.158795][   T26] audit: type=1326 audit(1749741080.391:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  545.198484][ T8495] loop2: detected capacity change from 0 to 1024
[  545.247188][   T26] audit: type=1326 audit(1749741080.391:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  545.441504][   T26] audit: type=1326 audit(1749741080.391:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  545.606773][ T8499] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  545.674386][ T4410] Bluetooth: hci5: Frame reassembly failed (-84)
[  545.949557][   T26] audit: type=1326 audit(1749741080.391:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  546.255106][   T26] audit: type=1326 audit(1749741080.391:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d15f8e929 code=0x7ffc0000
[  547.730630][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  548.143455][ T8523] netlink: 8 bytes leftover after parsing attributes in process `syz.2.972'.
[  548.171463][ T8523] IPVS: Error joining to the multicast group
[  548.462386][ T8532] netlink: 100 bytes leftover after parsing attributes in process `syz.2.975'.
[  548.484719][ T4338] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  548.503620][ T4338] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  548.984580][ T8540] xt_hashlimit: size too large, truncated to 1048576
[  548.993945][ T8540] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  549.097898][ T8541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  549.177350][ T8539] tipc: Resetting bearer <eth:syzkaller0>
[  549.200840][ T8448] Set syz1 is full, maxelem 65536 reached
[  550.181614][ T8556] loop0: detected capacity change from 0 to 1024
[  550.202539][ T4668] tipc: Node number set to 1512816425
[  550.653509][ T8562] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  550.901928][   T32] Bluetooth: hci5: Frame reassembly failed (-84)
[  550.922445][   T32] Bluetooth: hci5: Frame reassembly failed (-84)
[  552.770596][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  552.780871][ T4254] Bluetooth: hci5: command 0x1003 tx timeout
[  553.289511][ T8515] Set syz1 is full, maxelem 65536 reached
[  553.894093][   T26] kauditd_printk_skb: 71 callbacks suppressed
[  553.894110][   T26] audit: type=1326 audit(1749741089.581:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  553.896638][ T4668] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  553.922883][   T26] audit: type=1326 audit(1749741089.581:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  553.975313][   T26] audit: type=1326 audit(1749741089.581:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  553.997999][ T4668] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  553.998409][   T26] audit: type=1326 audit(1749741089.581:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.041603][   T26] audit: type=1326 audit(1749741089.581:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.110616][   T26] audit: type=1326 audit(1749741089.581:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.157936][   T26] audit: type=1326 audit(1749741089.581:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.196379][   T26] audit: type=1326 audit(1749741089.581:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.226957][   T26] audit: type=1326 audit(1749741089.581:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.256545][   T26] audit: type=1326 audit(1749741089.581:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118758e929 code=0x7ffc0000
[  554.334579][ T8539] tipc: Disabling bearer <eth:syzkaller0>
[  554.749890][ T8591] xt_hashlimit: size too large, truncated to 1048576
[  554.762785][ T8591] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  555.619183][ T8596] loop4: detected capacity change from 0 to 1024
[  555.639397][ T8591] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  555.641578][ T8596] EXT4-fs: Ignoring removed nobh option
[  555.689173][ T8589] tipc: Disabling bearer <eth:syzkaller0>
[  555.700499][ T8596] EXT4-fs: Ignoring removed bh option
[  555.709116][ T8596] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  555.743547][ T8606] loop3: detected capacity change from 0 to 1024
[  555.776584][ T8606] EXT4-fs: Ignoring removed nobh option
[  555.800503][ T8606] EXT4-fs: Ignoring removed bh option
[  555.818273][ T8606] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  555.852354][ T8607] loop0: detected capacity change from 0 to 1024
[  555.856265][ T8596] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  555.885903][ T8607] EXT4-fs: Ignoring removed nobh option
[  555.940803][ T8612] loop2: detected capacity change from 0 to 1024
[  555.963983][ T8607] EXT4-fs: Ignoring removed bh option
[  556.142897][ T8607] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  556.204516][ T8606] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  556.310250][ T8616] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  557.017016][ T8607] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  557.033181][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  557.383144][ T8605] ==================================================================
[  557.391256][ T8605] BUG: KASAN: use-after-free in ext4_find_extent+0xbcc/0xe00
[  557.398665][ T8605] Read of size 4 at addr ffff888049ddf018 by task syz.0.1001/8605
[  557.406536][ T8605] 
[  557.408896][ T8605] CPU: 1 PID: 8605 Comm: syz.0.1001 Not tainted 6.1.141-syzkaller #0
[  557.416996][ T8605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  557.427089][ T8605] Call Trace:
[  557.430394][ T8605]  <TASK>
[  557.433352][ T8605]  dump_stack_lvl+0x168/0x22e
[  557.438068][ T8605]  ? __lock_acquire+0x7c50/0x7c50
[  557.443214][ T8605]  ? show_regs_print_info+0x12/0x12
[  557.448452][ T8605]  ? load_image+0x3b0/0x3b0
[  557.452986][ T8605]  ? __virt_addr_valid+0x465/0x540
[  557.458155][ T8605]  ? ext4_find_extent+0xbcc/0xe00
[  557.463216][ T8605]  print_report+0xa8/0x220
[  557.467661][ T8605]  kasan_report+0x10b/0x140
[  557.472209][ T8605]  ? ext4_find_extent+0xbcc/0xe00
[  557.477270][ T8605]  ext4_find_extent+0xbcc/0xe00
[  557.482156][ T8605]  ext4_ext_map_blocks+0x27d/0x66d0
[  557.487383][ T8605]  ? __lock_acquire+0x12e5/0x7c50
[  557.492453][ T8605]  ? ext4_ext_release+0x10/0x10
[  557.497337][ T8605]  ? rwsem_write_trylock+0x12f/0x1b0
[  557.502660][ T8605]  ? ext4_es_lookup_extent+0x443/0xb20
[  557.508159][ T8605]  ext4_map_blocks+0x9d1/0x1b60
[  557.513057][ T8605]  ? ext4_issue_zeroout+0x250/0x250
[  557.518297][ T8605]  _ext4_get_block+0x1d7/0x4e0
[  557.523090][ T8605]  ? alloc_buffer_head+0xd4/0x100
[  557.528157][ T8605]  ? __lock_acquire+0x7c50/0x7c50
[  557.533224][ T8605]  ? ext4_get_block+0x40/0x40
[  557.537936][ T8605]  ? attach_page_private+0x110/0x300
[  557.543268][ T8605]  ? create_empty_buffers+0x59e/0x7a0
[  557.548674][ T8605]  ? do_raw_spin_unlock+0x11d/0x230
[  557.553898][ T8605]  ext4_get_block_unwritten+0x2a/0x100
[  557.559393][ T8605]  __block_write_begin_int+0x54b/0x1a70
[  557.564967][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  557.569918][ T8605]  ? page_zero_new_buffers+0x650/0x650
[  557.575404][ T8605]  ? ext4_journal_check_start+0x17e/0x240
[  557.581156][ T8605]  block_page_mkwrite+0x2d8/0x5f0
[  557.586214][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  557.591155][ T8605]  ext4_page_mkwrite+0x3b2/0x10c0
[  557.596187][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  557.601132][ T8605]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  557.607403][ T8605]  ? count_memcg_event_mm+0x8f/0x3b0
[  557.612696][ T8605]  ? count_memcg_event_mm+0x358/0x3b0
[  557.618077][ T8605]  ? vm_normal_page+0x95/0x1d0
[  557.622842][ T8605]  do_page_mkwrite+0x16b/0x5c0
[  557.627625][ T8605]  wp_page_shared+0x167/0x370
[  557.632317][ T8605]  handle_mm_fault+0x1ca6/0x3e70
[  557.637264][ T8605]  ? mt_find+0x145/0x810
[  557.641522][ T8605]  ? numa_migrate_prep+0x250/0x250
[  557.646657][ T8605]  ? lock_chain_count+0x20/0x20
[  557.651522][ T8605]  ? lock_mm_and_find_vma+0xae/0x2f0
[  557.656820][ T8605]  do_user_addr_fault+0x51f/0xb10
[  557.661862][ T8605]  exc_page_fault+0x60/0x100
[  557.666450][ T8605]  asm_exc_page_fault+0x22/0x30
[  557.671330][ T8605] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  557.677929][ T8605] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  557.697546][ T8605] RSP: 0018:ffffc9000336fa88 EFLAGS: 00050246
[  557.703617][ T8605] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  557.711591][ T8605] RDX: 0000000000000040 RSI: ffffc9000336fb20 RDI: 000020000004f000
[  557.719561][ T8605] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff5200066df6c
[  557.727532][ T8605] R10: fffff5200066df6c R11: 1ffff9200066df64 R12: 00007fffffffefc0
[  557.735518][ T8605] R13: 000000007ffe3a80 R14: 000020000004f000 R15: ffffc9000336fb20
[  557.743495][ T8605]  ? _copy_to_user+0xa1/0x130
[  557.748184][ T8605]  _copy_to_user+0xea/0x130
[  557.752697][ T8605]  rng_dev_read+0x3c5/0x710
[  557.757204][ T8605]  ? hwrng_yield+0x20/0x20
[  557.761624][ T8605]  ? common_file_perm+0x171/0x1c0
[  557.766676][ T8605]  ? fsnotify_perm+0x39b/0x550
[  557.771456][ T8605]  do_iter_read+0x49f/0xb10
[  557.775963][ T8605]  ? vfs_iter_read+0xa0/0xa0
[  557.780556][ T8605]  ? __import_iovec+0x315/0x500
[  557.785415][ T8605]  ? import_iovec+0x6f/0xa0
[  557.789942][ T8605]  do_preadv+0x1f6/0x330
[  557.794191][ T8605]  ? do_writev+0x410/0x410
[  557.798615][ T8605]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  557.804606][ T8605]  ? lock_chain_count+0x20/0x20
[  557.809477][ T8605]  ? lockdep_hardirqs_on+0x94/0x140
[  557.814675][ T8605]  do_syscall_64+0x4c/0xa0
[  557.819114][ T8605]  ? clear_bhb_loop+0x60/0xb0
[  557.823796][ T8605]  ? clear_bhb_loop+0x60/0xb0
[  557.828474][ T8605]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  557.834377][ T8605] RIP: 0033:0x7f0294d8e929
[  557.838806][ T8605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.858415][ T8605] RSP: 002b:00007f0295b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  557.866837][ T8605] RAX: ffffffffffffffda RBX: 00007f0294fb5fa0 RCX: 00007f0294d8e929
[  557.874815][ T8605] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005
[  557.882793][ T8605] RBP: 00007f0294e10b39 R08: 0000000000000000 R09: 0000000000000000
[  557.890778][ T8605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  557.898759][ T8605] R13: 0000000000000000 R14: 00007f0294fb5fa0 R15: 00007ffe560ef6b8
[  557.906744][ T8605]  </TASK>
[  557.909765][ T8605] 
[  557.912089][ T8605] The buggy address belongs to the physical page:
[  557.918506][ T8605] page:ffffea00012777c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x49ddf
[  557.928667][ T8605] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  557.935788][ T8605] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[  557.944378][ T8605] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  557.952983][ T8605] page dumped because: kasan: bad access detected
[  557.959408][ T8605] page_owner tracks the page as freed
[  557.964777][ T8605] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 8274, tgid 8273 (syz.4.900), ts 524936024344, free_ts 525894726222
[  557.982406][ T8605]  post_alloc_hook+0x173/0x1a0
[  557.987194][ T8605]  get_page_from_freelist+0x1a26/0x1ac0
[  557.992747][ T8605]  __alloc_pages+0x1df/0x4e0
[  557.997337][ T8605]  __folio_alloc+0xe/0x30
[  558.001668][ T8605]  vma_alloc_folio+0x4a3/0x900
[  558.006442][ T8605]  shmem_alloc_and_acct_folio+0x42e/0xb60
[  558.012198][ T8605]  shmem_get_folio_gfp+0x1361/0x3400
[  558.017501][ T8605]  shmem_fault+0x1be/0x7b0
[  558.021944][ T8605]  __do_fault+0x13b/0x4e0
[  558.026281][ T8605]  handle_mm_fault+0x28ca/0x3e70
[  558.031225][ T8605]  __get_user_pages+0x3ff/0xeb0
[  558.036084][ T8605]  populate_vma_page_range+0x214/0x2b0
[  558.041570][ T8605]  __mm_populate+0x248/0x370
[  558.046167][ T8605]  vm_mmap_pgoff+0x203/0x2b0
[  558.050834][ T8605]  do_syscall_64+0x4c/0xa0
[  558.055263][ T8605]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  558.061214][ T8605] page last free stack trace:
[  558.065878][ T8605]  free_unref_page_prepare+0x8b4/0x9a0
[  558.071349][ T8605]  free_unref_page_list+0xbb/0x8e0
[  558.076486][ T8605]  release_pages+0x1f92/0x2200
[  558.081263][ T8605]  __pagevec_release+0x6d/0xe0
[  558.086031][ T8605]  shmem_undo_range+0x75b/0x2050
[  558.090971][ T8605]  shmem_evict_inode+0x248/0xa40
[  558.095933][ T8605]  evict+0x485/0x870
[  558.099835][ T8605]  __dentry_kill+0x431/0x650
[  558.104437][ T8605]  dentry_kill+0xb8/0x290
[  558.108768][ T8605]  dput+0xfa/0x1d0
[  558.112497][ T8605]  __fput+0x5e0/0x920
[  558.116501][ T8605]  task_work_run+0x1ca/0x250
[  558.121114][ T8605]  do_exit+0x936/0x2400
[  558.125293][ T8605]  do_group_exit+0x217/0x2d0
[  558.129889][ T8605]  __x64_sys_exit_group+0x3b/0x40
[  558.134927][ T8605]  do_syscall_64+0x4c/0xa0
[  558.139360][ T8605] 
[  558.141706][ T8605] Memory state around the buggy address:
[  558.147362][ T8605]  ffff888049ddef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  558.155444][ T8605]  ffff888049ddef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  558.163511][ T8605] >ffff888049ddf000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  558.171570][ T8605]                             ^
[  558.176428][ T8605]  ffff888049ddf080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  558.184502][ T8605]  ffff888049ddf100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  558.192582][ T8605] ==================================================================
[  558.260486][ T8605] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  558.267741][ T8605] CPU: 0 PID: 8605 Comm: syz.0.1001 Not tainted 6.1.141-syzkaller #0
[  558.275833][ T8605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  558.286133][ T8605] Call Trace:
[  558.289436][ T8605]  <TASK>
[  558.292387][ T8605]  dump_stack_lvl+0x168/0x22e
[  558.297101][ T8605]  ? memcpy+0x3c/0x60
[  558.301125][ T8605]  ? show_regs_print_info+0x12/0x12
[  558.306374][ T8605]  ? load_image+0x3b0/0x3b0
[  558.310935][ T8605]  panic+0x2c9/0x710
[  558.314849][ T8605]  ? bpf_jit_dump+0xd0/0xd0
[  558.319390][ T8605]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  558.325305][ T8605]  ? _raw_spin_unlock+0x40/0x40
[  558.330196][ T8605]  ? print_memory_metadata+0x314/0x400
[  558.335669][ T8605]  check_panic_on_warn+0x80/0xa0
[  558.340630][ T8605]  ? ext4_find_extent+0xbcc/0xe00
[  558.345796][ T8605]  end_report+0x66/0x110
[  558.350060][ T8605]  kasan_report+0x118/0x140
[  558.354591][ T8605]  ? ext4_find_extent+0xbcc/0xe00
[  558.359638][ T8605]  ext4_find_extent+0xbcc/0xe00
[  558.364506][ T8605]  ext4_ext_map_blocks+0x27d/0x66d0
[  558.369718][ T8605]  ? __lock_acquire+0x12e5/0x7c50
[  558.374773][ T8605]  ? ext4_ext_release+0x10/0x10
[  558.379636][ T8605]  ? rwsem_write_trylock+0x12f/0x1b0
[  558.384931][ T8605]  ? ext4_es_lookup_extent+0x443/0xb20
[  558.390494][ T8605]  ext4_map_blocks+0x9d1/0x1b60
[  558.395365][ T8605]  ? ext4_issue_zeroout+0x250/0x250
[  558.400577][ T8605]  _ext4_get_block+0x1d7/0x4e0
[  558.405348][ T8605]  ? alloc_buffer_head+0xd4/0x100
[  558.410383][ T8605]  ? __lock_acquire+0x7c50/0x7c50
[  558.415420][ T8605]  ? ext4_get_block+0x40/0x40
[  558.420105][ T8605]  ? attach_page_private+0x110/0x300
[  558.425412][ T8605]  ? create_empty_buffers+0x59e/0x7a0
[  558.430796][ T8605]  ? do_raw_spin_unlock+0x11d/0x230
[  558.436006][ T8605]  ext4_get_block_unwritten+0x2a/0x100
[  558.441469][ T8605]  __block_write_begin_int+0x54b/0x1a70
[  558.447036][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  558.451993][ T8605]  ? page_zero_new_buffers+0x650/0x650
[  558.457462][ T8605]  ? ext4_journal_check_start+0x17e/0x240
[  558.463192][ T8605]  block_page_mkwrite+0x2d8/0x5f0
[  558.468212][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  558.473149][ T8605]  ext4_page_mkwrite+0x3b2/0x10c0
[  558.478172][ T8605]  ? _ext4_get_block+0x4e0/0x4e0
[  558.483117][ T8605]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  558.489359][ T8605]  ? count_memcg_event_mm+0x8f/0x3b0
[  558.494640][ T8605]  ? count_memcg_event_mm+0x358/0x3b0
[  558.500008][ T8605]  ? vm_normal_page+0x95/0x1d0
[  558.504771][ T8605]  do_page_mkwrite+0x16b/0x5c0
[  558.509533][ T8605]  wp_page_shared+0x167/0x370
[  558.514216][ T8605]  handle_mm_fault+0x1ca6/0x3e70
[  558.519177][ T8605]  ? mt_find+0x145/0x810
[  558.523433][ T8605]  ? numa_migrate_prep+0x250/0x250
[  558.528572][ T8605]  ? lock_chain_count+0x20/0x20
[  558.533430][ T8605]  ? lock_mm_and_find_vma+0xae/0x2f0
[  558.538714][ T8605]  do_user_addr_fault+0x51f/0xb10
[  558.543753][ T8605]  exc_page_fault+0x60/0x100
[  558.548343][ T8605]  asm_exc_page_fault+0x22/0x30
[  558.553194][ T8605] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  558.559787][ T8605] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  558.579386][ T8605] RSP: 0018:ffffc9000336fa88 EFLAGS: 00050246
[  558.585451][ T8605] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  558.593425][ T8605] RDX: 0000000000000040 RSI: ffffc9000336fb20 RDI: 000020000004f000
[  558.601397][ T8605] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff5200066df6c
[  558.609364][ T8605] R10: fffff5200066df6c R11: 1ffff9200066df64 R12: 00007fffffffefc0
[  558.617333][ T8605] R13: 000000007ffe3a80 R14: 000020000004f000 R15: ffffc9000336fb20
[  558.625312][ T8605]  ? _copy_to_user+0xa1/0x130
[  558.629999][ T8605]  _copy_to_user+0xea/0x130
[  558.634508][ T8605]  rng_dev_read+0x3c5/0x710
[  558.639010][ T8605]  ? hwrng_yield+0x20/0x20
[  558.643431][ T8605]  ? common_file_perm+0x171/0x1c0
[  558.648459][ T8605]  ? fsnotify_perm+0x39b/0x550
[  558.653235][ T8605]  do_iter_read+0x49f/0xb10
[  558.657742][ T8605]  ? vfs_iter_read+0xa0/0xa0
[  558.662324][ T8605]  ? __import_iovec+0x315/0x500
[  558.667181][ T8605]  ? import_iovec+0x6f/0xa0
[  558.671707][ T8605]  do_preadv+0x1f6/0x330
[  558.675948][ T8605]  ? do_writev+0x410/0x410
[  558.680384][ T8605]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  558.686380][ T8605]  ? lock_chain_count+0x20/0x20
[  558.691239][ T8605]  ? lockdep_hardirqs_on+0x94/0x140
[  558.696442][ T8605]  do_syscall_64+0x4c/0xa0
[  558.700895][ T8605]  ? clear_bhb_loop+0x60/0xb0
[  558.705586][ T8605]  ? clear_bhb_loop+0x60/0xb0
[  558.710278][ T8605]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  558.716189][ T8605] RIP: 0033:0x7f0294d8e929
[  558.720611][ T8605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.740232][ T8605] RSP: 002b:00007f0295b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  558.748659][ T8605] RAX: ffffffffffffffda RBX: 00007f0294fb5fa0 RCX: 00007f0294d8e929
[  558.756635][ T8605] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005
[  558.764614][ T8605] RBP: 00007f0294e10b39 R08: 0000000000000000 R09: 0000000000000000
[  558.772589][ T8605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  558.780562][ T8605] R13: 0000000000000000 R14: 00007f0294fb5fa0 R15: 00007ffe560ef6b8
[  558.788545][ T8605]  </TASK>
[  558.791918][ T8605] Kernel Offset: disabled
[  558.796271][ T8605] Rebooting in 86400 seconds..