last executing test programs:

3m21.098696216s ago: executing program 5 (id=2444):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = inotify_init()
creat(&(0x7f00000000c0)='./file0\x00', 0x80)
inotify_add_watch(r2, &(0x7f0000000000)='./file0\x00', 0x4000cdd)
close_range(r1, 0xffffffffffffffff, 0x0)

3m19.677252936s ago: executing program 5 (id=2449):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)

3m18.471534047s ago: executing program 5 (id=2458):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a1000"/196], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r3, 0xc0404806, &(0x7f0000000040))
ioctl$HIDIOCSFEATURE(r3, 0xc0404806, &(0x7f0000000440))
close_range(r1, 0xffffffffffffffff, 0x0)

3m16.537121676s ago: executing program 5 (id=2474):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000002340)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000014c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x4000000000]}, 0x8, 0x0)
faccessat2(r5, &(0x7f0000000040)='\x00', 0x2, 0x1200)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r8 = gettid()
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r9, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r9, 0x4040534e, &(0x7f00000000c0)={0x31, @tick=0x40, 0x4, {0x0, 0x2}, 0xa, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r9, 0x80045300, &(0x7f0000000180))
tkill(r8, 0x7)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r7, 0x0)
socketpair(0x23, 0x2, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
accept$phonet_pipe(r10, &(0x7f0000000000), &(0x7f0000000080)=0x10)
ioprio_get$uid(0x3, 0x0)
ioctl$sock_SIOCGIFCONF(r11, 0x8912, &(0x7f0000000540)=@buf)

3m12.264658268s ago: executing program 5 (id=2499):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = inotify_init()
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r2, &(0x7f0000000240)='./file0\x00', 0x4000cdd)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x1, 0x2, &(0x7f0000000140)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b0000000500000007000000090000000100", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000100"/28], 0x50)
r4 = openat$vcs(0xffffffffffffff9c, 0x0, 0x202000, 0x0)
inotify_rm_watch(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@map=<r8=>0x1, 0x2, 0x0, 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x11, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000580)}, 0x23)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYBLOB="0000000010000000", @ANYRES16=r8, @ANYBLOB, @ANYRES32=r6, @ANYBLOB="490c901801eb52657537b1873274541cfcb59f7a803bcf6367bf018e6d6a3b262dd4beb01a6e85cb2ac74961672d743213a01df7c59e7680c09fb00ec1b83f6c1da2df534650343059a4b0cd60ad99668a85f4d6a41ba0b4f5aaa0b23463062614f8cfefee206553393fb24b58d751124afabb49ccf5787b9eb84a28fa9503604efaf76190b60d89f42513a8b61c3ef80289c637e33f3553f46d6fe436cb7b55c075ff3602b8ff3b8cfdabc42a5c50bd6f19b44f7b894e853f70bd63f9cd9f1dc11647e123786af02b0fc367456aefbb547aa83c57b578c0d80f57bee3d6e8ba055e404ee42d831baf", @ANYRES16], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000680)=ANY=[@ANYBLOB="0600000004000000be7000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000000000000000000000000000c200000000000000c0e0e759af1e6a3905503df4b605d3aa8d5fd082ab4a932f82e991f4bc3fd0b8b00d4b4ba305e6b91897dab37c85833947efb5d1489ecd057bd45a4580af1c7bdc1ca6e741b6bf046e26f01d158f28fefaa8bd3524ba8fe67e97f425fc1dff6f47698ed3ec4799908e7c58bb883f7ae2e95b696039a7f4ffae3147f2e20fdd4af37d306a2514b7e11747"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)

3m10.84029964s ago: executing program 5 (id=2507):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x2301)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000180))
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0)

3m10.405084824s ago: executing program 32 (id=2507):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x2301)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000180))
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0)

2m23.406627611s ago: executing program 3 (id=2847):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = inotify_init()
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r2, &(0x7f0000000240)='./file0\x00', 0x4000cdd)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x1, 0x2, &(0x7f0000000140)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b0000000500000007000000090000000100", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000100"/28], 0x50)
r4 = openat$vcs(0xffffffffffffff9c, 0x0, 0x202000, 0x0)
inotify_rm_watch(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@map=<r8=>0x1, 0x2, 0x0, 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x11, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000580)}, 0x23)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYBLOB="0000000010000000", @ANYRES16=r8, @ANYBLOB, @ANYRES32=r6, @ANYBLOB="490c901801eb52657537b1873274541cfcb59f7a803bcf6367bf018e6d6a3b262dd4beb01a6e85cb2ac74961672d743213a01df7c59e7680c09fb00ec1b83f6c1da2df534650343059a4b0cd60ad99668a85f4d6a41ba0b4f5aaa0b23463062614f8cfefee206553393fb24b58d751124afabb49ccf5787b9eb84a28fa9503604efaf76190b60d89f42513a8b61c3ef80289c637e33f3553f46d6fe436cb7b55c075ff3602b8ff3b8cfdabc42a5c50bd6f19b44f7b894e853f70bd63f9cd9f1dc11647e123786af02b0fc367456aefbb547aa83c57b578c0d80f57bee3d6e8ba055e404ee42d831baf", @ANYRES16], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000680)=ANY=[@ANYBLOB="0600000004000000be7000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000000000000000000000000000c200000000000000c0e0e759af1e6a3905503df4b605d3aa8d5fd082ab4a932f82e991f4bc3fd0b8b00d4b4ba305e6b91897dab37c85833947efb5d1489ecd057bd45a4580af1c7bdc1ca6e741b6bf046e26f01d158f28fefaa8bd3524ba8fe67e97f425fc1dff6f47698ed3ec4799908e7c58bb883f7ae2e95b696039a7f4ffae3147f2e20fdd4af37d306a2514b7e11747"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)

2m22.78869033s ago: executing program 3 (id=2852):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES8=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000000000000000000000000000018110000", @ANYBLOB="5ea97eaac3b0ba7b203661dd937f90ef983d6d0b92503e7375ef457984bd6461d230697160c2e0acf932b4f2b938", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
ioperm(0x5, 0xa, 0x100000000000)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30160000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073"], 0xfc}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='qrtr_ns_message\x00', 0xffffffffffffffff, 0x0, 0x2}, 0xfffffd18)
openat$sysfs(0xffffff9c, &(0x7f00000001c0)='/sys/power/pm_trace', 0x42, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0xfec5)
r3 = gettid()
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001640)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0xfffffffffffffe3b)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r7 = accept(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
recvfrom(r6, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

2m21.678479215s ago: executing program 3 (id=2867):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004e3ffff06000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

2m21.520937273s ago: executing program 3 (id=2868):
syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x1540c, 0x0, 0x0, 0x0, &(0x7f0000000300))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x4b800, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000002400)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'})

2m21.159435467s ago: executing program 3 (id=2873):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000002340)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000014c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x4000000000]}, 0x8, 0x0)
faccessat2(r5, &(0x7f0000000040)='\x00', 0x2, 0x1200)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r8 = gettid()
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r9, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r9, 0x4040534e, &(0x7f00000000c0)={0x31, @tick=0x40, 0x4, {0x0, 0x2}, 0xa, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r9, 0x80045300, &(0x7f0000000180))
tkill(r8, 0x7)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r7, 0x0)
socketpair(0x23, 0x2, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
accept$phonet_pipe(r10, &(0x7f0000000000), &(0x7f0000000080)=0x10)
ioprio_get$uid(0x3, 0x0)
ioctl$sock_SIOCGIFCONF(r11, 0x8912, &(0x7f0000000540)=@buf)

2m20.791874805s ago: executing program 3 (id=2878):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
sendmsg$nl_route(r3, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r8, @ANYRES32=r7], 0x4c}}, 0x0)
r9 = socket(0x1, 0x803, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r11}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x4c}}, 0x0)

2m20.279568166s ago: executing program 33 (id=2878):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
sendmsg$nl_route(r3, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r8, @ANYRES32=r7], 0x4c}}, 0x0)
r9 = socket(0x1, 0x803, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r11}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x4c}}, 0x0)

10.690257603s ago: executing program 7 (id=3544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYRES8, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x4bf30000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000000000006a0a00ff00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d23abff0feef91bfa0f76b74635fc9f9de9ca3c0ec8cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583412dff048f0000000000000007b272"], &(0x7f0000000340)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xffff0004, 0xf0, 0xe200, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r5}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000380)=r8}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000740)={r9, &(0x7f00000006c0)}, 0x20)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000040)={0x4, 0x1000, 0x2000}, 0x10)

10.559315668s ago: executing program 7 (id=3545):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f00000005c0)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@abort}, {@data_err_ignore}, {@discard}, {@nodiscard}, {@grpquota}, {@quota}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f0000000c00)="$eJzs3U9rHOUfAPDvbJI2/fP7NYVSVEQCPVip3TSJfyp4qEfRYkHvdUm2oWTTLdlNaWLB9mAvXqQIIhbEu949Ft+Ar6KghSIl2IOXyExmmm2ym6TtNpu6nw9seJ6Z2Xmeb2aeZ59nZpYNoG+Npn9KES9HxDdJxKGISPJ1g5GvHF3dbvnBtan0lcTKyqd/Jdl2ab7YV/G+A3nmpYj47auIE6WN5TYWl2YrtVp1Ps+PNecujzUWl05enKvMVGeqlyYmJ0+/PTnx3rvvdC3WN849/P6TOx+e/vrY8ne/3Dt8K4kzcTBf1xrHM7jemhmN0fx/MhRn1m043oXCdpOk1xXgqQzk7Xwo0j7gUAzkrR747/syIlaAPpVo/9CninFAMbePYh78sJejkp1z/4PVCVAR/9p1gMHVayMxnM2N9i8nj82M0vnuSBfKT8v49c/bt9JXdO86BMCWrt+IiFODgxv7vyTv/57U2sXeU9vYen0Z+j/YOXfS8c+b7cY/pRjNrg4PZ7n1458Dbdru09i6/ZfudaGYjtLx3/vRPv7cyECe+1825htKLlysVdO+7f8RcTyG9qb5ze7nnF6+u9Jp3ejqrm8VY8C0/GIsmNfj3uDex98zXWlWniXmVvdvRLzSdvybPBr/Jm2Of1rpc9ss42j19mud1rWOf9vH/3yt/BTxetvjv3ZHK9n8/uRYdj6MFWfFRn/fPPp7p/J7HX96/PdvHv9I0nq/trH5/obbLPtx+J9qp+0fiz+2f/7vST7L0nvyZVcrzeb8eMSe5OONyyfW3lvki+3T+I8f69T/Rcfzf19EfL75v+KRm0d+fnVb8ffo+E8/0fFvTUSyfkm7xN2PvvihU/lbx58e/7ey1PF8yXb6v+3Ua+uzGQAAAAAAAF4spYg4GEmp/ChdKpXLq893HIn9pVq90Txxob5waTqy78qOxFCpuNN9qOV5iPH8edgiP7EuPxkRhyPi24F9Wb48Va9N9zp4AAAAAAAAAAAAAAAAAAAA2CUOdPj+f+qPgV7XDnju/OQ39K8t2383fukJ2JV8/kP/0v6hf2n/0L+y9p/0uhZAL/j8h/6l/UP/0v6hf2n/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FXnzp5NXyvLD65NpfnpK4sLs/UrJ6erjdny3MJUeao+f7k8U6/P1KrlqfrcVvur1euXxydi4epYs9pojjUWl87P1RcuNc9fnKvMVM9Xh3YkKgAAAAAAAAAAAAAAAAAAAHixNBaXZiu1WnVeQuKpEoO7oxoSXUucyRK97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM2/AQAA//+3LjSI")
openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x20240, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)

9.461917075s ago: executing program 1 (id=3551):
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000080))
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="9115463ecc790180c200000308060001080006040002aaaaaaaaaabbac1414baaaaaaaaaaa23ac"], 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000480)={'batadv0\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)

8.857324941s ago: executing program 1 (id=3552):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f00000005c0)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@abort}, {@data_err_ignore}, {@discard}, {@nodiscard}, {@grpquota}, {@quota}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f0000000c00)="$eJzs3U9rHOUfAPDvbJI2/fP7NYVSVEQCPVip3TSJfyp4qEfRYkHvdUm2oWTTLdlNaWLB9mAvXqQIIhbEu949Ft+Ar6KghSIl2IOXyExmmm2ym6TtNpu6nw9seJ6Z2Xmeb2aeZ59nZpYNoG+Npn9KES9HxDdJxKGISPJ1g5GvHF3dbvnBtan0lcTKyqd/Jdl2ab7YV/G+A3nmpYj47auIE6WN5TYWl2YrtVp1Ps+PNecujzUWl05enKvMVGeqlyYmJ0+/PTnx3rvvdC3WN849/P6TOx+e/vrY8ne/3Dt8K4kzcTBf1xrHM7jemhmN0fx/MhRn1m043oXCdpOk1xXgqQzk7Xwo0j7gUAzkrR747/syIlaAPpVo/9CninFAMbePYh78sJejkp1z/4PVCVAR/9p1gMHVayMxnM2N9i8nj82M0vnuSBfKT8v49c/bt9JXdO86BMCWrt+IiFODgxv7vyTv/57U2sXeU9vYen0Z+j/YOXfS8c+b7cY/pRjNrg4PZ7n1458Dbdru09i6/ZfudaGYjtLx3/vRPv7cyECe+1825htKLlysVdO+7f8RcTyG9qb5ze7nnF6+u9Jp3ejqrm8VY8C0/GIsmNfj3uDex98zXWlWniXmVvdvRLzSdvybPBr/Jm2Of1rpc9ss42j19mud1rWOf9vH/3yt/BTxetvjv3ZHK9n8/uRYdj6MFWfFRn/fPPp7p/J7HX96/PdvHv9I0nq/trH5/obbLPtx+J9qp+0fiz+2f/7vST7L0nvyZVcrzeb8eMSe5OONyyfW3lvki+3T+I8f69T/Rcfzf19EfL75v+KRm0d+fnVb8ffo+E8/0fFvTUSyfkm7xN2PvvihU/lbx58e/7ey1PF8yXb6v+3Ua+uzGQAAAAAAAF4spYg4GEmp/ChdKpXLq893HIn9pVq90Txxob5waTqy78qOxFCpuNN9qOV5iPH8edgiP7EuPxkRhyPi24F9Wb48Va9N9zp4AAAAAAAAAAAAAAAAAAAA2CUOdPj+f+qPgV7XDnju/OQ39K8t2383fukJ2JV8/kP/0v6hf2n/0L+y9p/0uhZAL/j8h/6l/UP/0v6hf2n/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FXnzp5NXyvLD65NpfnpK4sLs/UrJ6erjdny3MJUeao+f7k8U6/P1KrlqfrcVvur1euXxydi4epYs9pojjUWl87P1RcuNc9fnKvMVM9Xh3YkKgAAAAAAAAAAAAAAAAAAAHixNBaXZiu1WnVeQuKpEoO7oxoSXUucyRK97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM2/AQAA//+3LjSI")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x20240, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
sendfile(0xffffffffffffffff, r3, 0x0, 0x7ffff000)
r4 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r4, 0x0, 0x0, 0x8800000)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)

8.730785463s ago: executing program 0 (id=3553):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x1000000000}, 0x18)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x40900, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000240)={[{@errors_continue}, {@data_err_abort}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@noinit_itable}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x9, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, 0x0)
shutdown(r2, 0x1)
bind$unix(r2, &(0x7f0000000180)=@file={0x1, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)

8.227026162s ago: executing program 7 (id=3554):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
syz_open_procfs(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r0, &(0x7f0000000140)='2', 0xfcd1, 0xfecc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1, 0x0, 0x81}, 0x18)

7.910181092s ago: executing program 0 (id=3555):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
unshare(0x62040200)

6.145831927s ago: executing program 1 (id=3561):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f0000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x28010000, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000180)="d0ab6b333cc6fe507439ab98f4e57a5b4bc7af950e2788a4ee54676f903b5077a7612365bb067aa1b68f07ad5f82")
r1 = socket(0x2, 0x805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x4668, &(0x7f0000000040)={0x0, 0xc89f, 0xc002, 0x2, 0x20002f7})
read(r3, &(0x7f00000019c0)=""/4097, 0x1001)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f00000007c0)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r4=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000480)={r4, 0xffffffff, 0x80000007, 0xfffffff7}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$dupfd(r5, 0x0, r5)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000010000100fefffffffbdbdf25fc000000000000000000000000000000e0000002000000000000000000000000000107144e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c0000007f000001000000000000000000000000000000000000000092010000580000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff0000000000000000070000000000000000000000000000001f00000000000000feffffffffffffff01000000fcffffff000000002abd700004350000020001003400000000000000480003006465666c61746500"/207], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
socket$key(0xf, 0x3, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r7, 0x5393, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14142500000000000000000000000000000000000000009201000000000000a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff000000008000000000350000020001002052377aae00000000"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

6.066199365s ago: executing program 6 (id=3562):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
io_uring_register$IORING_REGISTER_PBUF_STATUS(0xffffffffffffffff, 0x1a, &(0x7f0000000180)={0x7}, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000380), 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r3, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

5.780305585s ago: executing program 2 (id=3563):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="080086dd0001110004600000a60c6eec00"], 0xfdef)

4.751328299s ago: executing program 4 (id=3564):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='\t\x00\x00\x00\a\x00\x00'], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, 0x0, &(0x7f0000001580)=""/67}, 0x20)

4.57431019s ago: executing program 1 (id=3565):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socket$kcm(0x29, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)

4.572674745s ago: executing program 6 (id=3566):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

4.45500878s ago: executing program 4 (id=3567):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f00000000c0)=0xfffff000, 0x4)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r1, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000100)={'syztnl0\x00', <r4=>0x0, 0x4, 0xf1, 0x5, 0x8, 0x20, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x4000, 0x4, 0x5}})
setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r4}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, @remote, @empty, 0x7800, 0x80, 0xfffffffc, 0xdc67}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'syztnl1\x00', 0x0})

4.452999166s ago: executing program 7 (id=3568):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TCSETS(r2, 0x545c, 0x0)
timer_create(0x0, &(0x7f0000000140)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

4.181498235s ago: executing program 0 (id=3569):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
listen(0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8000c61)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000600)={[{@init_itable_val={'init_itable', 0x3d, 0x23}}, {@stripe={'stripe', 0x3d, 0x1}}, {@journal_dev={'journal_dev', 0x3d, 0x403}}, {@grpid}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {@noload}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

4.181187709s ago: executing program 6 (id=3570):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYRES8, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x4bf30000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000000000006a0a00ff00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d23abff0feef91bfa0f76b74635fc9f9de9ca3c0ec8cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583412dff048f0000000000000007b2728a0481e9f0da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc9d6ddb88d2f313c1c13caec04a347383420336bec88c24a9fb6a6991ddb73"], &(0x7f0000000340)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xffff0004, 0xf0, 0xe200, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r5}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000380)=r8}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000740)={r9, &(0x7f00000006c0)}, 0x20)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000040)={0x4, 0x1000, 0x2000}, 0x10)

3.819731481s ago: executing program 0 (id=3571):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = inotify_init()
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r2, &(0x7f0000000240)='./file0\x00', 0x4000cdd)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x1, 0x2, &(0x7f0000000140)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[], 0x50)
r4 = openat$vcs(0xffffffffffffff9c, 0x0, 0x202000, 0x0)
inotify_rm_watch(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@map=<r8=>0x1, 0x2, 0x0, 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x11, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000580)}, 0x23)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYBLOB="0000000010000000", @ANYRES16=r8, @ANYBLOB, @ANYRES32=r6, @ANYBLOB="490c901801eb52657537b1873274541cfcb59f7a803bcf6367bf018e6d6a3b262dd4beb01a6e85cb2ac74961672d743213a01df7c59e7680c09fb00ec1b83f6c1da2df534650343059a4b0cd60ad99668a85f4d6a41ba0b4f5aaa0b23463062614f8cfefee206553393fb24b58d751124afabb49ccf5787b9eb84a28fa9503604efaf76190b60d89f42513a8b61c3ef80289c637e33f3553f46d6fe436cb7b55c075ff3602b8ff3b8cfdabc42a5c50bd6f19b44f7b894e853f70bd63f9cd9f1dc11647e123786af02b0fc367456aefbb547aa83c57b578c0d80f57bee3d6e8ba055e404ee42d831baf", @ANYRES16], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000680)=ANY=[@ANYBLOB="0600000004000000be7000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000000000000000000000000000c200000000000000c0e0e759af1e6a3905503df4b605d3aa8d5fd082ab4a932f82e991f4bc3fd0b8b00d4b4ba305e6b91897dab37c85833947efb5d1489ecd057bd45a4580af1c7bdc1ca6e741b6bf046e26f01d158f28fefaa8bd3524ba8fe67e97f425fc1dff6f47698ed3ec4799908e7c58bb883f7ae2e95b696039a7f4ffae3147f2e20fdd4af37d306a2514b7e11747"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)

3.818926925s ago: executing program 6 (id=3572):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000800010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x10000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_u}]}})

3.772077838s ago: executing program 2 (id=3573):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f00000005c0)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@abort}, {@data_err_ignore}, {@discard}, {@nodiscard}, {@grpquota}, {@quota}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f0000000c00)="$eJzs3U9rHOUfAPDvbJI2/fP7NYVSVEQCPVip3TSJfyp4qEfRYkHvdUm2oWTTLdlNaWLB9mAvXqQIIhbEu949Ft+Ar6KghSIl2IOXyExmmm2ym6TtNpu6nw9seJ6Z2Xmeb2aeZ59nZpYNoG+Npn9KES9HxDdJxKGISPJ1g5GvHF3dbvnBtan0lcTKyqd/Jdl2ab7YV/G+A3nmpYj47auIE6WN5TYWl2YrtVp1Ps+PNecujzUWl05enKvMVGeqlyYmJ0+/PTnx3rvvdC3WN849/P6TOx+e/vrY8ne/3Dt8K4kzcTBf1xrHM7jemhmN0fx/MhRn1m043oXCdpOk1xXgqQzk7Xwo0j7gUAzkrR747/syIlaAPpVo/9CninFAMbePYh78sJejkp1z/4PVCVAR/9p1gMHVayMxnM2N9i8nj82M0vnuSBfKT8v49c/bt9JXdO86BMCWrt+IiFODgxv7vyTv/57U2sXeU9vYen0Z+j/YOXfS8c+b7cY/pRjNrg4PZ7n1458Dbdru09i6/ZfudaGYjtLx3/vRPv7cyECe+1825htKLlysVdO+7f8RcTyG9qb5ze7nnF6+u9Jp3ejqrm8VY8C0/GIsmNfj3uDex98zXWlWniXmVvdvRLzSdvybPBr/Jm2Of1rpc9ss42j19mud1rWOf9vH/3yt/BTxetvjv3ZHK9n8/uRYdj6MFWfFRn/fPPp7p/J7HX96/PdvHv9I0nq/trH5/obbLPtx+J9qp+0fiz+2f/7vST7L0nvyZVcrzeb8eMSe5OONyyfW3lvki+3T+I8f69T/Rcfzf19EfL75v+KRm0d+fnVb8ffo+E8/0fFvTUSyfkm7xN2PvvihU/lbx58e/7ey1PF8yXb6v+3Ua+uzGQAAAAAAAF4spYg4GEmp/ChdKpXLq893HIn9pVq90Txxob5waTqy78qOxFCpuNN9qOV5iPH8edgiP7EuPxkRhyPi24F9Wb48Va9N9zp4AAAAAAAAAAAAAAAAAAAA2CUOdPj+f+qPgV7XDnju/OQ39K8t2383fukJ2JV8/kP/0v6hf2n/0L+y9p/0uhZAL/j8h/6l/UP/0v6hf2n/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FXnzp5NXyvLD65NpfnpK4sLs/UrJ6erjdny3MJUeao+f7k8U6/P1KrlqfrcVvur1euXxydi4epYs9pojjUWl87P1RcuNc9fnKvMVM9Xh3YkKgAAAAAAAAAAAAAAAAAAAHixNBaXZiu1WnVeQuKpEoO7oxoSXUucyRK97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM2/AQAA//+3LjSI")
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x7ffff000)
r4 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r4, 0x0, 0x0, 0x8800000)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)

2.295142034s ago: executing program 0 (id=3574):
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000d80)="a4", 0x1}], 0x1)

2.010371806s ago: executing program 6 (id=3575):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

1.972110996s ago: executing program 4 (id=3576):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
io_setup(0x7, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r1, 0x40049366, &(0x7f00000001c0))
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x200)
io_submit(0x0, 0x0, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVin:Dd', 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000002940)={'ip6_vti0\x00', &(0x7f00000028c0)={'syztnl1\x00', 0x0, 0x29, 0x80, 0x7, 0xca, 0xa0, @empty, @empty, 0x8000, 0x80, 0x6}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040016000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)

1.59218842s ago: executing program 0 (id=3577):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xad}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r0, 0x4b63, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d00000085000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
unshare(0x64000600)

1.162061956s ago: executing program 6 (id=3578):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f0000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x28010000, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000180)="d0ab6b333cc6fe507439ab98f4e57a5b4bc7af950e2788a4ee54676f903b5077a7612365bb067aa1b68f07ad5f82")
r1 = socket(0x2, 0x805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x4668, &(0x7f0000000040)={0x0, 0xc89f, 0xc002, 0x2, 0x20002f7})
read(r3, &(0x7f00000019c0)=""/4097, 0x1001)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f00000007c0)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r4=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000480)={r4, 0xffffffff, 0x80000007, 0xfffffff7}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$dupfd(r5, 0x0, r5)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000010000100fefffffffbdbdf25fc000000000000000000000000000000e0000002000000000000000000000000000107144e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c0000007f000001000000000000000000000000000000000000000092010000580000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff0000000000000000070000000000000000000000000000001f00000000000000feffffffffffffff01000000fcffffff000000002abd700004350000020001003400000000000000480003006465666c61746500"/207], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
socket$key(0xf, 0x3, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r7, 0x5393, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14142500000000000000000000000000000000000000009201000000000000a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff000000008000000000350000020001002052377aae00000000"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

973.399838ms ago: executing program 2 (id=3579):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='\t\x00\x00\x00\a\x00\x00'], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, 0x0, &(0x7f0000001580)=""/67}, 0x20)

934.222809ms ago: executing program 7 (id=3580):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
syz_open_procfs(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r0, &(0x7f0000000140)='2', 0xfcd1, 0xfecc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1, 0x0, 0x81}, 0x18)

829.702259ms ago: executing program 1 (id=3581):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x200400c1}, 0x8000000)
syz_open_dev$loop(&(0x7f0000000080), 0x40000047ffffe, 0x1a2c42)
r0 = syz_io_uring_setup(0x1e1e, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
listen(0xffffffffffffffff, 0x5)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000010c0)={0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c40000001900674c0000000004000000fc000000000008000000000000000002e000000200000000000000000000000000000000000000000200200000", @ANYBLOB], 0xc4}}, 0x4c050)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x10}}, 0x40010)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000040)={<r5=>0xffffffffffffffff, 0x5})
close_range(r5, 0xffffffffffffffff, 0x0)
socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x2000015f, &(0x7f0000000880)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

755.471651ms ago: executing program 4 (id=3582):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000380), &(0x7f00000005c0)=r1}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

568.211747ms ago: executing program 2 (id=3583):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x10f, &(0x7f0000000300)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0), &(0x7f0000000140))

402.643752ms ago: executing program 1 (id=3584):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/U7/jVv8jjfvy59/yv7uKOZTBiLg7InZHxD0RsSci7o3I294fEQ+sMp7b+z/plVV+5LKy/t9zxdzW4v5f2fuLwZ6itjPPvy85Pl2vHSz+J8PRtyWrjy2zjm9e/PmTdsua+3/ZI1t/2Rcs4rjS2zJANzUxN5F3Sjvg6sWIfb1L5Z/cnAlIImJvROxb2UfvKgvTT3y5v12jO+e/jA7MMy18kaU3n+U/Hy35l5Lm+cnp2+YnR7dGvXZwtNwrbvfjT5dea7f+VeXfAVdrjeem7d/aZDBpnq+dXfk6Lv36Udt7mv+4/6f9yRv5PHN/8dp7E3NzZ8Yi+pOjeX3R6+O33lvWy/bZ/j98YOnjf3fxniz/ByMi24kfioiHI+KRIvZHI+KxiDiwTP7fv9B+WZl/pBVt/4sRU0ue/27u/y3bf+WFnpPffd1u/f9u+x/OS8PFK/n57w6WCic7XbQGuJr/HQAAAPxfpPl34JN05GY5TUdGGt/h3xN3pfWZ2bknj8+8c3qq8V35wehLy5GugWI8tD5dr40l88UnNsZHx4ux4nK89FAxbvxpz7a8PjI5U5+qOHfodtvbHP+Z33uqjg5YY9uWfHW8f90DASrQOo+eLq5eeDWcDGCz8ntt6F53OP7T9YoDWH+u/9C9ljr+L7TUzQXA5uT6D93L8Q9dKv226giACrn+Q1daze/617CwdWOEUU1ho26UvBBRFtINEY/CGhWqPjMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD//02e6R0=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x26)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

397.565164ms ago: executing program 4 (id=3585):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYRES8, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x4bf30000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000000000006a0a00ff00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d23abff0feef91bfa0f76b74635fc9f9de9ca3c0ec8cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583412dff048f0000000000000007b2728a0481e9f0da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc9d6ddb88d2f313c1c13caec04a347383420336bec88c24a9fb6a6991ddb73"], &(0x7f0000000340)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xffff0004, 0xf0, 0xe200, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r5}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000380)=r8}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000740)={r9, &(0x7f00000006c0)}, 0x20)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000040)={0x4, 0x1000, 0x2000}, 0x10)

348.261795ms ago: executing program 2 (id=3586):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x4e21, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}, {0xa, 0x4e22, 0x6fe3, @mcast2, 0x393}, 0x0, {[0x7, 0x8, 0x3, 0x9, 0xbd, 0x7ff, 0xbb23, 0x400]}}, 0x5c)

79.310971ms ago: executing program 2 (id=3587):
mknod(&(0x7f0000002800)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200, 0x40000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000600)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

55.397816ms ago: executing program 4 (id=3588):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8ab8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

0s ago: executing program 7 (id=3589):
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000d80)="a4", 0x1}], 0x1)

kernel console output (not intermixed with test programs):

T15072] loop0: detected capacity change from 0 to 512
[  554.537102][T15072] ext4 filesystem being mounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  555.806939][T15085] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3040'.
[  555.986805][T15092] loop4: detected capacity change from 0 to 128
[  556.023069][   T30] audit: type=1800 audit(1758217132.192:2189): pid=15092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3046" name="file2" dev="loop4" ino=1048639 res=0 errno=0
[  556.057715][T15092] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  556.082471][T15092] FAT-fs (loop4): Filesystem has been set read-only
[  556.100471][T15092] syz.4.3046: attempt to access beyond end of device
[  556.100471][T15092] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  556.133161][T15092] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  556.154330][T15092] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  556.175898][T15099] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3048'.
[  556.232165][T15092] syz.4.3046: attempt to access beyond end of device
[  556.232165][T15092] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  556.289292][T15092] buffer_io_error: 518 callbacks suppressed
[  556.289315][T15092] Buffer I/O error on dev loop4, logical block 2065, async page read
[  556.310685][T15092] syz.4.3046: attempt to access beyond end of device
[  556.310685][T15092] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  556.369796][T15092] Buffer I/O error on dev loop4, logical block 2066, async page read
[  556.388319][T15092] syz.4.3046: attempt to access beyond end of device
[  556.388319][T15092] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  556.429610][T15092] Buffer I/O error on dev loop4, logical block 2067, async page read
[  556.441085][T15102] loop6: detected capacity change from 0 to 512
[  556.449105][T15102] EXT4-fs: Ignoring removed bh option
[  556.463031][T15092] syz.4.3046: attempt to access beyond end of device
[  556.463031][T15092] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  556.504812][T15102] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  556.544555][T15092] Buffer I/O error on dev loop4, logical block 2068, async page read
[  556.565000][T15102] EXT4-fs (loop6): 1 truncate cleaned up
[  556.583657][T15102] EXT4-fs mount: 6 callbacks suppressed
[  556.583682][T15102] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.621012][T15092] syz.4.3046: attempt to access beyond end of device
[  556.621012][T15092] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  556.702026][T15092] Buffer I/O error on dev loop4, logical block 2069, async page read
[  556.738938][T15092] syz.4.3046: attempt to access beyond end of device
[  556.738938][T15092] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  556.743942][T15113] loop1: detected capacity change from 0 to 164
[  556.798948][T15092] Buffer I/O error on dev loop4, logical block 2070, async page read
[  556.812511][T15115] program syz.0.3054 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  556.836678][T15092] syz.4.3046: attempt to access beyond end of device
[  556.836678][T15092] loop4: rw=0, sector=2071, nr_sectors = 1 limit=128
[  556.896993][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  556.898929][T15116] loop0: detected capacity change from 0 to 512
[  556.909101][T15092] Buffer I/O error on dev loop4, logical block 2071, async page read
[  556.948371][T15092] syz.4.3046: attempt to access beyond end of device
[  556.948371][T15092] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  557.033351][T15092] Buffer I/O error on dev loop4, logical block 2072, async page read
[  557.057958][T15116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.081810][    C1] sd 0:0:1:0: [sda] tag#1164 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  557.092254][    C1] sd 0:0:1:0: [sda] tag#1164 CDB: Read(6) 08 00 00 00 00 00
[  557.106366][T15092] syz.4.3046: attempt to access beyond end of device
[  557.106366][T15092] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  557.146317][T15116] ext4 filesystem being mounted at /572/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  557.173351][T15092] Buffer I/O error on dev loop4, logical block 2065, async page read
[  557.204359][T15125] loop7: detected capacity change from 0 to 512
[  557.229497][T15092] syz.4.3046: attempt to access beyond end of device
[  557.229497][T15092] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  557.259863][T15125] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.294308][T15092] Buffer I/O error on dev loop4, logical block 2066, async page read
[  557.304427][T15125] ext4 filesystem being mounted at /10/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  557.326232][T15092] syz.4.3046: attempt to access beyond end of device
[  557.326232][T15092] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  557.341573][T15092] syz.4.3046: attempt to access beyond end of device
[  557.341573][T15092] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  557.358252][T15092] syz.4.3046: attempt to access beyond end of device
[  557.358252][T15092] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  557.364522][ T5862] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.371875][T15092] syz.4.3046: attempt to access beyond end of device
[  557.371875][T15092] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  557.447969][   T30] audit: type=1800 audit(1758217133.612:2190): pid=15125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3058" name="file1" dev="loop7" ino=15 res=0 errno=0
[  557.546510][   T30] audit: type=1800 audit(1758217133.632:2191): pid=15125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3058" name="file2" dev="loop7" ino=16 res=0 errno=0
[  557.913943][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.941014][T15137] loop6: detected capacity change from 0 to 128
[  558.029186][T15137] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  558.083082][T15137] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  558.254183][T15147] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3065'.
[  558.431340][T13471] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  558.469038][   T30] audit: type=1326 audit(1758217134.632:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.538186][   T30] audit: type=1326 audit(1758217134.662:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.623826][   T30] audit: type=1326 audit(1758217134.682:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.731760][   T30] audit: type=1326 audit(1758217134.682:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.780317][   T30] audit: type=1326 audit(1758217134.682:2196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.852130][T15170] loop7: detected capacity change from 0 to 128
[  558.859178][T15166] loop2: detected capacity change from 0 to 512
[  558.869574][   T30] audit: type=1326 audit(1758217134.682:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.894287][   T30] audit: type=1326 audit(1758217134.682:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15154 comm="syz.7.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d0158eba9 code=0x7ffc0000
[  558.942675][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  558.964757][T15166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.978901][T15170] FAT-fs (loop7): Filesystem has been set read-only
[  559.012695][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  559.037760][T15166] ext4 filesystem being mounted at /518/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.056780][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  559.080797][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  559.083088][T15180] loop0: detected capacity change from 0 to 164
[  559.103695][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  559.120402][T15170] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  559.190210][T15182] loop4: detected capacity change from 0 to 512
[  559.248251][T15182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.280602][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.280677][T15182] ext4 filesystem being mounted at /481/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.463183][T15190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3080'.
[  559.492309][T15191] loop1: detected capacity change from 0 to 256
[  559.882122][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.949698][T15198] loop7: detected capacity change from 0 to 128
[  559.998573][T15198] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  560.019864][T15198] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  560.403155][T14593] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  560.575692][T15219] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3091'.
[  560.732988][T15221] loop4: detected capacity change from 0 to 512
[  560.799881][T15221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.858084][T15221] ext4 filesystem being mounted at /485/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  560.938591][T15230] loop0: detected capacity change from 0 to 2048
[  561.007477][T15230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  561.107051][T15236] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3096'.
[  561.263478][T15240] tipc: Started in network mode
[  561.294837][T15240] tipc: Node identity 8e1f679ef368, cluster identity 4711
[  561.318650][T15240] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  561.349313][ T5862] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.354406][T15240] tipc: Resetting bearer <eth:syzkaller0>
[  561.382769][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.398879][T15239] tipc: Disabling bearer <eth:syzkaller0>
[  561.415620][T15243] loop2: detected capacity change from 0 to 512
[  561.446118][T15243] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  561.491577][T15243] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.3098: bad orphan inode 131083
[  561.533538][T15243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  561.743476][T15251] loop4: detected capacity change from 0 to 1024
[  561.922577][T15251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.981191][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  561.981237][   T30] audit: type=1804 audit(1758217138.142:2212): pid=15251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3100" name="/newroot/486/file1/bus" dev="loop4" ino=18 res=1 errno=0
[  562.994411][T13974] hid_parser_main: 6 callbacks suppressed
[  562.994441][T13974] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  563.101889][T13974] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  563.419631][T15262] !
: renamed from dummy0 (while UP)
[  563.591801][T15264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3105'.
[  564.086438][T15268] loop0: detected capacity change from 0 to 164
[  564.121247][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.395977][T15276] loop4: detected capacity change from 0 to 128
[  564.433261][T15276] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  564.460894][T15276] ext4 filesystem being mounted at /487/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  564.653663][T15279] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3110'.
[  564.680532][T15279] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3110'.
[  564.728820][ T5872] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  564.994541][T15285] loop7: detected capacity change from 0 to 128
[  565.055608][T15285] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.063731][   T30] audit: type=1800 audit(1758217141.222:2213): pid=15285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3112" name="file2" dev="loop7" ino=1048641 res=0 errno=0
[  565.107993][T15285] FAT-fs (loop7): Filesystem has been set read-only
[  565.132242][T15285] bio_check_eod: 2116 callbacks suppressed
[  565.132265][T15285] syz.7.3112: attempt to access beyond end of device
[  565.132265][T15285] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  565.196439][T15285] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.234887][T15285] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.287755][T15288] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.289859][T15290] loop6: detected capacity change from 0 to 512
[  565.304195][T15288] syz.7.3112: attempt to access beyond end of device
[  565.304195][T15288] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  565.339789][T15290] EXT4-fs: Ignoring removed bh option
[  565.367133][T15288] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.380864][T15285] syz.7.3112: attempt to access beyond end of device
[  565.380864][T15285] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  565.398130][T15290] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  565.415524][T15288] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  565.427940][T15287] syz.7.3112: attempt to access beyond end of device
[  565.427940][T15287] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  565.464327][T15290] EXT4-fs (loop6): 1 truncate cleaned up
[  565.476512][T15290] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  565.520510][T15287] buffer_io_error: 2118 callbacks suppressed
[  565.520534][T15287] Buffer I/O error on dev loop7, logical block 2065, async page read
[  565.575772][T15287] syz.7.3112: attempt to access beyond end of device
[  565.575772][T15287] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[  565.630452][T15287] Buffer I/O error on dev loop7, logical block 2066, async page read
[  565.638684][T15287] syz.7.3112: attempt to access beyond end of device
[  565.638684][T15287] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[  565.709688][T15300] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3115'.
[  565.720612][T15287] Buffer I/O error on dev loop7, logical block 2067, async page read
[  565.723254][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.733555][T15287] syz.7.3112: attempt to access beyond end of device
[  565.733555][T15287] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[  565.820597][T15287] Buffer I/O error on dev loop7, logical block 2068, async page read
[  565.843674][T15287] syz.7.3112: attempt to access beyond end of device
[  565.843674][T15287] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128
[  565.894942][T15287] Buffer I/O error on dev loop7, logical block 2069, async page read
[  565.920920][T15287] syz.7.3112: attempt to access beyond end of device
[  565.920920][T15287] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128
[  565.950046][T15287] Buffer I/O error on dev loop7, logical block 2070, async page read
[  565.966898][T15287] syz.7.3112: attempt to access beyond end of device
[  565.966898][T15287] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128
[  566.017012][T15287] Buffer I/O error on dev loop7, logical block 2071, async page read
[  566.057989][T15287] Buffer I/O error on dev loop7, logical block 2072, async page read
[  566.100620][T15287] Buffer I/O error on dev loop7, logical block 2065, async page read
[  566.129217][T15287] Buffer I/O error on dev loop7, logical block 2066, async page read
[  566.632911][T15314] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3120'.
[  566.827646][T15319] loop7: detected capacity change from 0 to 512
[  566.868748][T15322] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3123'.
[  566.868963][T15321] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3124'.
[  566.901924][T15319] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.922126][T15319] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  566.944930][T15321] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3124'.
[  567.107163][T15327] loop0: detected capacity change from 0 to 128
[  567.150633][T15327] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  567.173792][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.186201][T15327] ext4 filesystem being mounted at /587/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  567.387312][T15334] loop2: detected capacity change from 0 to 164
[  567.465966][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.504254][ T5862] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  568.103287][T15349] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3133'.
[  568.184500][T15357] loop7: detected capacity change from 0 to 128
[  568.213110][   T30] audit: type=1800 audit(1758217144.382:2214): pid=15357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3136" name="file2" dev="loop7" ino=1048642 res=0 errno=0
[  568.217109][T15357] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  568.273817][T15357] FAT-fs (loop7): Filesystem has been set read-only
[  568.289350][T15357] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  568.298143][T15357] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  568.807150][T15366] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3138'.
[  569.075281][T15368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3139'.
[  569.104539][T15368] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3139'.
[  569.302468][T15372] loop4: detected capacity change from 0 to 128
[  569.377818][   T30] audit: type=1800 audit(1758217145.542:2215): pid=15372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop4" ino=1048643 res=0 errno=0
[  569.553010][T15378] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3142'.
[  569.679850][T15382] loop6: detected capacity change from 0 to 128
[  569.736153][T15382] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  569.754334][T15385] loop0: detected capacity change from 0 to 512
[  569.798717][T15382] ext4 filesystem being mounted at /84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  569.908838][T15385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  569.977911][T15385] ext4 filesystem being mounted at /592/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.184306][T15395] loop2: detected capacity change from 0 to 512
[  570.217865][T13471] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  570.284088][T15395] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.298801][T15402] loop7: detected capacity change from 0 to 164
[  570.328564][ T5862] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  570.350008][T15395] ext4 filesystem being mounted at /526/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.477612][T15409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3156'.
[  570.511318][T15409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3156'.
[  570.537250][T15411] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3152'.
[  570.564158][T15412] loop1: detected capacity change from 0 to 128
[  570.602787][   T30] audit: type=1800 audit(1758217146.772:2216): pid=15412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3155" name="file2" dev="loop1" ino=1048644 res=0 errno=0
[  570.626603][T15412] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  570.648227][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  570.678209][T15412] FAT-fs (loop1): Filesystem has been set read-only
[  570.688553][T15412] bio_check_eod: 2690 callbacks suppressed
[  570.688577][T15412] syz.1.3155: attempt to access beyond end of device
[  570.688577][T15412] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  570.706123][T15418] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3154'.
[  570.721191][T15412] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  570.738171][T15412] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  570.751848][T15415] syz.1.3155: attempt to access beyond end of device
[  570.751848][T15415] loop1: rw=0, sector=2065, nr_sectors = 1 limit=128
[  570.812365][T15415] buffer_io_error: 2686 callbacks suppressed
[  570.812390][T15415] Buffer I/O error on dev loop1, logical block 2065, async page read
[  570.864300][T15415] syz.1.3155: attempt to access beyond end of device
[  570.864300][T15415] loop1: rw=0, sector=2066, nr_sectors = 1 limit=128
[  570.922817][T15415] Buffer I/O error on dev loop1, logical block 2066, async page read
[  570.946838][T15423] loop0: detected capacity change from 0 to 128
[  570.959132][T15415] syz.1.3155: attempt to access beyond end of device
[  570.959132][T15415] loop1: rw=0, sector=2067, nr_sectors = 1 limit=128
[  570.985093][   T30] audit: type=1800 audit(1758217147.152:2217): pid=15423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop0" ino=1048645 res=0 errno=0
[  571.018138][T15415] Buffer I/O error on dev loop1, logical block 2067, async page read
[  571.029200][T15415] syz.1.3155: attempt to access beyond end of device
[  571.029200][T15415] loop1: rw=0, sector=2068, nr_sectors = 1 limit=128
[  571.065033][T15415] Buffer I/O error on dev loop1, logical block 2068, async page read
[  571.087092][T15415] syz.1.3155: attempt to access beyond end of device
[  571.087092][T15415] loop1: rw=0, sector=2069, nr_sectors = 1 limit=128
[  571.113887][T15415] Buffer I/O error on dev loop1, logical block 2069, async page read
[  571.125201][T15415] syz.1.3155: attempt to access beyond end of device
[  571.125201][T15415] loop1: rw=0, sector=2070, nr_sectors = 1 limit=128
[  571.139257][T15415] Buffer I/O error on dev loop1, logical block 2070, async page read
[  571.148670][T15415] syz.1.3155: attempt to access beyond end of device
[  571.148670][T15415] loop1: rw=0, sector=2071, nr_sectors = 1 limit=128
[  571.181068][T15415] Buffer I/O error on dev loop1, logical block 2071, async page read
[  571.202893][T15415] syz.1.3155: attempt to access beyond end of device
[  571.202893][T15415] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  571.278250][T15432] loop2: detected capacity change from 0 to 256
[  571.348156][T15415] Buffer I/O error on dev loop1, logical block 2072, async page read
[  571.398365][T15412] syz.1.3155: attempt to access beyond end of device
[  571.398365][T15412] loop1: rw=0, sector=2065, nr_sectors = 1 limit=128
[  571.455968][T15412] Buffer I/O error on dev loop1, logical block 2065, async page read
[  571.499468][T15412] Buffer I/O error on dev loop1, logical block 2066, async page read
[  571.913064][T15437] loop4: detected capacity change from 0 to 128
[  571.999850][T15437] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  572.038423][T15437] ext4 filesystem being mounted at /503/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  572.404244][T15441] program syz.0.3167 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  572.481362][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  572.487700][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  572.519576][ T5872] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  572.552813][T15447] loop0: detected capacity change from 0 to 512
[  572.642851][T15447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.704489][    C1] sd 0:0:1:0: [sda] tag#1152 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  572.714981][    C1] sd 0:0:1:0: [sda] tag#1152 CDB: Read(6) 08 00 00 00 00 00
[  572.755978][T15447] ext4 filesystem being mounted at /596/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.908876][T15448] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3165'.
[  572.950500][T15457] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3171'.
[  573.029610][ T5862] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.972913][T15473] loop4: detected capacity change from 0 to 512
[  574.032192][T15479] loop2: detected capacity change from 0 to 164
[  574.097478][ T5995] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  574.097882][T15476] loop7: detected capacity change from 0 to 128
[  574.173347][ T5995] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  574.187051][T15473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.187131][   T30] audit: type=1800 audit(1758217150.342:2218): pid=15476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3179" name="file2" dev="loop7" ino=1048646 res=0 errno=0
[  574.236906][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.266517][T15473] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  574.297620][T15488] __nla_validate_parse: 1 callbacks suppressed
[  574.297643][T15488] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3172'.
[  574.319432][T15476] FAT-fs (loop7): Filesystem has been set read-only
[  574.359776][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.439492][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.493418][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.530643][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.552399][T15476] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  574.624935][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.218530][T15509] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3181'.
[  575.275157][T15510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3184'.
[  576.424348][T15528] loop1: detected capacity change from 0 to 256
[  578.226143][T15533] loop4: detected capacity change from 0 to 128
[  578.352987][T15533] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  578.366804][T15539] loop2: detected capacity change from 0 to 1024
[  581.306582][T15539] EXT4-fs warning (device loop2): ext4_multi_mount_protect:397: Unable to create kmmpd thread for loop2.
[  581.327581][T15533] ext4 filesystem being mounted at /507/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  581.934330][ T5878] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  581.945063][ T5878] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  581.953088][ T5878] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  581.961223][ T5878] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  581.971386][ T5878] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  582.023425][ T5872] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  582.091508][T15543] lo speed is unknown, defaulting to 1000
[  582.209613][T15552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3196'.
[  582.250701][T15552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3196'.
[  582.324810][T15557] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3198'.
[  582.537029][ T8094] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.674306][T15568] loop2: detected capacity change from 0 to 164
[  582.729069][ T8094] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.768216][ T5935] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  582.786844][T15570] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3202'.
[  582.826877][ T5935] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  582.916582][T15572] loop7: detected capacity change from 0 to 128
[  582.943542][   T30] audit: type=1800 audit(1758217159.102:2219): pid=15572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop7" ino=1048647 res=0 errno=0
[  583.002491][ T8094] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.130299][T15577] loop7: detected capacity change from 0 to 128
[  583.187572][ T8094] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.206201][   T30] audit: type=1800 audit(1758217159.372:2220): pid=15577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3206" name="file2" dev="loop7" ino=1048648 res=0 errno=0
[  583.248076][T15577] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  583.265995][T15577] FAT-fs (loop7): Filesystem has been set read-only
[  583.282608][T15577] bio_check_eod: 697 callbacks suppressed
[  583.282630][T15577] syz.7.3206: attempt to access beyond end of device
[  583.282630][T15577] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  583.312114][T15577] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  583.320144][T15577] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  583.372802][T15581] syz.7.3206: attempt to access beyond end of device
[  583.372802][T15581] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  583.436776][T15581] buffer_io_error: 694 callbacks suppressed
[  583.436800][T15581] Buffer I/O error on dev loop7, logical block 2065, async page read
[  583.474946][T15581] syz.7.3206: attempt to access beyond end of device
[  583.474946][T15581] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[  583.507934][T15581] Buffer I/O error on dev loop7, logical block 2066, async page read
[  583.521677][T15581] syz.7.3206: attempt to access beyond end of device
[  583.521677][T15581] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[  583.536660][T15581] Buffer I/O error on dev loop7, logical block 2067, async page read
[  583.548897][T15581] syz.7.3206: attempt to access beyond end of device
[  583.548897][T15581] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[  583.562845][T15581] Buffer I/O error on dev loop7, logical block 2068, async page read
[  583.571645][T15581] syz.7.3206: attempt to access beyond end of device
[  583.571645][T15581] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128
[  583.585772][T15581] Buffer I/O error on dev loop7, logical block 2069, async page read
[  583.642620][T15590] loop6: detected capacity change from 0 to 256
[  583.833439][T15592] loop1: detected capacity change from 0 to 128
[  583.916953][T15592] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  584.009349][T15592] ext4 filesystem being mounted at /573/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  584.074249][   T51] Bluetooth: hci6: command tx timeout
[  584.537806][ T8094] bridge_slave_1: left allmulticast mode
[  584.552779][T15581] syz.7.3206: attempt to access beyond end of device
[  584.552779][T15581] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128
[  584.566090][T15581] Buffer I/O error on dev loop7, logical block 2070, async page read
[  584.574334][T15581] syz.7.3206: attempt to access beyond end of device
[  584.574334][T15581] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128
[  584.585219][ T8094] bridge_slave_1: left promiscuous mode
[  584.587621][T15581] Buffer I/O error on dev loop7, logical block 2071, async page read
[  584.593811][ T5865] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  584.635773][ T8094] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.722900][T15581] syz.7.3206: attempt to access beyond end of device
[  584.722900][T15581] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  584.745981][T15581] Buffer I/O error on dev loop7, logical block 2072, async page read
[  584.755933][T15581] syz.7.3206: attempt to access beyond end of device
[  584.755933][T15581] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  584.772224][T15581] Buffer I/O error on dev loop7, logical block 2065, async page read
[  584.781788][T15581] Buffer I/O error on dev loop7, logical block 2066, async page read
[  584.829123][ T8094] bridge_slave_0: left allmulticast mode
[  584.865516][ T8094] bridge_slave_0: left promiscuous mode
[  584.900663][ T8094] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.964878][T15605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3213'.
[  584.982610][T15605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3213'.
[  585.007722][T15606] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3211'.
[  585.825533][ T8094] bond1 (unregistering): (slave @): Releasing active interface
[  586.150575][   T51] Bluetooth: hci6: command tx timeout
[  586.487309][ T8094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  586.526354][ T8094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  586.593327][ T8094] bond0 (unregistering): (slave 
0!
): Releasing backup interface
[  586.626994][ T8094] bond0 (unregistering): Released all slaves
[  586.686322][ T8094] bond1 (unregistering): Released all slaves
[  586.743577][ T8094] bond2 (unregistering): Released all slaves
[  586.813940][ T8094] bond3 (unregistering): Released all slaves
[  586.882123][ T8094] bond4 (unregistering): Released all slaves
[  586.980514][T15615] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  587.033727][T15543] chnl_net:caif_netlink_parms(): no params data found
[  587.163973][T15630] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3219'.
[  587.236492][T15628] loop7: detected capacity change from 0 to 512
[  587.275338][ T8094] tipc: Left network mode
[  587.282711][T15628] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  587.318188][T15628] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  587.397725][   T49] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0
[  587.412566][   T49] hid-generic 0000:0000:0000.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  587.445684][T15643] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3220'.
[  587.593211][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  587.664051][T15648] loop1: detected capacity change from 0 to 164
[  587.711203][   T49] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  587.755294][   T49] hid-generic 0000:0000:0000.0022: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  587.906746][T15543] bridge0: port 1(bridge_slave_0) entered blocking state
[  587.930985][T15543] bridge0: port 1(bridge_slave_0) entered disabled state
[  587.961978][T15543] bridge_slave_0: entered allmulticast mode
[  587.985699][T15543] bridge_slave_0: entered promiscuous mode
[  588.049414][T15543] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.090611][T15543] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.138690][T15543] bridge_slave_1: entered allmulticast mode
[  588.154039][T15653] loop7: detected capacity change from 0 to 128
[  588.166654][T15543] bridge_slave_1: entered promiscuous mode
[  588.230490][   T51] Bluetooth: hci6: command tx timeout
[  588.256741][T15653] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  588.306285][T15653] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  589.431723][T15663] loop6: detected capacity change from 0 to 1024
[  589.678409][T15663] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.795118][T15543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  589.969974][T15543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  589.990035][T15667] loop2: detected capacity change from 0 to 128
[  590.056932][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  590.098808][T15667] FAT-fs (loop2): Filesystem has been set read-only
[  590.120637][   T30] audit: type=1800 audit(1758217166.212:2221): pid=15667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3229" name="file2" dev="loop2" ino=1048649 res=0 errno=0
[  591.120750][T15667] bio_check_eod: 407 callbacks suppressed
[  591.120776][T15667] syz.2.3229: attempt to access beyond end of device
[  591.120776][T15667] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  591.240687][T15672] loop4: detected capacity change from 0 to 1024
[  592.100409][   T51] Bluetooth: hci6: command tx timeout
[  592.424132][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  592.432871][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  593.165257][T15672] EXT4-fs warning (device loop4): ext4_multi_mount_protect:397: Unable to create kmmpd thread for loop4.
[  593.206684][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  593.262090][T15667] syz.2.3229: attempt to access beyond end of device
[  593.262090][T15667] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  593.295866][T14593] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  593.312705][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.395613][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  593.403671][T15673] syz.2.3229: attempt to access beyond end of device
[  593.403671][T15673] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  593.471409][T15667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  593.519001][T15673] syz.2.3229: attempt to access beyond end of device
[  593.519001][T15673] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  593.610017][T15673] syz.2.3229: attempt to access beyond end of device
[  593.610017][T15673] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  593.690092][T15670] syz.2.3229: attempt to access beyond end of device
[  593.690092][T15670] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  593.764457][T15670] buffer_io_error: 406 callbacks suppressed
[  593.764481][T15670] Buffer I/O error on dev loop2, logical block 2065, async page read
[  593.809549][T15670] syz.2.3229: attempt to access beyond end of device
[  593.809549][T15670] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128
[  593.881816][T15543] team0: Port device team_slave_0 added
[  593.908357][T15670] Buffer I/O error on dev loop2, logical block 2066, async page read
[  593.956580][T15543] team0: Port device team_slave_1 added
[  593.965309][T15670] syz.2.3229: attempt to access beyond end of device
[  593.965309][T15670] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128
[  594.020497][T15670] Buffer I/O error on dev loop2, logical block 2067, async page read
[  594.028692][T15670] syz.2.3229: attempt to access beyond end of device
[  594.028692][T15670] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128
[  594.096192][T15670] Buffer I/O error on dev loop2, logical block 2068, async page read
[  594.107442][ T8094] hsr_slave_0: left promiscuous mode
[  594.116456][T15670] syz.2.3229: attempt to access beyond end of device
[  594.116456][T15670] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128
[  594.135887][ T8094] hsr_slave_1: left promiscuous mode
[  594.144864][T15670] Buffer I/O error on dev loop2, logical block 2069, async page read
[  594.174003][ T8094] veth1_vlan: left promiscuous mode
[  594.179324][ T8094] veth0_vlan: left promiscuous mode
[  594.188248][T15670] Buffer I/O error on dev loop2, logical block 2070, async page read
[  594.199225][T15670] Buffer I/O error on dev loop2, logical block 2071, async page read
[  594.209785][T15670] Buffer I/O error on dev loop2, logical block 2072, async page read
[  594.263795][T15666] Buffer I/O error on dev loop2, logical block 2065, async page read
[  594.289163][T15666] Buffer I/O error on dev loop2, logical block 2066, async page read
[  594.684079][T15679] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3230'.
[  594.725042][T15679] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3230'.
[  594.855352][T15688] loop6: detected capacity change from 0 to 256
[  595.829451][ T8094] team0 (unregistering): Port device team_slave_1 removed
[  595.879736][ T8094] team0 (unregistering): Port device team_slave_0 removed
[  596.324537][T15684] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  596.397826][T15543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  596.419081][T15543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  596.511539][T15543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  596.552276][T15543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  596.576728][T15543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  596.642324][T15543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  596.653746][T15702] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3237'.
[  596.664495][T15700] loop7: detected capacity change from 0 to 512
[  596.755849][T15700] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  596.794109][T15706] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3238'.
[  596.855117][T15700] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  596.909207][T15543] hsr_slave_0: entered promiscuous mode
[  596.935479][T15543] hsr_slave_1: entered promiscuous mode
[  596.953597][T15543] debugfs: 'hsr0' already exists in 'hsr'
[  596.966169][T15543] Cannot create hsr debugfs directory
[  597.010011][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.216299][ T8094] IPVS: stop unused estimator thread 0...
[  597.388496][T15720] loop7: detected capacity change from 0 to 128
[  597.412956][   T30] audit: type=1800 audit(1758217173.582:2222): pid=15720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop7" ino=1048650 res=0 errno=0
[  597.601028][T15722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3243'.
[  597.762730][T15728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3246'.
[  597.777580][T15729] loop7: detected capacity change from 0 to 164
[  597.813556][T13974] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  597.852533][T13974] hid-generic 0000:0000:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  598.311169][T15733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3248'.
[  598.340919][T15733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3248'.
[  598.548625][T15543] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  598.591303][T15735] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  598.610832][T15543] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  598.644513][T15543] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  598.780409][T15741] loop2: detected capacity change from 0 to 1024
[  598.975517][T15741] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  599.042700][   T30] audit: type=1804 audit(1758217175.202:2223): pid=15741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3250" name="/newroot/543/file1/bus" dev="loop2" ino=18 res=1 errno=0
[  599.155860][T15747] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4182: comm syz.2.3250: Allocating blocks 385-513 which overlap fs metadata
[  599.618626][T15747] EXT4-fs (loop2): Remounting filesystem read-only
[  599.625635][T15747] EXT4-fs (loop2): pa ffff888049c203a0: logic 16, phys. 129, len 24
[  599.661070][T15543] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  600.165920][T15725] lo speed is unknown, defaulting to 1000
[  600.744348][T15543] 8021q: adding VLAN 0 to HW filter on device bond0
[  600.936029][T15543] 8021q: adding VLAN 0 to HW filter on device team0
[  601.013551][ T8114] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.020761][ T8114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  601.066620][T15767] loop7: detected capacity change from 0 to 512
[  601.153768][ T8114] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.160992][ T8114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.178027][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  601.260796][T15767] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  601.319523][T15767] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  601.511624][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  601.766855][T15781] netlink: 44 bytes leftover after parsing attributes in process `syz.7.3256'.
[  601.851361][T15786] loop4: detected capacity change from 0 to 128
[  601.881411][T15779] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3257'.
[  601.888045][   T30] audit: type=1800 audit(1758217178.052:2224): pid=15786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop4" ino=1048651 res=0 errno=0
[  602.556710][T15798] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3261'.
[  602.611361][T15543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  602.735497][T15801] loop7: detected capacity change from 0 to 512
[  602.805859][T15801] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.819470][T15806] loop2: detected capacity change from 0 to 164
[  602.890470][ T1205] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[  602.898445][T15801] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  602.926277][T15543] veth0_vlan: entered promiscuous mode
[  602.965172][ T1205] hid-generic 0000:0000:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  603.029725][T15543] veth1_vlan: entered promiscuous mode
[  603.242507][T15543] veth0_macvtap: entered promiscuous mode
[  603.279939][T15543] veth1_macvtap: entered promiscuous mode
[  603.343411][T15543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  603.419324][T15543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  603.472679][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.508194][ T8098] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  603.537551][ T8094] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  603.598893][ T8094] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  603.637298][ T8094] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  603.849795][ T6017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  603.878650][ T6017] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  603.934781][T15824] loop1: detected capacity change from 0 to 512
[  603.989164][T15824] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.003997][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.020816][T15824] ext4 filesystem being mounted at /580/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  604.034054][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.109290][T15830] loop4: detected capacity change from 0 to 128
[  604.154563][   T30] audit: type=1800 audit(1758217180.322:2225): pid=15830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3271" name="file2" dev="loop4" ino=1048656 res=0 errno=0
[  604.154823][T15830] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.220113][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.245909][T15830] FAT-fs (loop4): Filesystem has been set read-only
[  604.278661][T15830] bio_check_eod: 11 callbacks suppressed
[  604.278684][T15830] syz.4.3271: attempt to access beyond end of device
[  604.278684][T15830] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  604.339394][T15830] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.348099][T15830] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.372230][T15836] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.380054][T15836] syz.4.3271: attempt to access beyond end of device
[  604.380054][T15836] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  604.432949][T15831] syz.4.3271: attempt to access beyond end of device
[  604.432949][T15831] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  604.454730][T15836] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.514123][T15831] buffer_io_error: 6 callbacks suppressed
[  604.514147][T15831] Buffer I/O error on dev loop4, logical block 2065, async page read
[  604.520469][T15836] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  604.528357][T15831] syz.4.3271: attempt to access beyond end of device
[  604.528357][T15831] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  604.554075][T15831] Buffer I/O error on dev loop4, logical block 2066, async page read
[  604.569864][T15844] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3274'.
[  604.582700][T15831] syz.4.3271: attempt to access beyond end of device
[  604.582700][T15831] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  604.601288][T15831] Buffer I/O error on dev loop4, logical block 2067, async page read
[  604.651016][T15831] syz.4.3271: attempt to access beyond end of device
[  604.651016][T15831] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  604.684788][T15831] Buffer I/O error on dev loop4, logical block 2068, async page read
[  604.704008][T15848] !
: renamed from dummy0 (while UP)
[  604.715353][T15831] syz.4.3271: attempt to access beyond end of device
[  604.715353][T15831] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  604.783926][T15831] Buffer I/O error on dev loop4, logical block 2069, async page read
[  604.821217][T15831] syz.4.3271: attempt to access beyond end of device
[  604.821217][T15831] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  604.852334][T15831] Buffer I/O error on dev loop4, logical block 2070, async page read
[  604.866813][T15831] syz.4.3271: attempt to access beyond end of device
[  604.866813][T15831] loop4: rw=0, sector=2071, nr_sectors = 1 limit=128
[  604.895157][T15831] Buffer I/O error on dev loop4, logical block 2071, async page read
[  604.906101][T15831] syz.4.3271: attempt to access beyond end of device
[  604.906101][T15831] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  604.944197][T15858] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3279'.
[  604.955126][T15831] Buffer I/O error on dev loop4, logical block 2072, async page read
[  604.986056][T15831] Buffer I/O error on dev loop4, logical block 2065, async page read
[  605.013472][T15831] Buffer I/O error on dev loop4, logical block 2066, async page read
[  605.040943][T15861] loop1: detected capacity change from 0 to 512
[  605.077605][T15861] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  605.159424][T15861] ext4 filesystem being mounted at /583/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  605.270598][   T51] Bluetooth: hci1: command 0x0405 tx timeout
[  605.654601][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.854408][T15876] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3282'.
[  606.214597][T15884] loop1: detected capacity change from 0 to 164
[  606.282317][T15886] loop4: detected capacity change from 0 to 512
[  606.326049][T13974] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  606.374797][T13974] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  606.411178][T15886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  606.469488][T15886] ext4 filesystem being mounted at /533/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  606.547791][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.739505][T15896] loop7: detected capacity change from 0 to 128
[  606.758505][T15899] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3293'.
[  607.891510][T15909] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  607.909057][T15910] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3295'.
[  607.925631][T15909] syzkaller0: entered promiscuous mode
[  607.940528][T15909] syzkaller0: entered allmulticast mode
[  608.014750][T15909] tipc: Resetting bearer <eth:syzkaller0>
[  608.037287][T15907] tipc: Resetting bearer <eth:syzkaller0>
[  608.045294][T15913] loop7: detected capacity change from 0 to 128
[  608.072549][T15907] tipc: Disabling bearer <eth:syzkaller0>
[  608.110565][   T30] audit: type=1800 audit(1758217184.272:2226): pid=15913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3296" name="file2" dev="loop7" ino=1048658 res=0 errno=0
[  608.132859][T15913] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  608.146614][T15916] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3298'.
[  608.166341][T15913] FAT-fs (loop7): Filesystem has been set read-only
[  608.191248][T15913] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  608.229523][T15913] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  608.361947][T15922] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3300'.
[  609.210008][T15941] loop7: detected capacity change from 0 to 128
[  609.257522][   T30] audit: type=1800 audit(1758217185.422:2227): pid=15941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3306" name="bus" dev="loop7" ino=1048659 res=0 errno=0
[  609.491799][T15956] loop7: detected capacity change from 0 to 164
[  609.521348][    T9] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  609.545740][    T9] hid-generic 0000:0000:0000.0026: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  609.596415][T15950] loop6: detected capacity change from 0 to 4096
[  609.712399][T15950] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  609.734032][T15950] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  609.913152][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.351020][T15962] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  610.378028][T15962] syzkaller0: entered promiscuous mode
[  610.403665][T15962] syzkaller0: entered allmulticast mode
[  610.461915][T15971] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3316'.
[  610.496554][T15962] tipc: Resetting bearer <eth:syzkaller0>
[  610.502733][T15972] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3315'.
[  610.552827][T15961] tipc: Resetting bearer <eth:syzkaller0>
[  610.658733][T15961] tipc: Disabling bearer <eth:syzkaller0>
[  610.741687][T15978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3318'.
[  610.747561][T15977] loop0: detected capacity change from 0 to 128
[  610.768636][   T30] audit: type=1800 audit(1758217186.932:2228): pid=15977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3319" name="file2" dev="loop0" ino=1048660 res=0 errno=0
[  610.806588][T15977] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  610.820404][T15977] FAT-fs (loop0): Filesystem has been set read-only
[  610.842958][T15977] bio_check_eod: 2505 callbacks suppressed
[  610.842981][T15977] syz.0.3319: attempt to access beyond end of device
[  610.842981][T15977] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  610.908312][T15977] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  610.945494][T15977] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  611.039767][T15980] syz.0.3319: attempt to access beyond end of device
[  611.039767][T15980] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[  611.082908][T15980] buffer_io_error: 2390 callbacks suppressed
[  611.082955][T15980] Buffer I/O error on dev loop0, logical block 2065, async page read
[  611.119855][T15980] syz.0.3319: attempt to access beyond end of device
[  611.119855][T15980] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128
[  611.146583][T15980] Buffer I/O error on dev loop0, logical block 2066, async page read
[  611.228406][T15980] syz.0.3319: attempt to access beyond end of device
[  611.228406][T15980] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[  611.282609][T15980] Buffer I/O error on dev loop0, logical block 2067, async page read
[  611.316581][T15980] syz.0.3319: attempt to access beyond end of device
[  611.316581][T15980] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  611.385884][T15980] Buffer I/O error on dev loop0, logical block 2068, async page read
[  611.416151][T15980] syz.0.3319: attempt to access beyond end of device
[  611.416151][T15980] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128
[  611.493714][T15980] Buffer I/O error on dev loop0, logical block 2069, async page read
[  611.526348][T15980] syz.0.3319: attempt to access beyond end of device
[  611.526348][T15980] loop0: rw=0, sector=2070, nr_sectors = 1 limit=128
[  611.797652][T15980] Buffer I/O error on dev loop0, logical block 2070, async page read
[  611.806899][T15980] syz.0.3319: attempt to access beyond end of device
[  611.806899][T15980] loop0: rw=0, sector=2071, nr_sectors = 1 limit=128
[  611.820215][T15980] Buffer I/O error on dev loop0, logical block 2071, async page read
[  611.829181][T15980] syz.0.3319: attempt to access beyond end of device
[  611.829181][T15980] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  611.850431][T15980] Buffer I/O error on dev loop0, logical block 2072, async page read
[  611.858572][T15981] syz.0.3319: attempt to access beyond end of device
[  611.858572][T15981] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[  612.408965][T15981] Buffer I/O error on dev loop0, logical block 2065, async page read
[  612.438260][T15981] Buffer I/O error on dev loop0, logical block 2066, async page read
[  614.275779][T16017] loop1: detected capacity change from 0 to 128
[  614.392507][T16017] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  614.499602][T16017] ext4 filesystem being mounted at /591/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  614.618960][T16021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3331'.
[  614.652382][T16023] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  615.184159][ T5865] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  615.262869][T16037] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3336'.
[  615.329884][T16037] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3336'.
[  615.465869][T16042] loop0: detected capacity change from 0 to 512
[  615.470506][T16044] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3335'.
[  615.533563][T16042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  615.549569][T16042] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  615.642396][T16049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3338'.
[  615.668087][T16053] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3339'.
[  615.834312][T16057] loop4: detected capacity change from 0 to 1024
[  615.951172][T16057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  616.043648][   T30] audit: type=1804 audit(1758217192.202:2229): pid=16057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3340" name="/newroot/543/file1/bus" dev="loop4" ino=18 res=1 errno=0
[  616.624858][T16063] loop7: detected capacity change from 0 to 128
[  616.668246][   T30] audit: type=1800 audit(1758217192.832:2230): pid=16063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop7" ino=1048661 res=0 errno=0
[  616.745223][T15543] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.343757][T16076] loop6: detected capacity change from 0 to 512
[  617.399045][T16076] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  617.466054][T16076] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  617.687781][T16086] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3349'.
[  617.854991][T16088] loop7: detected capacity change from 0 to 128
[  617.891716][T16088] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  617.933874][T16088] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  618.044158][T16092] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3351'.
[  618.278822][T14593] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  618.297951][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.318389][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.481542][T16099] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3348'.
[  618.511807][T16101] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3353'.
[  618.722562][T16107] loop6: detected capacity change from 0 to 512
[  618.789738][T16107] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  618.861213][T16107] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  618.955271][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  619.141770][T16124] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.228773][T16124] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.294506][T16124] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.399519][T16124] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.413495][T16131] loop6: detected capacity change from 0 to 128
[  619.458039][   T30] audit: type=1800 audit(1758217195.622:2231): pid=16131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=77DEA105FF07 name="bus" dev="loop6" ino=1048662 res=0 errno=0
[  619.678768][ T8098] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  619.767922][ T8096] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  619.827378][ T8089] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  619.850917][T16139] loop0: detected capacity change from 0 to 128
[  619.883983][T16140] loop2: detected capacity change from 0 to 164
[  619.903377][ T8089] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  619.912104][T16139] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  619.949814][   T49] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  619.950651][T16146] __nla_validate_parse: 6 callbacks suppressed
[  619.950673][T16146] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3368'.
[  619.980878][   T49] hid-generic 0000:0000:0000.0027: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  620.004966][T16139] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  620.151879][T16148] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3370'.
[  620.253192][T15543] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  620.445840][T16158] loop7: detected capacity change from 0 to 1024
[  620.683124][T16158] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  620.761644][   T30] audit: type=1804 audit(1758217196.922:2232): pid=16158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3372" name="/newroot/76/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  621.614375][T16171] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3376'.
[  622.674647][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.959999][T16185] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3378'.
[  623.079017][T16190] loop7: detected capacity change from 0 to 128
[  623.118611][T16189] loop1: detected capacity change from 0 to 512
[  623.249043][   T30] audit: type=1800 audit(1758217199.412:2233): pid=16190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3377" name="bus" dev="loop7" ino=1048663 res=0 errno=0
[  623.296248][T16191] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3379'.
[  623.356603][T16189] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  623.369269][T16189] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  623.399586][T16189] EXT4-fs (loop1): mount failed
[  623.523280][T16201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3381'.
[  623.729813][T16204] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3383'.
[  624.418862][T16214] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3385'.
[  624.439264][T16215] loop4: detected capacity change from 0 to 128
[  624.522888][T16215] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  624.576316][T16215] ext4 filesystem being mounted at /549/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  625.238955][T16227] loop7: detected capacity change from 0 to 1024
[  625.391051][T16227] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  625.506244][   T30] audit: type=1804 audit(1758217201.652:2234): pid=16227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3390" name="/newroot/80/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  627.288239][ T5872] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  627.359825][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.755603][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  627.766120][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  627.773915][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  627.782204][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  627.789905][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  627.949424][T16243] loop7: detected capacity change from 0 to 512
[  628.076983][T16238] lo speed is unknown, defaulting to 1000
[  628.091738][T16248] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3394'.
[  628.102906][T16246] loop4: detected capacity change from 0 to 164
[  628.133085][T16246] /dev/loop4: Can't open blockdev
[  628.236758][T16243] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.286028][    T9] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  628.357555][T16243] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  628.380730][    T9] hid-generic 0000:0000:0000.0028: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  628.630133][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.934094][T16261] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3398'.
[  629.183038][T16263] loop7: detected capacity change from 0 to 128
[  629.236865][   T30] audit: type=1800 audit(1758217205.402:2235): pid=16263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3399" name="file2" dev="loop7" ino=1048664 res=0 errno=0
[  629.238207][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.295474][T16265] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3400'.
[  629.338519][T16263] FAT-fs (loop7): Filesystem has been set read-only
[  629.367731][T16263] bio_check_eod: 479 callbacks suppressed
[  629.367756][T16263] syz.7.3399: attempt to access beyond end of device
[  629.367756][T16263] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  629.431950][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.439814][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.496098][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.496681][T16266] syz.7.3399: attempt to access beyond end of device
[  629.496681][T16266] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  629.528569][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.550404][T16266] buffer_io_error: 478 callbacks suppressed
[  629.550428][T16266] Buffer I/O error on dev loop7, logical block 2065, async page read
[  629.576052][T16266] syz.7.3399: attempt to access beyond end of device
[  629.576052][T16266] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[  629.585754][T16263] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  629.600537][ T8098] tipc: Resetting bearer <eth:syzkaller0>
[  629.607747][T16266] Buffer I/O error on dev loop7, logical block 2066, async page read
[  629.618627][T16266] syz.7.3399: attempt to access beyond end of device
[  629.618627][T16266] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[  629.638904][T16266] Buffer I/O error on dev loop7, logical block 2067, async page read
[  629.670033][T16266] syz.7.3399: attempt to access beyond end of device
[  629.670033][T16266] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[  629.717579][T16266] Buffer I/O error on dev loop7, logical block 2068, async page read
[  629.742217][T16266] syz.7.3399: attempt to access beyond end of device
[  629.742217][T16266] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128
[  629.774674][T16266] Buffer I/O error on dev loop7, logical block 2069, async page read
[  629.786557][T16266] syz.7.3399: attempt to access beyond end of device
[  629.786557][T16266] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128
[  629.834784][   T51] Bluetooth: hci0: command tx timeout
[  629.846439][T16266] Buffer I/O error on dev loop7, logical block 2070, async page read
[  629.875920][T16266] syz.7.3399: attempt to access beyond end of device
[  629.875920][T16266] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128
[  629.941183][T16266] Buffer I/O error on dev loop7, logical block 2071, async page read
[  629.951529][T16266] syz.7.3399: attempt to access beyond end of device
[  629.951529][T16266] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  629.965175][T16266] Buffer I/O error on dev loop7, logical block 2072, async page read
[  629.977166][T16267] syz.7.3399: attempt to access beyond end of device
[  629.977166][T16267] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  629.996933][T16267] Buffer I/O error on dev loop7, logical block 2065, async page read
[  630.005945][T16267] Buffer I/O error on dev loop7, logical block 2066, async page read
[  630.240664][T16287] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3405'.
[  630.320218][T16292] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3407'.
[  630.436561][ T8098] tipc: Disabling bearer <eth:syzkaller0>
[  630.592853][T16300] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3408'.
[  630.740631][T16302] loop7: detected capacity change from 0 to 512
[  630.757788][T16302] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.771614][T16302] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  630.875136][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.008353][T16306] loop7: detected capacity change from 0 to 512
[  631.040156][T16306] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  631.064539][T16306] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  631.265819][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.303432][ T8098] $Hÿ (unregistering): Released all slaves
[  631.363457][ T8098] bond0 (unregistering): Released all slaves
[  631.406376][ T8098] bond1 (unregistering): Released all slaves
[  631.453513][ T8098] bond2 (unregistering): Released all slaves
[  631.477655][ T8098] bond3 (unregistering): Released all slaves
[  631.516933][ T8098] bond4 (unregistering): Released all slaves
[  631.765623][ T8098] tipc: Left network mode
[  631.855986][ T8098] IPVS: stopping backup sync thread 14889 ...
[  631.910494][   T51] Bluetooth: hci0: command tx timeout
[  631.922828][T16324] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3414'.
[  632.088941][T16330] loop4: detected capacity change from 0 to 128
[  632.115908][T16238] chnl_net:caif_netlink_parms(): no params data found
[  632.185113][T16335] loop2: detected capacity change from 0 to 164
[  632.214989][   T49] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0
[  632.255512][   T49] hid-generic 0000:0000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  632.479414][T16341] loop7: detected capacity change from 0 to 128
[  632.500769][T16340] loop4: detected capacity change from 0 to 512
[  632.582609][   T30] audit: type=1800 audit(1758217208.752:2236): pid=16341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3420" name="file2" dev="loop7" ino=1048665 res=0 errno=0
[  632.584144][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.661230][T16341] FAT-fs (loop7): Filesystem has been set read-only
[  632.668218][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.710499][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.741986][T16340] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  632.816445][T16340] ext4 filesystem being mounted at /555/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  632.821347][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.849989][T16351] loop6: detected capacity change from 0 to 512
[  632.865208][T16353] loop0: detected capacity change from 0 to 512
[  632.880673][T16340] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.3419: corrupted inode contents
[  632.896234][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.936171][T16340] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.3419: mark_inode_dirty error
[  632.947967][T16341] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  632.956037][T16340] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.3419: corrupted inode contents
[  632.990255][T16351] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.005627][T16353] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.027730][T16357] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.3419: corrupted inode contents
[  633.040453][T16351] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  633.068615][T16353] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  633.101151][T16357] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.3419: mark_inode_dirty error
[  633.149329][T16357] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.3419: corrupted inode contents
[  633.242798][T16238] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.263430][T16238] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.302177][T16238] bridge_slave_0: entered allmulticast mode
[  633.337790][T16238] bridge_slave_0: entered promiscuous mode
[  633.340014][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.385484][T16238] bridge0: port 2(bridge_slave_1) entered blocking state
[  633.408219][T16238] bridge0: port 2(bridge_slave_1) entered disabled state
[  633.431011][T16238] bridge_slave_1: entered allmulticast mode
[  633.449366][T16238] bridge_slave_1: entered promiscuous mode
[  633.498799][T16362] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3423'.
[  633.532206][ T8098] hsr_slave_0: left promiscuous mode
[  633.544836][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.564316][ T8098] hsr_slave_1: left promiscuous mode
[  633.591238][T16364] netlink: 92 bytes leftover after parsing attributes in process `syz.7.3425'.
[  633.595548][T15543] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.768839][T16370] loop4: detected capacity change from 0 to 1024
[  633.865982][T16372] loop2: detected capacity change from 0 to 1024
[  633.924810][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  633.931392][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  634.007229][   T51] Bluetooth: hci0: command tx timeout
[  634.061829][T16372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.198099][   T30] audit: type=1804 audit(1758217210.292:2237): pid=16372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3424" name="/newroot/565/file1/bus" dev="loop2" ino=18 res=1 errno=0
[  634.571834][T16370] EXT4-fs: Ignoring removed bh option
[  634.577307][T16370] EXT4-fs: inline encryption not supported
[  634.644836][T16370] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  634.733812][T16370] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.3426: lblock 2 mapped to illegal pblock 2 (length 1)
[  634.794557][T16370] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  634.827873][T16379] loop0: detected capacity change from 0 to 128
[  634.834373][T16370] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.3426: lblock 0 mapped to illegal pblock 48 (length 1)
[  634.876146][T16379] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  634.908826][T16370] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  634.928438][T16370] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.3426: Failed to acquire dquot type 0
[  634.951705][T16379] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  634.991702][T16370] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  635.028958][T16370] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.3426: mark_inode_dirty error
[  635.053202][T16370] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  635.105791][T16370] EXT4-fs (loop4): 1 orphan inode deleted
[  635.142645][T16370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.173167][   T77] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  635.242095][   T77] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  635.267655][   T77] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 0
[  635.316617][T15543] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  635.332207][T16370] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  635.585987][   T77] smc: removing ib device syz!
[  636.079162][   T51] Bluetooth: hci0: command tx timeout
[  636.171400][T16381] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  636.175832][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.196609][T16381] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.3426: lblock 0 mapped to illegal pblock 48 (length 1)
[  636.217510][T16381] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=-117
[  636.228821][T16381] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  636.362058][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.446301][T16389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3430'.
[  636.477604][T16238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.661892][T16393] loop4: detected capacity change from 0 to 128
[  636.688935][T16238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.996503][T16402] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3433'.
[  637.159165][T16406] loop4: detected capacity change from 0 to 1024
[  637.183949][T16238] team0: Port device team_slave_0 added
[  637.249090][T16406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  637.249793][T16238] team0: Port device team_slave_1 added
[  637.306033][   T30] audit: type=1804 audit(1758217213.452:2238): pid=16406 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3434" name="/newroot/558/file1/bus" dev="loop4" ino=18 res=1 errno=0
[  637.338461][T16410] loop2: detected capacity change from 0 to 164
[  637.373418][T16412] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3435'.
[  637.416669][ T5935] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0
[  637.443241][ T5935] hid-generic 0000:0000:0000.002A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  637.792367][T16238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  637.830020][T16238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  637.953439][T16238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  637.978825][T16414] loop7: detected capacity change from 0 to 128
[  637.982429][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.058812][T16414] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  638.068103][   T30] audit: type=1800 audit(1758217214.222:2239): pid=16414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3437" name="file2" dev="loop7" ino=1048666 res=0 errno=0
[  638.095221][T16238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  638.108328][T16414] FAT-fs (loop7): Filesystem has been set read-only
[  638.127611][T16238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.159917][T16414] bio_check_eod: 1065 callbacks suppressed
[  638.159940][T16414] syz.7.3437: attempt to access beyond end of device
[  638.159940][T16414] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  638.199467][T16414] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  638.207442][T16238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  638.218424][T16414] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  638.243941][T16419] syz.7.3437: attempt to access beyond end of device
[  638.243941][T16419] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  638.298889][   T30] audit: type=1326 audit(1758217214.462:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16417 comm="syz.0.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1ae58eba9 code=0x7ffc0000
[  638.342054][T16419] buffer_io_error: 1062 callbacks suppressed
[  638.342077][T16419] Buffer I/O error on dev loop7, logical block 2065, async page read
[  638.400718][T16419] syz.7.3437: attempt to access beyond end of device
[  638.400718][T16419] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[  638.408861][   T30] audit: type=1326 audit(1758217214.492:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16417 comm="syz.0.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1ae58eba9 code=0x7ffc0000
[  638.452197][T16418] loop0: detected capacity change from 0 to 2048
[  638.468869][T16419] Buffer I/O error on dev loop7, logical block 2066, async page read
[  638.495267][T16425] loop4: detected capacity change from 0 to 1024
[  638.500669][   T30] audit: type=1326 audit(1758217214.502:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16417 comm="syz.0.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1ae58eba9 code=0x7ffc0000
[  638.510823][T16419] syz.7.3437: attempt to access beyond end of device
[  638.510823][T16419] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[  638.541859][T16425] EXT4-fs: Ignoring removed nobh option
[  638.574208][T16419] Buffer I/O error on dev loop7, logical block 2067, async page read
[  638.601289][T16425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  638.610431][   T30] audit: type=1326 audit(1758217214.502:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16417 comm="syz.0.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1ae58eba9 code=0x7ffc0000
[  638.636115][T16419] syz.7.3437: attempt to access beyond end of device
[  638.636115][T16419] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[  638.720887][T16419] Buffer I/O error on dev loop7, logical block 2068, async page read
[  638.729178][T16419] syz.7.3437: attempt to access beyond end of device
[  638.729178][T16419] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128
[  638.743406][T16419] Buffer I/O error on dev loop7, logical block 2069, async page read
[  638.762479][T16418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  638.774787][T16419] syz.7.3437: attempt to access beyond end of device
[  638.774787][T16419] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128
[  638.808577][T16419] Buffer I/O error on dev loop7, logical block 2070, async page read
[  638.823094][T16419] syz.7.3437: attempt to access beyond end of device
[  638.823094][T16419] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128
[  638.866817][T16419] Buffer I/O error on dev loop7, logical block 2071, async page read
[  638.890103][T16419] syz.7.3437: attempt to access beyond end of device
[  638.890103][T16419] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  638.956061][T16238] hsr_slave_0: entered promiscuous mode
[  638.968664][T16419] Buffer I/O error on dev loop7, logical block 2072, async page read
[  638.987410][T16238] hsr_slave_1: entered promiscuous mode
[  638.988634][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  639.023809][T16419] syz.7.3437: attempt to access beyond end of device
[  639.023809][T16419] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  639.048040][T16419] Buffer I/O error on dev loop7, logical block 2065, async page read
[  639.058206][T16421] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  639.076497][T16421] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 402 with error 28
[  639.091948][T16419] Buffer I/O error on dev loop7, logical block 2066, async page read
[  639.110611][T16421] EXT4-fs (loop0): This should not happen!! Data will be lost
[  639.110611][T16421] 
[  639.121940][T16238] debugfs: 'hsr0' already exists in 'hsr'
[  639.127670][T16238] Cannot create hsr debugfs directory
[  639.147054][T16421] EXT4-fs (loop0): Total free blocks count 0
[  639.154635][T16421] EXT4-fs (loop0): Free/Dirty block details
[  639.161116][T16421] EXT4-fs (loop0): free_blocks=2415919104
[  639.167040][T16421] EXT4-fs (loop0): dirty_blocks=416
[  639.173451][T16421] EXT4-fs (loop0): Block reservation details
[  639.179616][T16421] EXT4-fs (loop0): i_reserved_data_blocks=26
[  639.509309][T16441] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3444'.
[  639.537382][T16441] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3444'.
[  639.548771][T16443] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3445'.
[  639.580998][T16441] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3444'.
[  639.745140][ T7638] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  639.885535][T16447] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3446'.
[  640.183575][T16462] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3448'.
[  640.406697][T16466] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3450'.
[  640.431762][T16466] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3450'.
[  640.782348][T16475] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3452'.
[  640.951970][   T30] kauditd_printk_skb: 184 callbacks suppressed
[  640.951995][   T30] audit: type=1326 audit(1758217217.122:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  640.991367][   T30] audit: type=1326 audit(1758217217.152:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.026490][   T30] audit: type=1326 audit(1758217217.192:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.098128][   T30] audit: type=1326 audit(1758217217.192:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.168263][   T30] audit: type=1326 audit(1758217217.192:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.207920][T16484] loop0: detected capacity change from 0 to 164
[  641.241575][T16480] loop2: detected capacity change from 0 to 2048
[  641.263857][   T10] hid-generic 0000:0000:0000.002B: unknown main item tag 0x0
[  641.270433][   T30] audit: type=1326 audit(1758217217.192:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.300906][   T10] hid-generic 0000:0000:0000.002B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  641.311137][   T30] audit: type=1326 audit(1758217217.192:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.338032][T16486] loop4: detected capacity change from 0 to 128
[  641.366748][   T30] audit: type=1326 audit(1758217217.192:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.389743][   T30] audit: type=1326 audit(1758217217.192:2436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.401506][T16480] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  641.412585][   T30] audit: type=1326 audit(1758217217.192:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16476 comm="syz.4.3455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1178eba9 code=0x7ffc0000
[  641.467641][T16486] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  641.476421][T16486] FAT-fs (loop4): Filesystem has been set read-only
[  641.483440][T16486] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  641.500498][T16486] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  641.609136][ T8098] IPVS: stop unused estimator thread 0...
[  641.742559][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.866864][T16497] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3461'.
[  642.306471][T16504] loop7: detected capacity change from 0 to 1024
[  642.437282][T16504] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  642.538321][T16504] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4182: comm syz.7.3463: Allocating blocks 385-513 which overlap fs metadata
[  642.557473][T16504] EXT4-fs (loop7): Remounting filesystem read-only
[  642.985199][T16501] EXT4-fs (loop7): pa ffff88804fca2658: logic 16, phys. 129, len 24
[  643.044512][T16238] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  643.202662][T16238] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  644.135494][T16238] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  644.301706][T16238] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  644.817315][T16536] loop2: detected capacity change from 0 to 128
[  644.909388][T16238] 8021q: adding VLAN 0 to HW filter on device bond0
[  644.934863][T16536] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  644.945028][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.972872][T16536] FAT-fs (loop2): Filesystem has been set read-only
[  644.974039][T16238] 8021q: adding VLAN 0 to HW filter on device team0
[  645.004003][ T8098] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.010482][T16536] bio_check_eod: 2064 callbacks suppressed
[  645.010504][T16536] syz.2.3469: attempt to access beyond end of device
[  645.010504][T16536] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  645.011200][ T8098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.017101][T16536] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  645.035374][T16539] __nla_validate_parse: 4 callbacks suppressed
[  645.035396][T16539] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3470'.
[  645.044729][T16536] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  645.071995][T16536] syz.2.3469: attempt to access beyond end of device
[  645.071995][T16536] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  645.085743][T16536] syz.2.3469: attempt to access beyond end of device
[  645.085743][T16536] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  645.105396][T16536] syz.2.3469: attempt to access beyond end of device
[  645.105396][T16536] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  645.128598][T16535] syz.2.3469: attempt to access beyond end of device
[  645.128598][T16535] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  645.159578][ T8114] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.166773][ T8114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  645.174801][T16535] syz.2.3469: attempt to access beyond end of device
[  645.174801][T16535] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  645.189164][T16540] syz.2.3469: attempt to access beyond end of device
[  645.189164][T16540] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  645.219550][T16540] buffer_io_error: 2062 callbacks suppressed
[  645.219574][T16540] Buffer I/O error on dev loop2, logical block 2065, async page read
[  645.310227][T16540] syz.2.3469: attempt to access beyond end of device
[  645.310227][T16540] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128
[  645.399362][T16540] Buffer I/O error on dev loop2, logical block 2066, async page read
[  645.428947][T16540] syz.2.3469: attempt to access beyond end of device
[  645.428947][T16540] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128
[  645.450275][T16540] Buffer I/O error on dev loop2, logical block 2067, async page read
[  645.512663][T16540] syz.2.3469: attempt to access beyond end of device
[  645.512663][T16540] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128
[  645.577728][T16540] Buffer I/O error on dev loop2, logical block 2068, async page read
[  645.639867][T16540] Buffer I/O error on dev loop2, logical block 2069, async page read
[  645.675770][T16540] Buffer I/O error on dev loop2, logical block 2070, async page read
[  645.702495][T16540] Buffer I/O error on dev loop2, logical block 2071, async page read
[  645.724973][T16561] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  645.726059][T16540] Buffer I/O error on dev loop2, logical block 2072, async page read
[  645.737257][T16561] tipc: Resetting bearer <eth:syzkaller0>
[  645.754160][T16563] loop0: detected capacity change from 0 to 164
[  645.775441][T16540] Buffer I/O error on dev loop2, logical block 2065, async page read
[  645.786490][T16540] Buffer I/O error on dev loop2, logical block 2066, async page read
[  645.805353][T16559] tipc: Disabling bearer <eth:syzkaller0>
[  645.850088][   T49] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0
[  645.920028][   T49] hid-generic 0000:0000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  645.960897][T16540] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3469'.
[  646.151210][T16574] loop7: detected capacity change from 0 to 1024
[  646.206212][T16574] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.231517][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  646.231539][   T30] audit: type=1804 audit(1758217222.402:2446): pid=16574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3479" name="/newroot/98/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  646.538960][T16583] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3480'.
[  646.815008][T16238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.906648][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  647.116290][T16238] veth0_vlan: entered promiscuous mode
[  647.168039][T16238] veth1_vlan: entered promiscuous mode
[  647.329619][T16238] veth0_macvtap: entered promiscuous mode
[  647.474099][T16238] veth1_macvtap: entered promiscuous mode
[  647.558690][T16238] batman_adv: batadv0: Interface activated: batadv_slave_0
[  647.715886][T16598] loop7: detected capacity change from 0 to 1024
[  647.816954][T16598] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  647.904092][   T30] audit: type=1804 audit(1758217224.052:2447): pid=16598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3483" name="/newroot/100/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  647.937522][T16598] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4182: comm syz.7.3483: Allocating blocks 385-513 which overlap fs metadata
[  648.033175][T16598] EXT4-fs (loop7): Remounting filesystem read-only
[  648.375010][T16593] EXT4-fs (loop7): pa ffff88804fca2488: logic 16, phys. 129, len 24
[  648.575108][T16238] batman_adv: batadv0: Interface activated: batadv_slave_1
[  649.812868][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.816513][T16607] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3485'.
[  649.908302][ T8114] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  649.936994][T16610] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3484'.
[  649.969873][ T8114] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  650.028332][ T8114] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  650.173651][ T8114] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  650.289331][T16612] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3486'.
[  650.461238][ T7638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.509334][ T7638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.719699][ T8090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.818264][ T8090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.966114][T16627] loop6: detected capacity change from 0 to 512
[  651.001689][T16627] EXT4-fs: Ignoring removed oldalloc option
[  651.132807][T16627] EXT4-fs error (device loop6): ext4_xattr_inode_iget:432: comm syz.6.3492: Parent and EA inode have the same ino 15
[  651.256861][T16627] EXT4-fs (loop6): 1 orphan inode deleted
[  651.268412][T16636] loop7: detected capacity change from 0 to 1024
[  651.269927][T16622] loop0: detected capacity change from 0 to 8192
[  651.302616][T16627] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  651.350177][T16636] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.370304][   T30] audit: type=1804 audit(1758217227.532:2448): pid=16636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3493" name="/newroot/103/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  651.522976][T13471] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.539440][T16642] loop1: detected capacity change from 0 to 512
[  651.582690][T16642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.620622][T16642] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  651.794548][T16652] loop4: detected capacity change from 0 to 1024
[  651.904257][T16652] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.409109][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.677930][T16238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.729462][T16659] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3498'.
[  652.913513][T16663] netlink: 44 bytes leftover after parsing attributes in process `syz.7.3501'.
[  653.055156][T16666] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3500'.
[  654.187716][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.213129][T16683] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3509'.
[  654.234641][T16685] loop2: detected capacity change from 0 to 128
[  654.294203][T16685] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  654.341651][T16691] loop7: detected capacity change from 0 to 512
[  654.359299][T16685] ext4 filesystem being mounted at /580/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  654.473733][T16691] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  654.490100][T16691] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  654.492152][T16694] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3502'.
[  654.527732][ T5864] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  654.656512][T16705] syzkaller0: entered promiscuous mode
[  654.671329][T16705] syzkaller0: entered allmulticast mode
[  654.684074][T16698] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3515'.
[  654.842553][T16711] loop1: detected capacity change from 0 to 1024
[  654.898613][T16711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  654.928522][T16717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3520'.
[  655.027964][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.083010][T16720] loop0: detected capacity change from 0 to 164
[  655.126045][ T5935] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[  655.130832][   T30] audit: type=1804 audit(1758217231.292:2449): pid=16723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3518" name="/newroot/3/file1/file1" dev="loop1" ino=15 res=1 errno=0
[  655.164125][ T5935] hid-generic 0000:0000:0000.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  655.246794][T16725] loop7: detected capacity change from 0 to 128
[  655.293095][T16725] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  655.302580][   T30] audit: type=1800 audit(1758217231.452:2450): pid=16725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3522" name="file2" dev="loop7" ino=1048674 res=0 errno=0
[  655.332129][T16725] FAT-fs (loop7): Filesystem has been set read-only
[  655.339056][T16725] bio_check_eod: 508 callbacks suppressed
[  655.339078][T16725] syz.7.3522: attempt to access beyond end of device
[  655.339078][T16725] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  655.380628][T16238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.404454][T16725] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  655.418605][T16725] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  655.450105][T16728] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  655.467225][T16728] syz.7.3522: attempt to access beyond end of device
[  655.467225][T16728] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  655.614858][T16731] loop2: detected capacity change from 0 to 1024
[  655.770051][T16731] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  655.862518][T16731] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4182: comm syz.2.3524: Allocating blocks 385-513 which overlap fs metadata
[  655.879281][T16731] EXT4-fs (loop2): Remounting filesystem read-only
[  656.020925][T16728] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  656.198061][T16728] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  656.306758][T16727] EXT4-fs (loop2): pa ffff88804fdaad98: logic 16, phys. 129, len 24
[  656.360529][T16728] syz.7.3522: attempt to access beyond end of device
[  656.360529][T16728] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[  656.421081][T16728] buffer_io_error: 502 callbacks suppressed
[  656.421108][T16728] Buffer I/O error on dev loop7, logical block 2065, async page read
[  656.445478][   T30] audit: type=1326 audit(1758217232.612:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  656.476864][ T5878] Bluetooth: hci4: command 0x0405 tx timeout
[  656.496623][T16728] syz.7.3522: attempt to access beyond end of device
[  656.496623][T16728] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[  656.523903][   T30] audit: type=1326 audit(1758217232.612:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  656.584534][T16728] Buffer I/O error on dev loop7, logical block 2066, async page read
[  656.640915][T16728] syz.7.3522: attempt to access beyond end of device
[  656.640915][T16728] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[  656.720075][   T30] audit: type=1326 audit(1758217232.662:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  656.770072][T16728] Buffer I/O error on dev loop7, logical block 2067, async page read
[  656.838154][T16728] syz.7.3522: attempt to access beyond end of device
[  656.838154][T16728] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[  656.890733][   T30] audit: type=1326 audit(1758217232.662:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  656.929323][T16728] Buffer I/O error on dev loop7, logical block 2068, async page read
[  656.963212][T16740] loop4: detected capacity change from 0 to 2048
[  656.975787][T16728] syz.7.3522: attempt to access beyond end of device
[  656.975787][T16728] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128
[  657.043529][   T30] audit: type=1326 audit(1758217232.662:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  657.081356][T16740] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  657.097545][T16728] Buffer I/O error on dev loop7, logical block 2069, async page read
[  657.128870][T16728] syz.7.3522: attempt to access beyond end of device
[  657.128870][T16728] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128
[  657.204683][   T30] audit: type=1326 audit(1758217232.662:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  657.239315][T16740] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  657.258090][T16728] Buffer I/O error on dev loop7, logical block 2070, async page read
[  657.301639][T16728] syz.7.3522: attempt to access beyond end of device
[  657.301639][T16728] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128
[  657.367455][   T30] audit: type=1326 audit(1758217232.662:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  657.398155][T16728] Buffer I/O error on dev loop7, logical block 2071, async page read
[  657.446771][T16728] syz.7.3522: attempt to access beyond end of device
[  657.446771][T16728] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  657.542567][T16728] Buffer I/O error on dev loop7, logical block 2072, async page read
[  657.552763][   T30] audit: type=1326 audit(1758217232.682:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  657.592524][ T5872] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  657.615887][T16728] Buffer I/O error on dev loop7, logical block 2065, async page read
[  657.664659][T16728] Buffer I/O error on dev loop7, logical block 2066, async page read
[  657.692609][   T30] audit: type=1326 audit(1758217232.682:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  657.836490][   T30] audit: type=1326 audit(1758217232.682:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.6.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f7d15f8eba9 code=0x7ffc0000
[  658.341798][T16756] syzkaller0: entered promiscuous mode
[  658.367734][T16756] syzkaller0: entered allmulticast mode
[  658.581689][T16759] loop1: detected capacity change from 0 to 512
[  658.647396][T16759] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.719632][T16759] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  659.313243][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.342957][T16773] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3538'.
[  659.366262][T16238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.747835][T16789] IPv6: Can't replace route, no match found
[  659.908219][T16794] loop7: detected capacity change from 0 to 1024
[  660.007331][T16794] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  660.344334][T16801] loop6: detected capacity change from 0 to 164
[  660.470013][ T5935] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0
[  660.601034][ T5935] hid-generic 0000:0000:0000.002E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  660.818997][T16805] syzkaller0: entered promiscuous mode
[  660.868723][T16805] syzkaller0: entered allmulticast mode
[  662.016085][T16812] loop1: detected capacity change from 0 to 1024
[  662.057553][T16814] loop0: detected capacity change from 0 to 1024
[  662.082887][T16812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  662.106037][T16812] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4182: comm syz.1.3552: Allocating blocks 385-513 which overlap fs metadata
[  662.122446][T16812] EXT4-fs (loop1): Remounting filesystem read-only
[  662.133285][T16814] EXT4-fs: Ignoring removed nobh option
[  662.200752][T16814] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  662.504782][T16811] EXT4-fs (loop1): pa ffff888056436828: logic 16, phys. 129, len 24
[  662.765848][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  662.785800][T15543] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.157384][T16238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.219316][T16832] loop2: detected capacity change from 0 to 8192
[  664.280227][T16832] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  664.283432][T16836] loop7: detected capacity change from 0 to 512
[  664.437713][T16840] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3562'.
[  664.470164][T16840] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  664.489541][T16840] batman_adv: batadv0: Removing interface: batadv_slave_0
[  664.609181][T16836] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  665.338775][T16840] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  665.348899][T16840] batman_adv: batadv0: Removing interface: batadv_slave_1
[  665.356904][T16836] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  665.403988][T16842] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3561'.
[  665.482950][T16849] lo speed is unknown, defaulting to 1000
[  665.867970][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.153914][T16873] loop0: detected capacity change from 0 to 512
[  666.175481][T16863] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.216128][T16873] EXT4-fs (loop0): failed to initialize system zone (-117)
[  666.228599][T16873] EXT4-fs (loop0): mount failed
[  666.448593][T16863] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.727102][T16863] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.818133][T16892] loop2: detected capacity change from 0 to 1024
[  667.469068][T16892] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  667.549686][T16892] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4182: comm syz.2.3573: Allocating blocks 385-513 which overlap fs metadata
[  667.608821][T16892] EXT4-fs (loop2): Remounting filesystem read-only
[  667.744823][T16887] EXT4-fs (loop2): pa ffff888056436570: logic 16, phys. 129, len 24
[  668.193955][T16863] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.762417][T16904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3576'.
[  669.112070][ T6039] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.256670][ T8086] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  669.337783][ T6039] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  669.366540][ T5864] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.390773][ T6017] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  669.528203][T16912] loop7: detected capacity change from 0 to 512
[  669.612765][T16912] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  669.663710][T16912] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  669.692071][T16917] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3581'.
[  669.903707][T16907] lo speed is unknown, defaulting to 1000
[  670.062309][T16932] loop1: detected capacity change from 0 to 512
[  670.105969][T16932] EXT4-fs (loop1): orphan cleanup on readonly fs
[  670.159708][T16932] EXT4-fs warning (device loop1): ext4_xattr_inode_get:555: inode #11: comm syz.1.3584: EA inode hash validation failed
[  670.260810][T16932] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  670.304549][T16932] ------------[ cut here ]------------
[  670.307744][T14593] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.310780][T16932] EA inode 11 ref_count=-1
[  670.322580][T16932] WARNING: CPU: 0 PID: 16932 at fs/ext4/xattr.c:1047 ext4_xattr_inode_update_ref+0x3d4/0x570
[  670.338785][T16932] Modules linked in:
[  670.344453][T16932] CPU: 0 UID: 0 PID: 16932 Comm: syz.1.3584 Not tainted syzkaller #0 PREEMPT(full) 
[  670.353988][T16932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  670.364254][T16932] RIP: 0010:ext4_xattr_inode_update_ref+0x3d4/0x570
[  670.370933][T16932] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 9b 01 00 00 48 8b 73 40 4c 89 e2 48 c7 c7 60 03 c8 8b e8 ad 6f f0 fe 90 <0f> 0b 90 90 e9 4d fe ff ff e8 7e ca 31 ff 44 0f b6 3d 6e 2f 0a 0e
[  670.392509][T16932] RSP: 0018:ffffc900045bf430 EFLAGS: 00010282
[  670.398602][T16932] RAX: 0000000000000000 RBX: ffff88805343bbf8 RCX: ffffc90018613000
[  670.406759][T16932] RDX: 0000000000080000 RSI: ffffffff817a4395 RDI: 0000000000000001
[  670.415353][T16932] RBP: ffffc900045bf4f0 R08: 0000000000000001 R09: 0000000000000000
[  670.424315][T16932] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffffffffffff
[  670.432370][T16932] R13: 1ffff920008b7e89 R14: ffff88805343bcd0 R15: 0000000000000000
[  670.441896][T16932] FS:  00007f7e267416c0(0000) GS:ffff8881246b3000(0000) knlGS:0000000000000000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  670.452190][T16932] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  670.458792][T16932] CR2: 00005555660b7808 CR3: 0000000051659000 CR4: 0000000000350ef0
[  670.466845][T16932] Call Trace:
[  670.470129][T16932]  <TASK>
[  670.473140][T16932]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  670.479542][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.485270][T16932]  ? __ext4_journal_ensure_credits+0x25e/0x2f0
[  670.491515][T16932]  ext4_xattr_inode_dec_ref_all+0x52a/0xed0
[  670.497505][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.503521][T16932]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  670.509995][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.515687][T16932]  ? errseq_check+0x4f/0x90
[  670.520231][T16932]  ext4_xattr_delete_inode+0x4ee/0xb80
[  670.525782][T16932]  ? rcu_is_watching+0x12/0xc0
[  670.530654][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.536343][T16932]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  670.543953][T16932]  ? ext4_journal_check_start+0x22b/0x340
[  670.549707][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.556862][T16932]  ? __ext4_journal_start_sb+0x19e/0x690
[  670.563518][T16932]  ? ext4_evict_inode+0x5cf/0x18e0
[  670.568677][T16932]  ext4_evict_inode+0x7d6/0x18e0
[  670.573736][T16932]  ? __pfx_ext4_evict_inode+0x10/0x10
[  670.579145][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.584882][T16932]  ? __pfx_ext4_evict_inode+0x10/0x10
[  670.590292][T16932]  evict+0x3e6/0x920
[  670.594256][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.599919][T16932]  ? __pfx_evict+0x10/0x10
[  670.604431][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.610103][T16932]  iput+0x521/0x880
[  670.614007][T16932]  ? __pfx_ext4_drop_inode+0x10/0x10
[  670.619320][T16932]  ext4_orphan_cleanup+0x731/0x11e0
[  670.624624][T16932]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  670.630297][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.636000][T16932]  ? ext4_register_li_request+0xec/0x9b0
[  670.643328][T16932]  ext4_fill_super+0x8a38/0xafa0
[  670.648345][T16932]  ? __pfx_ext4_fill_super+0x10/0x10
[  670.654916][T16932]  ? do_raw_spin_lock+0x12c/0x2b0
[  670.659964][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.665669][T16932]  ? find_held_lock+0x2b/0x80
[  670.670437][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.676099][T16932]  ? set_blocksize+0x406/0x500
[  670.680954][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.686620][T16932]  ? sb_set_blocksize+0x176/0x1d0
[  670.691724][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.697387][T16932]  ? setup_bdev_super+0x369/0x730
[  670.702510][T16932]  get_tree_bdev_flags+0x38c/0x620
[  670.707665][T16932]  ? __pfx_ext4_fill_super+0x10/0x10
[  670.713026][T16932]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  670.718703][T16932]  ? apparmor_capable+0x114/0x1d0
[  670.723819][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.729481][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.735240][T16932]  ? security_capable+0x7e/0x260
[  670.740210][T16932]  vfs_get_tree+0x8e/0x340
[  670.746251][T16932]  path_mount+0x1513/0x2000
[  670.752079][T16932]  ? __pfx_path_mount+0x10/0x10
[  670.756962][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.762675][T16932]  ? kmem_cache_free+0x2d1/0x4d0
[  670.767666][T16932]  ? putname+0x154/0x1a0
[  670.771992][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.777654][T16932]  ? putname+0x154/0x1a0
[  670.781987][T16932]  ? __x64_sys_mount+0x28d/0x310
[  670.786949][T16932]  __x64_sys_mount+0x28d/0x310
[  670.791831][T16932]  ? __pfx___x64_sys_mount+0x10/0x10
[  670.797140][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.802874][T16932]  do_syscall_64+0xcd/0x4e0
[  670.807411][T16932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.813380][T16932] RIP: 0033:0x7f7e2599034a
[  670.817808][T16932] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  670.837522][T16932] RSP: 002b:00007f7e26740e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  670.846021][T16932] RAX: ffffffffffffffda RBX: 00007f7e26740ef0 RCX: 00007f7e2599034a
[  670.855600][T16932] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f7e26740eb0
[  670.864944][T16932] RBP: 0000200000000180 R08: 00007f7e26740ef0 R09: 000000000080078b
[  670.873245][T16932] R10: 000000000080078b R11: 0000000000000246 R12: 00002000000001c0
[  670.881263][T16932] R13: 00007f7e26740eb0 R14: 0000000000000473 R15: 0000200000000680
[  670.889272][T16932]  </TASK>
[  670.892363][T16932] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  670.899650][T16932] CPU: 0 UID: 0 PID: 16932 Comm: syz.1.3584 Not tainted syzkaller #0 PREEMPT(full) 
[  670.909043][T16932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  670.919097][T16932] Call Trace:
[  670.922373][T16932]  <TASK>
[  670.925311][T16932]  dump_stack_lvl+0x3d/0x1f0
[  670.929930][T16932]  vpanic+0x6e8/0x7a0
[  670.933939][T16932]  ? __pfx_vpanic+0x10/0x10
[  670.938471][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  670.944122][T16932]  ? ext4_xattr_inode_update_ref+0x3d4/0x570
[  670.950202][T16932]  panic+0xca/0xd0
[  670.953952][T16932]  ? __pfx_panic+0x10/0x10
[  670.958423][T16932]  check_panic_on_warn+0xab/0xb0
[  670.963374][T16932]  __warn+0xf6/0x3c0
[  670.967273][T16932]  ? preempt_schedule_notrace+0x62/0xe0
[  670.972841][T16932]  ? ext4_xattr_inode_update_ref+0x3d4/0x570
[  670.978849][T16932]  report_bug+0x3c3/0x580
[  670.983200][T16932]  ? ext4_xattr_inode_update_ref+0x3d4/0x570
[  670.989208][T16932]  handle_bug+0x184/0x210
[  670.993551][T16932]  exc_invalid_op+0x17/0x50
[  670.998065][T16932]  asm_exc_invalid_op+0x1a/0x20
[  671.002920][T16932] RIP: 0010:ext4_xattr_inode_update_ref+0x3d4/0x570
[  671.009540][T16932] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 9b 01 00 00 48 8b 73 40 4c 89 e2 48 c7 c7 60 03 c8 8b e8 ad 6f f0 fe 90 <0f> 0b 90 90 e9 4d fe ff ff e8 7e ca 31 ff 44 0f b6 3d 6e 2f 0a 0e
[  671.029157][T16932] RSP: 0018:ffffc900045bf430 EFLAGS: 00010282
[  671.035230][T16932] RAX: 0000000000000000 RBX: ffff88805343bbf8 RCX: ffffc90018613000
[  671.043205][T16932] RDX: 0000000000080000 RSI: ffffffff817a4395 RDI: 0000000000000001
[  671.051179][T16932] RBP: ffffc900045bf4f0 R08: 0000000000000001 R09: 0000000000000000
[  671.059162][T16932] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffffffffffff
[  671.067134][T16932] R13: 1ffff920008b7e89 R14: ffff88805343bcd0 R15: 0000000000000000
[  671.075121][T16932]  ? __warn_printk+0x1a5/0x350
[  671.079921][T16932]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  671.086284][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.091929][T16932]  ? __ext4_journal_ensure_credits+0x25e/0x2f0
[  671.098103][T16932]  ext4_xattr_inode_dec_ref_all+0x52a/0xed0
[  671.104028][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.109681][T16932]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  671.116142][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.121786][T16932]  ? errseq_check+0x4f/0x90
[  671.126309][T16932]  ext4_xattr_delete_inode+0x4ee/0xb80
[  671.131777][T16932]  ? rcu_is_watching+0x12/0xc0
[  671.136556][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.142200][T16932]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  671.148195][T16932]  ? ext4_journal_check_start+0x22b/0x340
[  671.153932][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.159592][T16932]  ? __ext4_journal_start_sb+0x19e/0x690
[  671.165239][T16932]  ? ext4_evict_inode+0x5cf/0x18e0
[  671.170476][T16932]  ext4_evict_inode+0x7d6/0x18e0
[  671.175441][T16932]  ? __pfx_ext4_evict_inode+0x10/0x10
[  671.180830][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.186482][T16932]  ? __pfx_ext4_evict_inode+0x10/0x10
[  671.191871][T16932]  evict+0x3e6/0x920
[  671.195777][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.201424][T16932]  ? __pfx_evict+0x10/0x10
[  671.205863][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.211524][T16932]  iput+0x521/0x880
[  671.215347][T16932]  ? __pfx_ext4_drop_inode+0x10/0x10
[  671.220648][T16932]  ext4_orphan_cleanup+0x731/0x11e0
[  671.225880][T16932]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  671.231539][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.237184][T16932]  ? ext4_register_li_request+0xec/0x9b0
[  671.242846][T16932]  ext4_fill_super+0x8a38/0xafa0
[  671.247836][T16932]  ? __pfx_ext4_fill_super+0x10/0x10
[  671.253139][T16932]  ? do_raw_spin_lock+0x12c/0x2b0
[  671.258173][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.263819][T16932]  ? find_held_lock+0x2b/0x80
[  671.268514][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.274157][T16932]  ? set_blocksize+0x406/0x500
[  671.278938][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.284580][T16932]  ? sb_set_blocksize+0x176/0x1d0
[  671.289618][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.295287][T16932]  ? setup_bdev_super+0x369/0x730
[  671.300350][T16932]  get_tree_bdev_flags+0x38c/0x620
[  671.305497][T16932]  ? __pfx_ext4_fill_super+0x10/0x10
[  671.310807][T16932]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  671.316473][T16932]  ? apparmor_capable+0x114/0x1d0
[  671.321513][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.327159][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.332805][T16932]  ? security_capable+0x7e/0x260
[  671.337753][T16932]  vfs_get_tree+0x8e/0x340
[  671.342191][T16932]  path_mount+0x1513/0x2000
[  671.346714][T16932]  ? __pfx_path_mount+0x10/0x10
[  671.351580][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.357223][T16932]  ? kmem_cache_free+0x2d1/0x4d0
[  671.362191][T16932]  ? putname+0x154/0x1a0
[  671.366455][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.372099][T16932]  ? putname+0x154/0x1a0
[  671.376358][T16932]  ? __x64_sys_mount+0x28d/0x310
[  671.381305][T16932]  __x64_sys_mount+0x28d/0x310
[  671.386082][T16932]  ? __pfx___x64_sys_mount+0x10/0x10
[  671.391379][T16932]  ? srso_alias_return_thunk+0x5/0xfbef5
[  671.397039][T16932]  do_syscall_64+0xcd/0x4e0
[  671.401551][T16932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.407455][T16932] RIP: 0033:0x7f7e2599034a
[  671.411874][T16932] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.431488][T16932] RSP: 002b:00007f7e26740e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  671.439908][T16932] RAX: ffffffffffffffda RBX: 00007f7e26740ef0 RCX: 00007f7e2599034a
[  671.447877][T16932] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f7e26740eb0
[  671.455849][T16932] RBP: 0000200000000180 R08: 00007f7e26740ef0 R09: 000000000080078b
[  671.463826][T16932] R10: 000000000080078b R11: 0000000000000246 R12: 00002000000001c0
[  671.471803][T16932] R13: 00007f7e26740eb0 R14: 0000000000000473 R15: 0000200000000680
[  671.479797][T16932]  </TASK>
[  671.483016][T16932] Kernel Offset: disabled
[  671.487339][T16932] Rebooting in 86400 seconds..