last executing test programs:

6m18.76994202s ago: executing program 3 (id=620):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000300)={[{@grpquota}, {@quota}, {@quota}, {@stripe={'stripe', 0x3d, 0x3}}, {@jqfmt_vfsold}]}, 0xff, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000001c0)={[{@delalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@init_itable_val={'init_itable', 0x3d, 0xff}}, {@resuid}, {@grpid}, {@nojournal_checksum}, {@noauto_da_alloc}, {}, {@dioread_nolock}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

6m17.58487553s ago: executing program 3 (id=627):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000040)="2d0000008058", 0x6}, {&(0x7f0000000400)="089e", 0x2}], 0x2, &(0x7f0000000100)=ANY=[], 0x40}, 0x20000081)

6m17.436350079s ago: executing program 3 (id=630):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a090000000000000000000a0000000900020073797a310000000008000440000000000900010073797a30000000000800034000000001340000001f0a03000000000000000000020000000900010073797a30000000000900020073797a3100000000080003"], 0x98}}, 0x0)

6m16.76236971s ago: executing program 3 (id=632):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xe}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da30000bce645451b851111dd98ac4d8da9317c2c082020e0b2d6340809000000000000008e053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456521cffdef93e29f10f4a11f0cfbfc0ff976b20fe"], &(0x7f0000000080)='GPL\x00', 0x0, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000400000008000000010000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

6m16.669474575s ago: executing program 3 (id=633):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000014c0)=0x4d)

6m16.604389719s ago: executing program 3 (id=635):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000001540)={0x0, 0xd4}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000000c0)={0x73}, 0x8)

6m3.89681174s ago: executing program 0 (id=692):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r3)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f00000014c0)=0x4d)
socket$inet6(0xa, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc453, &(0x7f00000000c0), 0x4, 0x55f, &(0x7f00000001c0)="$eJzs3d9rHVkdAPDvTHP7M+3Nqg+64O5qV9pFe9MYdjf4sK4g+rSgrO81Jjch9CYpuTe7TVjcFP8AQUQFn/RlXwT/AEEWfPFxERb0WVFRRLuKKGhH7ty5SZrcH2ma3onJ5wPTOXPOzHzPue38ODPTmQBOrVeL4UGWZS9ERLXIT4vhantiK+K5iPjg/ltz7SGJLHv9r0kkRV53XVnuXFzqLJKvYOzLEd9I9sdtbmzenm006mvF9GRr+c5kc2PzxtLy7GJ9sb4yPT310szLMy/O3Hyc5i1cKhKXI+KVL/7xe99+50uv/Pwzb/7u1p+vfzPp1Pnt2NOOh1wYGmNsUGGn6ZU4vyuv/VuuPUIjjruxonV5W4f/Xrl7xT8RAABGq33O/6GI+GSersaZwaezO5LocVYPAAAAHEfZ58fjP0n33t0+Z3vkVfvMCwAAABxTaUSMR5LWiud9xyNNa7XIn+H9SFxMG6vN1qcXVtdX5ttlERNRSReWGvWbxbPCE1FJ2tNTebqY/meWZbunlxr16Yh4KiK+W72QT9fmVhvzZV/8AAAAgFPi0p7+/z+qnf4/AAAAcMJMlF0BAAAA4InT/wcAAICTT/8fAAAATrSvvPZae8i637+ef2Nj/fbqGzfm683bteX1udrc6tqd2uLq6mL+zr7lgSvb/nTgyvrdyVa92ZpsbmzeWl5dX2ndWnroE9gAAADACD317Lu/SSJi63MX8qHt7K7yfxffCSitgsATs33JLpJifHb/TL+90hn/YUSVAkbiTNkVAEozVnYFgNJUyq4AULpkSHnfh3feK8af6FNuBwMAAMfGtY/1v/+fDlxya3AxcOztbMRXSq0HMHrF/f9dx/IDHtZd14P/e/n9/x6P/PXkjB9OlIonAOHUG3r/v985wnsHjeD/EAEAQNnG8yFJa8XlvfFI01ot4nL+WYBKsrDUqN8s7g7+ulo5156eypdMhvYZAAAAAAAAAAAAAAAAAAAAAAAAAICOLEsiAwAAAE60iPRPyS867/K/Vn1+fO/1gbPJv6pRfCL0zR++/v27s63W2lQ7/2/b+a0fFPmfLeMKBgAAALBXt5/e7ccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFH64P5bc91hlHH/8oWImOgVfyzO5+PzUYmIi39PYmzXcklEnDmC+Fv3IuKjveIn7Wpth9wVv9LNu/Dk48dE8Svsb/+DuHQE8eE0e7e9/3m11/aXxnP5uPf2Nxbx0PRh9d//xfb+70yf/d/lfWtLe8Z4+v2fTvaNfy/i6bHe+59u/KRP/Kud5NCf4etf29zsV5b9KOJa9/jzTronwk5qsrV8Z7K5sXljaXl2sb5YX5mennpp5uWZF2duTi4sNerFnz1jfOfjP3swqP0Xex7/OvvfQe1/fljDC/99/+79D3eSlV7xr1/tEf+XPy7m2B8/LY59nyrS7fJr3fRWJ73bMz/51TOD2j/fp/3D/v6vH7D9L3z1W78/4KwAwAg0NzZvzzYa9bXDJKoR8RiLjybR7qUfg2qUmWhciTjgzNPnyqvq+Rh10Lf3Fz0bh15hlmVZe5t6jIolh49+NIlkO6fsPRMAAHDUds7+y64JAAAAAAAAAAAAAAAAAAAAnF6P+Iawi4d5P9nemFvbqeQoXqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAk/hcAAP//T4viyQ==")

6m2.997668623s ago: executing program 0 (id=695):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES64], 0x1, 0x2c6, &(0x7f0000000fc0)="$eJzs3U+LG2UYAPBndpNJWg/JwZOIDujBU+n26iWLpFDMSclBPehiW5AkCC0sWMXgyasXj34CQfDml/Ai+AEEP4A3eyi8MpmMSdtJsoGm65/f75B9d97nmfd535nsH5Z596OXZ5PbRdz96ovfotvN4mgQg3iYRT+OopZSSrEy+CYAgH+zhynFH6lywZRB+ZJFRPewpQEAB7L39/8fD14SAHBg7773/tuno9HwnaLoxs3Z1+fj8jf78mPVf3o3Polp3Inr0YtH1d8C6p8WytebKaV5qyj14/XZ/HxcZs4+/Hl5/tN6oJPoRX/Rejz/1mh4UlTW8udlHVdfqcYflOPfiF682DD+rdHwRkN+jPN447W1+q9FL375OD6NadxeFLHK//KkKN5K3/75+QdleWV+Nj8fdxZxK+n4+V0VAAAAAAAAAAAAAAAAAAAAAAD+664t987pxGL/nvLQcv+d40flJ+0oav3H9+ep8rP6RE/sDzRP8V1KnVbEaHi9KIq0DFzlt+KlVrQuZ9YAAAAAAAAAAAAAAAAAAADwz3L/sweTs+n0zr2Gxq9XIzZ0bWjUuwHUj/XvyDre1DVYO/JqPJicdTafsOzqV11Hy6gtg8ZxHZNFbJ1OtNr1oP29FmH/xpVNNX//w74n7O6OaW9bn2fTqO+uyVkWjTGdqI9062v603pMHhccK9/UlXbffmuNvLGrt/fc8xcWjfmWmMi2Ffbm79XKLY9kT84iX6xqY3p7bTeO5nuj+Vpseqc8JVu8rfNn+wUIAAAAAAAAAAAAAAAAAAD42+qh36e6ruxIPUqdg5UFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM/V6v//79GYL5MvEJzHvfuXPEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//1b/Vmo=")
r0 = open(0x0, 0x800, 0x9)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x1)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BLKOPENZONE(0xffffffffffffffff, 0x40101286, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
lsetxattr$trusted_overlay_redirect(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)='./file0\x00', 0x8, 0x3)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi")
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r6, 0xc0406619)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2400c042)
getsockopt$WPAN_WANTLQI(r1, 0x0, 0x3, 0x0, &(0x7f00000002c0))

6m2.018415911s ago: executing program 0 (id=698):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000018000100000000000000000002001000fe0000090000000006001500040000001400168010000880"], 0x38}}, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000d0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r4, &(0x7f00000010c0)=""/4096, 0x1000)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='btrfs\x00', 0x210818, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r5, 0x540a, 0x0)
r6 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r6, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f0000000440)}})
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500140600fc020000000000000000000000000001fe8000000000000000000000000000aa00004e", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50c200007e7800"], 0x0)

6m0.172704001s ago: executing program 32 (id=635):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000001540)={0x0, 0xd4}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000000c0)={0x73}, 0x8)

6m0.116354534s ago: executing program 0 (id=700):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

5m56.836452649s ago: executing program 0 (id=712):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_TO_DATA={0x4}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'C'}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)

5m56.624949551s ago: executing program 0 (id=713):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000"], 0x48)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
r0 = userfaultfd(0x80001)
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x8864, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x9)
madvise(&(0x7f00001e4000/0x4000)=nil, 0x4000, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open(0x0, 0x121342, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
syz_clone3(&(0x7f0000000680)={0x42040000, 0x0, 0x0, 0x0, {0x32}, 0x0, 0x0, 0x0, &(0x7f0000000440)=[0x0], 0x1}, 0x58)

5m41.485121517s ago: executing program 33 (id=713):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000"], 0x48)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
r0 = userfaultfd(0x80001)
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x8864, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x9)
madvise(&(0x7f00001e4000/0x4000)=nil, 0x4000, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open(0x0, 0x121342, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
syz_clone3(&(0x7f0000000680)={0x42040000, 0x0, 0x0, 0x0, {0x32}, 0x0, 0x0, 0x0, &(0x7f0000000440)=[0x0], 0x1}, 0x58)

4m21.798851867s ago: executing program 1 (id=1021):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000140)={0x139440, 0x80, 0x18}, 0x18)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r0, 0x0, 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000001c0)={0x0, 0xfffffffb, 0x0, 0xb2, 0x10, "1ba30c9382000100000000e6ff00"})
r1 = syz_open_pts(r0, 0x20800)
dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x44)

4m21.586135129s ago: executing program 1 (id=1023):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="a1ab00000000000000003200000008001781"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000001c0)="29db60e2d35b063b8bf8dc8f6cd7dd9e0f007e26e658f6fada954e2724a03e1cc07958cd319395a3cdec69bb49deabbea130645fdbd6b588fecb88d0c96ac06132a097d2f7e7ddf636597a908693b9cf53f11bb804bfb2e23b30f2bd1c3b", 0xfffffff8, 0xffffffffffffffff, 0x4}, 0x38)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'veth1_macvtap\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000", 0x14, 0x0, &(0x7f0000000140)={0x11, 0x88a8, r7}, 0x14)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0xffffffffffffff03, 0x0, 0x1}, 0x28)
r8 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r8, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3"], 0x310)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
setsockopt$inet6_int(r5, 0x29, 0x4e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(r5, 0x0, 0x0, 0x0)

4m20.087703478s ago: executing program 1 (id=1026):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="0900bf65653f47f4020000008bd458d1e7cbdaf300000f34e7e4165f081ae36850f6d15c3e681411f7a496c0da04003c242f5bedaf6bec340dee49474362b24cb800edc500", 0x0, 0x48)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

4m20.009275342s ago: executing program 1 (id=1028):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x800, 0x0, 0x0, 0x0, 0xb, 0x4, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000feff0700", [0x0, 0x22000000000001]}})
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000080)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r1}}, 0x18)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

4m19.256143917s ago: executing program 1 (id=1031):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe6}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef", 0xdb}, {&(0x7f0000000400)="145a977ce90bcec36cee68138cdb7c53108f9e6776eb08ce8c386ceb3ef2feba0afdcd6e04c99847b690d5148d8313f48a14b0418173a7b6a901d1903cd5d6eb2636c718aa1204b697a3dc3e564ef86e51483d252558eebe4940511e89cd585dcde0eaef40a867a51728ecbdeae53c6f", 0x70}, {&(0x7f0000000e00)="bfaff4f4485bc73c2c14fa76a76697938161b1a54e68d0412f2c369299d3d2a6d338972f6dd839e5c3087c6e61d959386b5a29aa0e181f8da9f47a25d9b5c94f1fd45daba5169918e54c7969700fc8c0d7513b4c9df33d3dbccf8d7077b1524bc28799d782ae94e68a2f2de8097bb55ae5795c6be07af87457d9ce99e5bd440d4f096a0f74da88f2a75895b0c390e38b11b62d3977cd8cd3127721cd0241f4effe4e43f0bf6506fa44aef9de83b58ab6f93883483bb2077979d086e9e2f1802241254c7611ac38ae7ca8c823991f43ef7dd50b51195654dc2f63895c913faf1b905a8d2e5c5442196db570bee035eb4bdd98bf2398f662bd1e2a031f175633b3fc5d1d62c7692b12a0b4516ff123c99a8960151bfcae42a87a9e343a395edfcc0b8086455190bb1b827d35362c40a2a475197a44ff6b0d7aba1d5f5b5f3707c7e340eb07a254dd7a880ce2571e61e32f2be942b06cc666a64d829c7645ae9700"/367, 0x16f}, {&(0x7f0000000ac0)="a94614d7956646f986d7830ecce6938eb5678519607fc05921701bc860f7966e6b62d17fe2b6734f056edf315d30", 0x2e}], 0x4}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="bf", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d040e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20d177a39157101dbd8e000000002efed96c410a103d35336fb4ee4000bfb3d32b0181ff3d726a7dc6432a336a42b50b2c6877cb63b410d746b35fc721e5992ba47c3a2bc2d3679abe0794d226b7b0c333c3000fee7adaafb6efd57382eb2a86d71acaae52a154477a5b66757a886f4ad5446607520c17fb81ede0473cd897a34c7c9f41b653d568e4e1c457b0fc90554ed6798d3b8f3fb82578a424f385b1058dc11bab8989f000dd3e144a37015ffdf45d90393b", 0x26b}], 0x1}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4m14.714459346s ago: executing program 1 (id=1040):
socket(0xa, 0x5, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000fee000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4m13.903909524s ago: executing program 34 (id=1040):
socket(0xa, 0x5, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000fee000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1m22.061704781s ago: executing program 7 (id=1695):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000001000000000000000080000000200000", @ANYRES32, @ANYBLOB="fcffffff08966fbaccf64e59fac7000000010000a7c1785034bc3d37738eb12763f42c9db564c84648ce882ee28e5bb1ffb4a72d8053b36760a6c5df8bd50e52e52e1e325fe02b8fba29e2b4f38dcd6c597e45aeb43af06045a1e73cb570667771808d838884527754be60e1459f60fbc0f6a50d505e23874f788b284c7fe56dbdff1be67a0bf2d20e09cd6738cdc789b11ed5bb6e751d52e3860844d601e9bc852c5ee6826d7aea311ed1e81c8c7e8e1e4ded3ddc", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="0000ffffffffddffdcfffffffffd5f"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x1000000, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x81, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@getqdisc={0x24, 0x26, 0x1, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff3}, {0xfff2, 0xffff}, {0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4050)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newlink={0x38, 0x10, 0x403, 0x6101, 0x0, {0x0, 0x0, 0x0, 0x0, 0x56760003ded1ddd3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_LOCAL={0x8, 0x4, @private=0xa010101}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="a82c5d62aec9bb3fa2940000c48876ba96c55950d0796e652a9c5dca"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x80)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'veth0_vlan\x00', 0x100})
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

1m21.765661578s ago: executing program 7 (id=1697):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000016c0)=ANY=[@ANYBLOB="b000000000010104000000000000000002000000240001801400018008000100e000000108000200ac1414000c0002800500010000000000240002801400018008000100e000000108000200ac1e00010c000280050001000000000008000740000000004c001880080001"], 0xb0}}, 0x0)

1m21.356842943s ago: executing program 7 (id=1700):
socket(0x10, 0x3, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000200))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x200000000})
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000001480)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000002700)=ANY=[], 0x1015, 0x0)

1m21.044927431s ago: executing program 7 (id=1701):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
unshare(0x40020480)
syz_pidfd_open(0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)
umount2(0x0, 0x2)

1m20.206639571s ago: executing program 7 (id=1704):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES64], 0x1, 0x2c6, &(0x7f0000000fc0)="$eJzs3U+LG2UYAPBndpNJWg/JwZOIDujBU+n26iWLpFDMSclBPehiW5AkCC0sWMXgyasXj34CQfDml/Ai+AEEP4A3eyi8MpmMSdtJsoGm65/f75B9d97nmfd535nsH5Z596OXZ5PbRdz96ovfotvN4mgQg3iYRT+OopZSSrEy+CYAgH+zhynFH6lywZRB+ZJFRPewpQEAB7L39/8fD14SAHBg7773/tuno9HwnaLoxs3Z1+fj8jf78mPVf3o3Polp3Inr0YtH1d8C6p8WytebKaV5qyj14/XZ/HxcZs4+/Hl5/tN6oJPoRX/Rejz/1mh4UlTW8udlHVdfqcYflOPfiF682DD+rdHwRkN+jPN447W1+q9FL375OD6NadxeFLHK//KkKN5K3/75+QdleWV+Nj8fdxZxK+n4+V0VAAAAAAAAAAAAAAAAAAAAAAD+664t987pxGL/nvLQcv+d40flJ+0oav3H9+ep8rP6RE/sDzRP8V1KnVbEaHi9KIq0DFzlt+KlVrQuZ9YAAAAAAAAAAAAAAAAAAADwz3L/sweTs+n0zr2Gxq9XIzZ0bWjUuwHUj/XvyDre1DVYO/JqPJicdTafsOzqV11Hy6gtg8ZxHZNFbJ1OtNr1oP29FmH/xpVNNX//w74n7O6OaW9bn2fTqO+uyVkWjTGdqI9062v603pMHhccK9/UlXbffmuNvLGrt/fc8xcWjfmWmMi2Ffbm79XKLY9kT84iX6xqY3p7bTeO5nuj+Vpseqc8JVu8rfNn+wUIAAAAAAAAAAAAAAAAAAD42+qh36e6ruxIPUqdg5UFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM/V6v//79GYL5MvEJzHvfuXPEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//1b/Vmo=")
r0 = open(0x0, 0x800, 0x9)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x1)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BLKOPENZONE(0xffffffffffffffff, 0x40101286, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi")
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r6, 0xc0406619)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2400c042)
getsockopt$WPAN_WANTLQI(r1, 0x0, 0x3, 0x0, &(0x7f00000002c0))
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0)

1m19.556469009s ago: executing program 7 (id=1707):
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000000)=ANY=[], 0x4)

1m18.879470999s ago: executing program 35 (id=1707):
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000000)=ANY=[], 0x4)

1m15.751798334s ago: executing program 5 (id=1723):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000018000100000000000000000002001000fe0000090000000006001500040000001400168010000880"], 0x38}}, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000d0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r5, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r5, &(0x7f00000010c0)=""/4096, 0x1000)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='btrfs\x00', 0x210818, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r6, 0x540a, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f0000000440)}})
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500140600fc020000000000000000000000000001fe8000000000000000000000000000aa00004e", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50c200007e78"], 0x0)

1m14.159833148s ago: executing program 5 (id=1730):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x8, 0x94, 0x10001, 0x3, 0xe, 0x4, 0x6, 0x10}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4000800)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1m13.364312876s ago: executing program 5 (id=1731):
socket(0x10, 0x3, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000200))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x200000000})
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000001480)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000002700)=ANY=[], 0x1015, 0x0)

1m13.276503281s ago: executing program 5 (id=1732):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x1510d0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2301091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000180)='.\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x41)
umount2(&(0x7f0000000080)='./file0\x00', 0x2)

1m13.171142907s ago: executing program 5 (id=1733):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmmsg(r0, 0x0, 0x4c, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x40980, 0x0)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x369400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4000000}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r3, 0xfff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x6}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xa, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x8}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f0000000400)=0x13)
writev(r5, &(0x7f0000000140), 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000100)=0x3)

1m12.748240272s ago: executing program 5 (id=1735):
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000700))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x90000004})

1m12.550884364s ago: executing program 36 (id=1735):
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000700))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x90000004})

8.990023968s ago: executing program 2 (id=2116):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000010000000000000000000001800000004000000000000000700000085100000fbffffff18640000030000000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x72, &(0x7f0000000000)=""/114}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x800)
socket$isdn_base(0x22, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x500, 0x0, 0xffffffff, 0xffffffff, 0x190, 0xffffffff, 0x430, 0xffffffff, 0xffffffff, 0x430, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0xffffff00], [], 'veth0_macvtap\x00', 'bridge0\x00', {}, {0xff}}, 0x0, 0x148, 0x190, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, 'bridge0\x00', {0x8}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x8, 0x6, 0x3}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'pimreg\x00', {0xf2e3}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x560)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c00000010001fff28bd70000000800000000000", @ANYRES32=0x0, @ANYBLOB="efb00000800000006c0012800b00010062726964676500005c00028008000500010000000c002e"], 0x8c}, 0x1, 0x0, 0x0, 0x4000084}, 0x14)

8.538186635s ago: executing program 8 (id=2118):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
fchdir(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

7.477026247s ago: executing program 8 (id=2127):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x8a33}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000004}, @IFLA_MACSEC_WINDOW={0x8, 0x5, 0x7ffffffe}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x50}, 0x1, 0x0, 0x0, 0x48890}, 0x0)

5.601892669s ago: executing program 8 (id=2131):
r0 = fsmount(0xffffffffffffffff, 0x0, 0x3)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x13, &(0x7f0000000480)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x49}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0xd7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r1)
r3 = open(&(0x7f0000000300)='./file0\x00', 0x400, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
r4 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
write$binfmt_script(r4, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fffffff}]})

4.481895635s ago: executing program 8 (id=2142):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x19, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pidfd_getfd(0xffffffffffffffff, r3, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r4, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008880}, 0x20000040)
sendmmsg$inet6(r0, &(0x7f00000010c0)=[{{&(0x7f0000000c80)={0xa, 0x4e23, 0x2ce4db85, @local, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f0000000f80)=[@hopopts={{0x18, 0x29, 0x36, {0x3a}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}], 0x30}}], 0x1, 0x24000010)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000017000000950000000000000060bda108010da26a15544b2a4c738e0fa0f897aa278b325764"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r7, r6, 0x25, 0x0, @void}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x6}]}, 0x20}}, 0x0)

3.198482491s ago: executing program 8 (id=2144):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x8e7})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500))

3.135462955s ago: executing program 6 (id=2145):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000480)=@ethtool_link_settings={0x0, 0x8, 0x3, 0xe, 0x4, 0x6, 0x1, 0x2, 0x2, 0xe, [0x4, 0xeaac, 0x0, 0x9f, 0xffff59f1, 0x7, 0x10001, 0x86f8], [0x9]}})

3.135294355s ago: executing program 4 (id=2146):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000007c0)={[{@nouid32}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000001480)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000240)=ANY=[], 0xfdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x111)
fallocate(r3, 0x0, 0x1, 0x2000406)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x4, 0x0, 0x0, 0xfffffffffdffffff})

3.135171005s ago: executing program 6 (id=2147):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x0, 0x3}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x9d3354bba4295a8d, {{0x41}}}, 0x10)

3.102637436s ago: executing program 6 (id=2148):
r0 = socket(0x10, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x2042, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d0020070000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff00080002"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

2.309376414s ago: executing program 9 (id=2151):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newqdisc={0x45c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x1, 0x9, 0x8000, 0x3, 0x5, 0x5, 0xb762, 0x4, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x7fc, 0xffff8000, 0x6, 0x401, 0x9, 0xb89, 0xffffe4f5, 0xd6, 0x7, 0xffff, 0x7, 0x0, 0x2, 0x101, 0x1, 0xfffffffc, 0x4, 0x1, 0x1, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x7, 0x4, 0x99, 0x9, 0x5, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x800009, 0x9, 0x100, 0x8, 0x8, 0x1, 0x4, 0x7ff, 0x8, 0x7, 0x80000001, 0x400, 0x8, 0xfffffa72, 0xcd, 0xffffff80, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x659, 0x9, 0xf, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x1, 0x10001, 0x3, 0x1, 0x4, 0x8, 0x8, 0x7, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xf, 0x7ff, 0x0, 0x3, 0x1000, 0x4, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x5, 0x4, 0xffffffff, 0x80000000, 0x1966f9ab, 0xfffffffb, 0x20200, 0xed5, 0xfffffc00, 0x6, 0x4, 0x8, 0x485e, 0xa85, 0x80000040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x7, 0x10000, 0xffffffff, 0x6, 0x203ff, 0xf04, 0x0, 0x2, 0x5, 0xfffffc00, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x0, 0x2, 0x5, 0x8, 0x3, 0x0, 0x800, 0x2, 0x8, 0x7ff, 0x1, 0x9, 0x6, 0x5, 0x5, 0x4d15, 0x1ff, 0xfffff060, 0x3, 0x469, 0x3, 0x0, 0x200, 0x10000005, 0x7, 0x1, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x0, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x81, 0xdf3, 0x2, 0x7, 0x8, 0xfff, 0x1ff, 0x8000, 0x3, 0x8, 0x3, 0x9, 0x9a6, 0xe4cb, 0x402, 0x1, 0x1ff, 0x3e, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x9, 0x0, 0x4, 0x10, 0x901, 0x4, 0x2, 0x7b, 0xfffffeff, 0x6, 0x6, 0xc, 0x1000, 0x9, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000001, 0x4, 0x1, 0x6, 0x200, 0x2]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x75, 0x2, 0x88f, 0x3, 0x1, 0xffffffff}, {0x7, 0x1, 0x8, 0x4, 0xf0, 0x9}, 0x4, 0xfff, 0x11b0}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000200)="2478546ca4fa3b0bfe4ddf30cc5a", 0xe, 0x4000050, &(0x7f00000001c0)={0x11, 0xf7, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14)

2.292248704s ago: executing program 4 (id=2152):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000200)='\"', 0x1, 0x4fed2)
r1 = open(&(0x7f00000003c0)='./file1\x00', 0x44142, 0x191)
sendfile(r1, r1, 0x0, 0x800000009)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r2, 0x20, 0x0, 0x8000)

2.067780388s ago: executing program 2 (id=2153):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)

1.936313476s ago: executing program 9 (id=2154):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x19, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pidfd_getfd(0xffffffffffffffff, r3, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r4, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008880}, 0x20000040)
sendmmsg$inet6(r0, &(0x7f00000010c0)=[{{&(0x7f0000000c80)={0xa, 0x4e23, 0x2ce4db85, @local, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f0000000f80)=[@hopopts={{0x18, 0x29, 0x36, {0x3a}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}], 0x30}}], 0x1, 0x24000010)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000017000000950000000000000060bda108010da26a15544b2a4c738e0fa0f897aa278b325764"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r7, r6, 0x25, 0x0, @void}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x6}]}, 0x20}}, 0x0)

1.894649068s ago: executing program 2 (id=2155):
r0 = syz_open_dev$loop(&(0x7f0000001480), 0x1, 0x181080)
ioctl$BLKGETZONESZ(r0, 0x80041284, 0x0)

1.748637367s ago: executing program 2 (id=2156):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x10)
r2 = socket(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000200)={r5, 0x1, 0x6, @multicast}, 0x10)

1.008478771s ago: executing program 9 (id=2157):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x1, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0xc, 0xffc0})

940.176715ms ago: executing program 4 (id=2158):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'nr0\x00', 0xb356841f36698ca6})
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r3], 0x20}}, 0x0)

824.367712ms ago: executing program 8 (id=2159):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)

739.435436ms ago: executing program 2 (id=2160):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
timer_create(0x2, 0x0, &(0x7f0000044000)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f00000000c0))

486.556401ms ago: executing program 4 (id=2161):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x88, 0x67, &(0x7f00000002c0)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast2}, 0x10, &(0x7f0000000300)=[{&(0x7f00000004c0)="e673ae1b2bd3", 0x6}], 0x1, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast2}}}], 0x20}, 0x0)

410.872286ms ago: executing program 9 (id=2162):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000005580)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x6c, 0x16, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_FLOWTABLE_HOOK={0x40, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'wlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb4}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)

324.401192ms ago: executing program 6 (id=2163):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x44, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000001800)=[{0x0}, {0x0}], 0x2, &(0x7f0000001880)}, 0x0, 0x40080, 0x1})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)

310.449842ms ago: executing program 4 (id=2164):
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x75b3, 0x0)
ioctl$X86_IOC_RDMSR_REGS(r0, 0xc02063a0, 0x0)

279.999494ms ago: executing program 6 (id=2165):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000014, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x406f413, 0x0)

200.479389ms ago: executing program 9 (id=2166):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)={0x40, r1, 0x1, 0xfffffffd, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x40}}, 0x0)

177.3834ms ago: executing program 4 (id=2167):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x19, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pidfd_getfd(0xffffffffffffffff, r3, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r4, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={0x0}, 0x1, 0x0, 0x0, 0x4008880}, 0x20000040)
sendmmsg$inet6(r0, &(0x7f00000010c0)=[{{&(0x7f0000000c80)={0xa, 0x4e23, 0x2ce4db85, @local, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f0000000f80)=[@hopopts={{0x18, 0x29, 0x36, {0x3a}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}], 0x30}}], 0x1, 0x24000010)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000017000000950000000000000060bda108010da26a15544b2a4c738e0fa0f897aa278b325764"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r7, r6, 0x25, 0x0, @void}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x6}]}, 0x20}}, 0x0)

147.635401ms ago: executing program 6 (id=2168):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@abort}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
lchown(&(0x7f0000000100)='./file0\x00', 0x0, r1)

94.670915ms ago: executing program 9 (id=2169):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000380)={[{@acl}]}, 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB")
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x2)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x57e00}], 0x2, 0x1200, 0x41001, 0x3)

0s ago: executing program 2 (id=2170):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x1, 0x50f, &(0x7f0000000680)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x2)

kernel console output (not intermixed with test programs):

91.328118][T10499] 9pnet: Insufficient options for proto=fd
[  491.386195][ T7341] usb 6-1: device descriptor read/64, error -71
[  491.464285][T10501] loop4: detected capacity change from 0 to 512
[  491.521646][T10501] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  491.555268][T10501] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  491.584793][T10501] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  491.614270][T10501] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  491.633378][T10501] System zones: 0-2, 18-18, 34-35
[  491.644216][T10501] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  491.665156][ T7341] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  491.865111][ T7341] usb 6-1: device descriptor read/64, error -71
[  491.988040][ T7341] usb usb6-port1: attempt power cycle
[  492.020129][T10504] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 353: padding at end of block bitmap is not set
[  493.052377][ T7341] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  493.145220][ T7341] usb 6-1: device descriptor read/8, error -71
[  494.013688][T10536] loop2: detected capacity change from 0 to 256
[  494.216650][T10536] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  494.371204][T10536] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  497.293937][T10566] loop4: detected capacity change from 0 to 512
[  497.538286][T10566] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  497.633699][T10566] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  497.685393][T10566] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  497.756831][T10566] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  497.775338][T10566] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  497.811194][T10566] EXT4-fs (loop4): failed to initialize system zone (-117)
[  497.885250][T10566] EXT4-fs (loop4): mount failed
[  497.915211][ T1106] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  498.188046][ T1106] usb 3-1: Using ep0 maxpacket: 16
[  498.336172][ T1106] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  498.468807][ T1106] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  498.915461][ T1106] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  498.975951][ T1106] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  499.133937][ T1106] usb 3-1: SerialNumber: syz
[  500.456419][ T1106] usb 3-1: USB disconnect, device number 10
[  500.566712][T10597] loop5: detected capacity change from 0 to 512
[  500.592082][T10599] loop7: detected capacity change from 0 to 256
[  500.623170][T10599] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  500.707628][T10597] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  500.724527][T10599] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  500.745108][T10597] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  500.802786][T10597] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  500.833846][T10597] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  500.880699][T10597] System zones: 0-2, 18-18, 34-35
[  500.919274][T10597] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  502.255960][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  502.264692][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  503.551144][T10627] device syzkaller0 entered promiscuous mode
[  504.153333][T10634] loop7: detected capacity change from 0 to 1024
[  504.245399][T10634] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  504.314634][T10634] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  504.444808][T10634] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  504.489852][T10634] System zones: 0-1, 3-36
[  504.511296][T10639] loop6: detected capacity change from 0 to 512
[  504.550879][T10634] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  504.607005][T10639] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  504.653982][T10639] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled
[  504.684873][T10639] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  505.098645][T10639] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1666: Allocating blocks 41-42 which overlap fs metadata
[  505.181480][T10639] Quota error (device loop6): write_blk: dquota write failed
[  505.243490][T10639] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  505.273701][T10639] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1666: Allocating blocks 41-42 which overlap fs metadata
[  505.335499][T10639] Quota error (device loop6): write_blk: dquota write failed
[  505.355835][T10639] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  505.375178][T10639] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1666: Failed to acquire dquot type 1
[  505.444109][T10639] EXT4-fs error (device loop6): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  505.491235][T10649] loop7: detected capacity change from 0 to 1024
[  505.491394][T10639] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1666: corrupted inode contents
[  505.517619][T10639] EXT4-fs error (device loop6): ext4_dirty_inode:6058: inode #12: comm syz.6.1666: mark_inode_dirty error
[  505.518223][ T4291] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  505.532896][T10639] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1666: corrupted inode contents
[  505.582964][T10639] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #12: comm syz.6.1666: mark_inode_dirty error
[  505.606027][T10639] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1666: corrupted inode contents
[  505.636787][T10649] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_lock,inode_readahead_blks=0x0000000008000000,nombcache,nodelalloc,init_itable,errors=remount-ro,. Quota mode: none.
[  505.661965][T10639] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  505.689192][T10639] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1666: corrupted inode contents
[  505.702995][T10639] EXT4-fs error (device loop6): ext4_truncate:4279: inode #12: comm syz.6.1666: mark_inode_dirty error
[  505.740892][T10649] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1668: bg 0: block 392: padding at end of block bitmap is not set
[  505.798195][T10639] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  505.856031][T10649] EXT4-fs (loop7): Remounting filesystem read-only
[  505.864634][T10639] EXT4-fs (loop6): 1 truncate cleaned up
[  505.871855][T10639] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  505.965170][ T4291] usb 6-1: Using ep0 maxpacket: 16
[  506.005602][T10639] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1666: Allocating blocks 41-42 which overlap fs metadata
[  506.115695][ T4291] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  506.219383][T10639] Quota error (device loop6): write_blk: dquota write failed
[  506.287642][ T4291] usb 6-1: config 0 has no interfaces?
[  506.433718][T10639] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  506.546635][ T4291] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  506.606771][T10639] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1666: Failed to acquire dquot type 1
[  506.624911][ T4291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  506.649646][ T4291] usb 6-1: SerialNumber: syz
[  506.669424][ T4291] usb 6-1: config 0 descriptor??
[  506.800510][T10666] loop2: detected capacity change from 0 to 256
[  506.868258][T10666] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  506.948949][ T4291] usb 6-1: USB disconnect, device number 19
[  506.963637][T10666] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  508.871854][T10685] loop4: detected capacity change from 0 to 1024
[  509.026320][T10685] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  509.070532][T10685] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  509.181042][T10685] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  509.218699][T10685] System zones: 0-1, 3-36
[  509.263271][T10685] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  509.729287][T10700] loop5: detected capacity change from 0 to 512
[  509.808624][T10700] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  509.818937][T10700] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  509.829065][T10700] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  509.851885][T10700] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  509.859920][T10700] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  509.868291][T10700] EXT4-fs (loop5): failed to initialize system zone (-117)
[  509.876575][T10700] EXT4-fs (loop5): mount failed
[  510.070843][   T26] audit: type=1326 audit(1769137707.529:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  510.785135][   T26] audit: type=1326 audit(1769137707.529:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  510.930584][   T26] audit: type=1326 audit(1769137707.529:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.021821][   T26] audit: type=1326 audit(1769137707.529:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.045315][   T26] audit: type=1326 audit(1769137707.529:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.068301][   T26] audit: type=1326 audit(1769137707.529:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.091980][   T26] audit: type=1326 audit(1769137707.529:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.116002][   T26] audit: type=1326 audit(1769137707.529:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.141993][   T26] audit: type=1326 audit(1769137707.529:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  511.165394][   T26] audit: type=1326 audit(1769137707.529:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  512.244981][   T26] audit: type=1326 audit(1769137707.529:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.7.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1368f24cb9 code=0x7ffc0000
[  512.578755][T10733] loop7: detected capacity change from 0 to 1024
[  512.602071][T10735] loop4: detected capacity change from 0 to 512
[  512.680085][T10735] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  512.687307][T10733] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  512.713321][T10733] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  512.731271][T10735] EXT4-fs (loop4): Ignoring removed bh option
[  512.790641][T10733] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  512.830785][T10735] EXT4-fs error (device loop4): mb_free_blocks:1876: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  512.849927][T10733] System zones: 0-1, 3-36
[  512.888083][T10735] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.1693: corrupted inode contents
[  512.891573][T10733] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  512.917393][T10735] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #11: comm syz.4.1693: mark_inode_dirty error
[  512.964387][T10735] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1693: invalid indirect mapped block 1 (level 1)
[  513.006535][T10735] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.1693: corrupted inode contents
[  513.070263][T10735] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  513.283461][T10735] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.1693: corrupted inode contents
[  513.321793][T10735] EXT4-fs error (device loop4): ext4_truncate:4279: inode #11: comm syz.4.1693: mark_inode_dirty error
[  513.343807][T10735] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  513.406067][T10735] EXT4-fs (loop4): 1 truncate cleaned up
[  513.411927][T10735] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,bh,,errors=continue. Quota mode: none.
[  513.469294][T10743] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1694'.
[  513.575456][T10735] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.1693: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  513.837482][T10751] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1697'.
[  513.998168][T10754] loop6: detected capacity change from 0 to 128
[  514.094921][T10754] FAT-fs (loop6): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  514.339034][T10754] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  514.377852][T10754] FAT-fs (loop6): Filesystem has been set read-only
[  514.410176][T10754] attempt to access beyond end of device
[  514.410176][T10754] loop6: rw=524288, want=2073, limit=128
[  514.461146][T10764] loop2: detected capacity change from 0 to 512
[  514.484465][T10754] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  514.638701][T10754] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  514.661238][T10754] attempt to access beyond end of device
[  514.661238][T10754] loop6: rw=0, want=2073, limit=128
[  514.673092][T10764] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  514.702814][T10764] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  515.213093][T10764] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  515.224659][T10764] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  515.233557][T10764] System zones: 0-2, 18-18, 34-35
[  515.245344][T10764] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  515.599355][T10780] loop6: detected capacity change from 0 to 1024
[  515.648949][T10780] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  515.668863][T10780] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  515.729460][T10780] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  515.790712][T10780] System zones: 0-1, 3-36
[  515.831738][T10780] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  516.677118][T10793] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1712'.
[  517.356552][T10798] chnl_net:caif_netlink_parms(): no params data found
[  518.108184][T10798] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.118645][T10798] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.130363][T10798] device bridge_slave_0 entered promiscuous mode
[  518.142734][T10798] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.158683][T10820] loop4: detected capacity change from 0 to 512
[  518.205482][T10798] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.228210][T10820] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  518.239328][T10820] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  518.250425][T10820] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  518.298262][T10820] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  518.306754][T10820] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  518.315348][T10820] EXT4-fs (loop4): failed to initialize system zone (-117)
[  518.322964][T10820] EXT4-fs (loop4): mount failed
[  518.362738][T10798] device bridge_slave_1 entered promiscuous mode
[  518.428116][T10823] device syzkaller0 entered promiscuous mode
[  518.532577][T10798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  518.591594][T10798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  518.708006][T10825] loop5: detected capacity change from 0 to 1024
[  518.738659][T10798] team0: Port device team_slave_0 added
[  518.749719][T10798] team0: Port device team_slave_1 added
[  518.765184][T10827] loop2: detected capacity change from 0 to 512
[  518.781253][T10825] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  518.790661][T10825] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  518.796053][T10798] batman_adv: batadv0: Adding interface: batadv_slave_0
[  518.810559][T10798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.827181][T10827] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  518.854039][T10825] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  518.867944][T10827] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  518.877341][T10825] System zones: 0-1, 3-36
[  518.882577][T10798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  518.914481][T10827] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  518.930835][T10832] 9pnet: Could not find request transport: fd0x0000000000000004
[  518.940806][T10798] batman_adv: batadv0: Adding interface: batadv_slave_1
[  518.955233][T10825] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  518.986234][T10798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.013516][T10798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  519.025354][T10827] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  519.075552][ T6853] Bluetooth: hci0: command 0x0409 tx timeout
[  519.096548][T10835] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  519.141656][T10827] System zones: 0-2, 18-18, 34-35
[  519.154120][T10827] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  519.196154][T10798] device hsr_slave_0 entered promiscuous mode
[  519.203914][T10798] device hsr_slave_1 entered promiscuous mode
[  519.211474][T10798] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  519.220687][T10798] Cannot create hsr debugfs directory
[  519.932674][T10798] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  519.982901][T10798] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  520.021941][T10841] loop6: detected capacity change from 0 to 1024
[  520.062757][T10843] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1723'.
[  520.123923][T10798] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  520.170951][T10841] EXT4-fs (loop6): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,,errors=continue. Quota mode: none.
[  520.212703][T10798] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  520.239668][T10841] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.007760][T10866] loop2: detected capacity change from 0 to 512
[  521.153288][T10798] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.160832][ T6853] Bluetooth: hci0: command 0x041b tx timeout
[  521.165375][T10866] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  521.178506][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  521.206136][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  521.304257][T10866] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  521.375960][T10798] 8021q: adding VLAN 0 to HW filter on device team0
[  521.388975][T10866] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  521.405759][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  521.443381][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  521.473605][ T1266] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.481090][ T1266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  521.532433][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  521.552383][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  521.574890][ T1266] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.582454][ T1266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  521.584087][T10866] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3887: comm syz.2.1728: Allocating blocks 41-42 which overlap fs metadata
[  521.591900][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  521.617739][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  521.651488][T10866] __quota_error: 45 callbacks suppressed
[  521.651510][T10866] Quota error (device loop2): write_blk: dquota write failed
[  521.669004][T10866] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  521.669348][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  521.681209][T10866] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  521.697964][T10866] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.1728: Failed to acquire dquot type 1
[  521.711270][T10866] EXT4-fs error (device loop2): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  521.731213][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  521.743778][T10866] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1728: corrupted inode contents
[  521.764914][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  521.785195][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  521.796051][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  521.810629][T10866] EXT4-fs error (device loop2): ext4_dirty_inode:6058: inode #12: comm syz.2.1728: mark_inode_dirty error
[  521.833921][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  521.849614][T10866] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1728: corrupted inode contents
[  521.865533][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  521.879813][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  521.901207][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  521.921543][T10866] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #12: comm syz.2.1728: mark_inode_dirty error
[  521.946792][T10798] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  521.964217][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  522.010351][T10866] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1728: corrupted inode contents
[  522.041984][T10885] 9pnet: Could not find request transport: fd0x0000000000000004
[  522.106002][T10866] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  522.135946][T10866] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1728: corrupted inode contents
[  522.189927][T10866] EXT4-fs error (device loop2): ext4_truncate:4279: inode #12: comm syz.2.1728: mark_inode_dirty error
[  522.235728][T10866] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  522.281180][T10866] EXT4-fs (loop2): 1 truncate cleaned up
[  522.310603][T10866] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  522.390047][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  522.405564][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  522.419983][T10798] 8021q: adding VLAN 0 to HW filter on device batadv0
[  522.793990][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  522.824062][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  522.907459][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  522.928946][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  522.951770][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  522.960260][ T4227] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  522.996334][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  523.023043][T10902] lo speed is unknown, defaulting to 1000
[  523.031707][T10798] device veth0_vlan entered promiscuous mode
[  523.053648][T10902] lo speed is unknown, defaulting to 1000
[  523.073655][T10798] device veth1_vlan entered promiscuous mode
[  523.112259][T10902] lo speed is unknown, defaulting to 1000
[  523.144694][T10902] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  523.182161][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  523.202425][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  523.214181][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  523.224612][ T4227] usb 5-1: Using ep0 maxpacket: 16
[  523.238953][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  523.271523][T10902] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  523.301689][T10798] device veth0_macvtap entered promiscuous mode
[  523.315879][ T1106] Bluetooth: hci0: command 0x040f tx timeout
[  523.341503][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  523.349717][ T4227] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  523.367073][ T4227] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  523.537372][T10798] device veth1_macvtap entered promiscuous mode
[  523.930895][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.952500][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.964465][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.975893][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.988834][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  524.000151][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.018854][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  524.028687][ T4227] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  524.029882][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.051290][ T4227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  524.051900][T10798] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.076731][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  524.185328][T10902] lo speed is unknown, defaulting to 1000
[  524.202415][ T4227] usb 5-1: SerialNumber: syz
[  524.207786][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  524.228311][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.245354][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.263590][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.279987][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.298892][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.312108][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.322712][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.334491][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.387124][T10798] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.407859][T10902] lo speed is unknown, defaulting to 1000
[  524.414482][T10911] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1739'.
[  524.434538][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  524.447151][ T1266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  524.459700][ T1347] usb 5-1: USB disconnect, device number 12
[  524.471352][T10798] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.500621][T10798] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.510877][T10798] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.521097][T10798] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.532908][T10902] lo speed is unknown, defaulting to 1000
[  524.547712][T10902] lo speed is unknown, defaulting to 1000
[  524.644271][T10906] lo speed is unknown, defaulting to 1000
[  524.733081][T10902] lo speed is unknown, defaulting to 1000
[  524.752927][T10902] lo speed is unknown, defaulting to 1000
[  524.833740][T10759] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.858956][T10759] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.969182][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  525.040074][T10759] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.067262][T10759] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.091174][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  525.158960][T10919] device syzkaller0 entered promiscuous mode
[  525.273835][T10906] chnl_net:caif_netlink_parms(): no params data found
[  525.797982][ T6853] Bluetooth: hci0: command 0x0419 tx timeout
[  525.960954][ T4201] Bluetooth: hci2: command 0x0409 tx timeout
[  526.422887][T10939] lo speed is unknown, defaulting to 1000
[  526.489355][ T5289] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.501693][T10944] loop4: detected capacity change from 0 to 512
[  526.569560][T10944] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  526.591156][T10944] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[  526.601316][T10944] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  527.180602][ T5289] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  527.434129][T10944] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.1745: Allocating blocks 41-42 which overlap fs metadata
[  527.465807][T10944] Quota error (device loop4): write_blk: dquota write failed
[  527.490842][T10944] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[  527.540308][T10944] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.1745: Allocating blocks 41-42 which overlap fs metadata
[  527.569061][T10906] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.586263][T10906] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.602054][T10906] device bridge_slave_0 entered promiscuous mode
[  527.612347][T10944] Quota error (device loop4): write_blk: dquota write failed
[  527.633457][T10944] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  528.037194][T10944] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.1745: Failed to acquire dquot type 1
[  528.050398][ T1106] Bluetooth: hci2: command 0x041b tx timeout
[  528.082922][T10944] EXT4-fs error (device loop4): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  528.101000][T10958] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1748'.
[  528.110903][T10906] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.134426][T10906] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.545207][T10944] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.1745: corrupted inode contents
[  528.574481][T10944] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #12: comm syz.4.1745: mark_inode_dirty error
[  528.585181][T10906] device bridge_slave_1 entered promiscuous mode
[  528.616215][T10944] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.1745: corrupted inode contents
[  528.634278][ T5289] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.685358][T10944] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #12: comm syz.4.1745: mark_inode_dirty error
[  528.702780][T10906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  528.762774][T10944] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.1745: corrupted inode contents
[  528.781433][ T5289] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.804361][T10944] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  528.818472][T10944] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.1745: corrupted inode contents
[  528.841545][T10944] EXT4-fs error (device loop4): ext4_truncate:4279: inode #12: comm syz.4.1745: mark_inode_dirty error
[  528.858237][T10944] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  528.877951][T10944] EXT4-fs (loop4): 1 truncate cleaned up
[  528.884347][T10944] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  528.965944][T10906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  529.008484][T10944] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.1745: Allocating blocks 41-42 which overlap fs metadata
[  529.065338][T10906] team0: Port device team_slave_0 added
[  529.085786][T10906] team0: Port device team_slave_1 added
[  529.104276][T10944] Quota error (device loop4): write_blk: dquota write failed
[  529.119307][T10944] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  529.175061][T10906] batman_adv: batadv0: Adding interface: batadv_slave_0
[  529.215338][T10906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  529.258531][T10944] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.1745: Failed to acquire dquot type 1
[  529.294316][T10906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  529.345530][T10906] batman_adv: batadv0: Adding interface: batadv_slave_1
[  529.353140][T10906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  529.380186][T10906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  529.391051][ T6854] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  529.988223][T10906] device hsr_slave_0 entered promiscuous mode
[  529.995309][ T6854] usb 3-1: Using ep0 maxpacket: 16
[  530.001033][T10906] device hsr_slave_1 entered promiscuous mode
[  530.060134][T10906] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  530.091570][T10906] Cannot create hsr debugfs directory
[  530.116690][ T6853] Bluetooth: hci2: command 0x040f tx timeout
[  530.123140][ T6854] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  530.151337][ T6854] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  530.417726][ T6854] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  530.437842][ T6854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  530.659189][ T6854] usb 3-1: SerialNumber: syz
[  531.190473][ T6854] usb 3-1: USB disconnect, device number 11
[  531.220070][T11009] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1758'.
[  531.306395][T11016] lo speed is unknown, defaulting to 1000
[  532.025553][T10906] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  532.068024][T11023] loop4: detected capacity change from 0 to 1024
[  532.167404][T10906] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  532.198271][ T6854] Bluetooth: hci2: command 0x0419 tx timeout
[  532.461473][T11023] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  532.481876][T11023] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  532.616773][T10906] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  532.633951][T10906] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  532.672910][T11023] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  532.685310][T11023] System zones: 0-1, 3-36
[  532.748261][T11023] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  532.783138][T11041] loop6: detected capacity change from 0 to 512
[  533.430285][T11041] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  533.459039][T11041] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled
[  533.468822][T11041] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  533.517432][T11041] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1763: Allocating blocks 41-42 which overlap fs metadata
[  533.548180][T10906] 8021q: adding VLAN 0 to HW filter on device bond0
[  533.569478][T11041] Quota error (device loop6): write_blk: dquota write failed
[  533.596606][T11041] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  533.630833][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  533.650472][T11041] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  533.660959][T11041] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1763: Failed to acquire dquot type 1
[  533.673002][T11041] EXT4-fs error (device loop6): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  533.692435][T11041] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1763: corrupted inode contents
[  533.696557][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  533.706085][T11041] EXT4-fs error (device loop6): ext4_dirty_inode:6058: inode #12: comm syz.6.1763: mark_inode_dirty error
[  533.789557][T10906] 8021q: adding VLAN 0 to HW filter on device team0
[  533.895559][T11041] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1763: corrupted inode contents
[  533.921031][T11041] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #12: comm syz.6.1763: mark_inode_dirty error
[  534.590900][T11041] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1763: corrupted inode contents
[  534.635228][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  534.715480][T11041] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  534.728681][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  534.754092][T11041] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1763: corrupted inode contents
[  534.764741][T11075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1769'.
[  534.789684][ T6028] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.797734][ T6028] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.836270][T11041] EXT4-fs error (device loop6): ext4_truncate:4279: inode #12: comm syz.6.1763: mark_inode_dirty error
[  534.879382][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  534.892223][T11041] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  534.926907][T11041] EXT4-fs (loop6): 1 truncate cleaned up
[  534.932778][T11041] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  534.934879][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  534.979270][ T6028] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.990765][ T6028] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.999942][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  535.162240][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  535.225276][ T6853] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  535.399797][T11082] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1771'.
[  535.465367][ T6853] usb 9-1: Using ep0 maxpacket: 16
[  535.595787][ T6853] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  535.627928][ T6853] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  535.736753][ T6853] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  535.755338][ T6853] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  535.785899][ T6853] usb 9-1: SerialNumber: syz
[  535.876663][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  535.926817][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  535.957332][T11099] loop4: detected capacity change from 0 to 1024
[  535.975472][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  535.991671][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  536.002255][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  536.012557][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  536.090150][ T4262] usb 9-1: USB disconnect, device number 2
[  536.180329][T10906] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  536.192992][T10906] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  536.206393][T11099] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  536.214365][T11099] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  536.509339][T11099] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  536.540342][T11099] System zones: 0-1, 3-36
[  536.555791][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  536.584541][T11099] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  536.615916][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  536.652483][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  536.763919][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  536.904736][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  536.960492][T11107] device syzkaller0 entered promiscuous mode
[  538.111491][ T5289] device hsr_slave_0 left promiscuous mode
[  538.136380][ T5289] device hsr_slave_1 left promiscuous mode
[  538.252766][T11138] loop2: detected capacity change from 0 to 128
[  538.306526][ T5289] device bond1 left promiscuous mode
[  538.313282][ T5289] device veth1_macvtap left promiscuous mode
[  538.320937][ T5289] device veth0_macvtap left promiscuous mode
[  538.327506][ T5289] device veth1_vlan left promiscuous mode
[  538.339938][ T5289] device veth0_vlan left promiscuous mode
[  539.150421][T11143] loop8: detected capacity change from 0 to 512
[  539.221648][T11143] EXT4-fs (loop8): Quota format mount options ignored when QUOTA feature is enabled
[  539.281687][T11143] EXT4-fs (loop8): Journaled quota options ignored when QUOTA feature is enabled
[  539.318677][T11143] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  539.407187][ T5289] bond1 (unregistering): Released all slaves
[  539.861389][T11143] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3887: comm syz.8.1782: Allocating blocks 41-42 which overlap fs metadata
[  539.885743][T11143] Quota error (device loop8): write_blk: dquota write failed
[  539.925097][T11143] Quota error (device loop8): find_free_dqentry: Can't write quota data block 5
[  539.934394][T11143] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3887: comm syz.8.1782: Allocating blocks 41-42 which overlap fs metadata
[  539.961668][T11143] Quota error (device loop8): write_blk: dquota write failed
[  539.975252][T11143] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  540.044081][T11143] EXT4-fs error (device loop8): ext4_acquire_dquot:6234: comm syz.8.1782: Failed to acquire dquot type 1
[  540.069442][T11143] EXT4-fs error (device loop8): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  540.091851][T11143] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #12: comm syz.8.1782: corrupted inode contents
[  540.105560][T11143] EXT4-fs error (device loop8): ext4_dirty_inode:6058: inode #12: comm syz.8.1782: mark_inode_dirty error
[  540.131167][T11143] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #12: comm syz.8.1782: corrupted inode contents
[  540.144464][T11143] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #12: comm syz.8.1782: mark_inode_dirty error
[  540.163619][ T5289] bond0 (unregistering): Released all slaves
[  540.163936][T11143] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #12: comm syz.8.1782: corrupted inode contents
[  540.185788][T11143] EXT4-fs error (device loop8) in ext4_orphan_del:303: Corrupt filesystem
[  540.198679][T11143] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #12: comm syz.8.1782: corrupted inode contents
[  540.215615][T11143] EXT4-fs error (device loop8): ext4_truncate:4279: inode #12: comm syz.8.1782: mark_inode_dirty error
[  540.232586][T11143] EXT4-fs error (device loop8) in ext4_process_orphan:345: Corrupt filesystem
[  540.242934][T11146] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1784'.
[  540.247197][T11143] EXT4-fs (loop8): 1 truncate cleaned up
[  540.258707][T11143] EXT4-fs (loop8): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  540.340161][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  540.360318][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  540.401054][T11143] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3887: comm syz.8.1782: Allocating blocks 41-42 which overlap fs metadata
[  540.424740][T11143] Quota error (device loop8): write_blk: dquota write failed
[  540.437907][T11143] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  540.451736][T10906] 8021q: adding VLAN 0 to HW filter on device batadv0
[  540.456578][T11164] loop4: detected capacity change from 0 to 1024
[  540.471365][T11143] EXT4-fs error (device loop8): ext4_acquire_dquot:6234: comm syz.8.1782: Failed to acquire dquot type 1
[  540.598634][T11164] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  540.624828][T11164] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  540.772632][T11164] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  540.795416][T11164] System zones: 0-1, 3-36
[  540.815430][T11164] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  541.959350][T11205] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  542.204158][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  542.241150][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  543.159896][T10906] device veth0_vlan entered promiscuous mode
[  543.176525][T11222] loop6: detected capacity change from 0 to 512
[  543.284693][T10906] device veth1_vlan entered promiscuous mode
[  543.313626][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  543.346494][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  543.347096][T11222] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  543.368719][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  543.458242][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  543.476558][T11237] loop8: detected capacity change from 0 to 1024
[  543.498943][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  543.515538][T11222] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled
[  543.518902][T11239] loop2: detected capacity change from 0 to 512
[  543.526180][T10759] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  543.553966][T11222] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  543.583261][T11237] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  543.606532][T11237] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  543.628569][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  543.668023][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  543.680736][T11237] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  543.687513][T10906] device veth0_macvtap entered promiscuous mode
[  543.707229][T11237] System zones: 0-1, 3-36
[  543.714643][T11239] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  543.718959][T11222] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1798: Allocating blocks 41-42 which overlap fs metadata
[  543.729189][T11237] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  543.737226][T11222] Quota error (device loop6): write_blk: dquota write failed
[  543.765470][T11222] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  543.774689][T11222] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1798: Allocating blocks 41-42 which overlap fs metadata
[  543.776304][T11239] EXT4-fs (loop2): 1 truncate cleaned up
[  543.816274][T11239] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,noinit_itable,noblock_validity,,errors=continue. Quota mode: writeback.
[  543.820972][T11222] Quota error (device loop6): write_blk: dquota write failed
[  543.891625][T11222] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  543.958173][T11222] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1798: Failed to acquire dquot type 1
[  544.010855][T11222] EXT4-fs error (device loop6): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  544.037632][T11239] EXT4-fs (loop2): re-mounted. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,noinit_itable,noblock_validity,. Quota mode: writeback.
[  544.068517][T11222] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1798: corrupted inode contents
[  544.093358][T11222] EXT4-fs error (device loop6): ext4_dirty_inode:6058: inode #12: comm syz.6.1798: mark_inode_dirty error
[  544.123198][T11222] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1798: corrupted inode contents
[  544.198797][T11222] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #12: comm syz.6.1798: mark_inode_dirty error
[  544.251474][T10906] device veth1_macvtap entered promiscuous mode
[  544.302688][T11222] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1798: corrupted inode contents
[  544.340963][T11222] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  544.351307][T11222] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1798: corrupted inode contents
[  544.374325][T11222] EXT4-fs error (device loop6): ext4_truncate:4279: inode #12: comm syz.6.1798: mark_inode_dirty error
[  544.383641][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  544.401402][T11222] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  544.445759][T11222] EXT4-fs (loop6): 1 truncate cleaned up
[  544.446270][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  544.451529][T11222] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  544.559150][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.592587][T11222] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1798: Allocating blocks 41-42 which overlap fs metadata
[  544.637848][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.674741][T11222] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1798: Failed to acquire dquot type 1
[  544.735348][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.766480][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.805408][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.831068][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.847104][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.861983][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.879312][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.895386][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.983906][T10906] batman_adv: batadv0: Interface activated: batadv_slave_0
[  546.913614][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  546.960162][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  546.980640][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  547.002091][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  547.025075][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  547.042183][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  547.052594][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  547.070883][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  547.087992][T10906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  547.104748][T10906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  547.117676][T10906] batman_adv: batadv0: Interface activated: batadv_slave_1
[  547.167871][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  547.197713][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  547.235931][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  547.255864][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  547.265666][ T4342] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  547.310537][T11279] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1812'.
[  547.408315][T10906] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  547.453160][T10906] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  547.484290][T10906] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  547.501784][T10906] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  547.624033][ T4342] usb 5-1: Using ep0 maxpacket: 16
[  547.776151][ T4342] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  547.800709][ T4342] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  547.925761][ T4342] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  547.948940][ T4342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  547.964250][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  547.992768][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  548.025051][ T4342] usb 5-1: SerialNumber: syz
[  548.105889][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  548.114153][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  548.144780][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  548.288278][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  548.338771][T11310] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1818'.
[  548.364776][ T4234] usb 5-1: USB disconnect, device number 13
[  548.693395][T11321] loop9: detected capacity change from 0 to 512
[  548.701965][T11324] loop6: detected capacity change from 0 to 128
[  548.709387][T11319] loop8: detected capacity change from 0 to 1024
[  548.859780][T11321] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  548.890556][T11319] EXT4-fs (loop8): Ignoring removed orlov option
[  549.130381][T11324] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  549.268302][T11319] EXT4-fs (loop8): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,nodioread_nolock,grpjquota=,,errors=continue. Quota mode: none.
[  549.308787][T11321] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  549.431426][T11324] ext4 filesystem being mounted at /195/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  549.471260][T11330] loop4: detected capacity change from 0 to 128
[  549.490597][T11319] EXT4-fs error (device loop8): ext4_free_inode:355: comm syz.8.1822: bit already cleared for inode 15
[  549.507630][T11321] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  549.665145][T11342] loop2: detected capacity change from 0 to 1024
[  549.712286][T11321] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  549.748000][T11321] System zones: 0-2, 18-18, 34-35
[  549.754087][T11321] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  549.754538][T11342] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  550.539089][T11342] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #11: comm syz.2.1825: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  550.581644][T11342] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1825: couldn't read orphan inode 11 (err -117)
[  550.808056][T11357] device syzkaller0 entered promiscuous mode
[  550.976140][T11342] EXT4-fs (loop2): mounted filesystem without journal. Opts: sysvgroups,noload,mblk_io_submit,noload,discard,usrjquota=,grpquota,quota,,errors=continue. Quota mode: writeback.
[  551.365247][T11342] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1825: Invalid block bitmap block 0 in block_group 0
[  551.517610][T11342] __quota_error: 2 callbacks suppressed
[  551.517627][T11342] Quota error (device loop2): write_blk: dquota write failed
[  551.571675][T11375] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1830'.
[  551.604177][T11342] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  551.624488][T11342] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.1825: Failed to acquire dquot type 0
[  551.765250][ T6028] Quota error (device loop2): remove_tree: Getting block too big (0 >= 9)
[  551.800359][ T6028] EXT4-fs error (device loop2): ext4_release_dquot:6270: comm kworker/u4:17: Failed to release dquot type 0
[  551.863676][T11391] loop6: detected capacity change from 0 to 256
[  551.900988][T11389] loop9: detected capacity change from 0 to 512
[  551.911261][T11394] loop4: detected capacity change from 0 to 512
[  551.996112][T11389] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  552.006558][T11389] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  552.010239][T11394] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  552.016803][T11389] EXT4-fs (loop9): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  552.046211][T11389] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  552.049161][T11391] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  552.054390][T11389] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  552.073784][T11389] EXT4-fs (loop9): failed to initialize system zone (-117)
[  552.081541][T11389] EXT4-fs (loop9): mount failed
[  552.087784][T11401] loop2: detected capacity change from 0 to 512
[  552.132138][T11394] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  552.220817][T11394] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  552.248091][T11401] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  552.278064][T11394] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  552.291488][T11394] System zones: 0-2, 18-18, 34-35
[  552.301767][T11394] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  552.321897][   T26] audit: type=1800 audit(1769137749.779:239): pid=11401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1836" name="file2" dev="loop2" ino=16 res=0 errno=0
[  552.451735][T11415] lo speed is unknown, defaulting to 1000
[  552.711279][T11422] device syzkaller0 entered promiscuous mode
[  553.033321][T11425] loop2: detected capacity change from 0 to 512
[  553.460248][T11425] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  553.570064][T11425] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.903717][T11450] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1847'.
[  554.270126][T11461] loop2: detected capacity change from 0 to 512
[  555.049785][T11461] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  555.075139][T11461] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  555.313834][T11461] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  555.498124][T11461] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  555.738614][T11461] System zones: 0-2, 18-18, 34-35
[  555.744850][T11461] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  555.758895][T11469] loop9: detected capacity change from 0 to 1024
[  555.954469][T11469] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  556.299544][T11469] EXT4-fs error (device loop9): ext4_ext_check_inode:501: inode #11: comm syz.9.1860: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  556.450203][T11469] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.1860: couldn't read orphan inode 11 (err -117)
[  556.515351][T11469] EXT4-fs (loop9): mounted filesystem without journal. Opts: sysvgroups,noload,mblk_io_submit,noload,discard,usrjquota=,grpquota,quota,,errors=continue. Quota mode: writeback.
[  556.683944][T11495] loop2: detected capacity change from 0 to 512
[  556.793048][T11469] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:476: comm syz.9.1860: Invalid block bitmap block 0 in block_group 0
[  556.868898][T11469] Quota error (device loop9): write_blk: dquota write failed
[  556.908404][T11495] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  556.945689][T11469] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  557.029673][T11495] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  557.095251][T11469] EXT4-fs error (device loop9): ext4_acquire_dquot:6234: comm syz.9.1860: Failed to acquire dquot type 0
[  557.102151][T11495] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  557.183073][T11505] loop8: detected capacity change from 0 to 512
[  557.192491][ T4433] EXT4-fs error (device loop9): __ext4_get_inode_loc:4327: comm kworker/u4:12: Invalid inode table block 8589934593 in block_group 0
[  557.192798][T11495] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3887: comm syz.2.1864: Allocating blocks 41-42 which overlap fs metadata
[  557.246734][T11495] Quota error (device loop2): write_blk: dquota write failed
[  557.322116][T11505] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  557.362917][T11505] EXT4-fs (loop8): orphan cleanup on readonly fs
[  557.444414][T11495] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  557.528581][T11495] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  557.551575][T11505] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #16: comm syz.8.1868: corrupted inode contents
[  557.611574][T11495] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.1864: Failed to acquire dquot type 1
[  557.640533][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  557.680989][T11505] EXT4-fs error (device loop8): ext4_dirty_inode:6058: inode #16: comm syz.8.1868: mark_inode_dirty error
[  558.024926][T11495] EXT4-fs error (device loop2): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  558.299298][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  558.306649][T11505] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #16: comm syz.8.1868: corrupted inode contents
[  558.320316][T11495] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1864: corrupted inode contents
[  558.386595][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  558.393988][T11505] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #16: comm syz.8.1868: mark_inode_dirty error
[  558.420962][T11495] EXT4-fs error (device loop2): ext4_dirty_inode:6058: inode #12: comm syz.2.1864: mark_inode_dirty error
[  558.443320][T11495] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1864: corrupted inode contents
[  558.530589][T11495] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #12: comm syz.2.1864: mark_inode_dirty error
[  558.555544][T11527] loop9: detected capacity change from 0 to 512
[  558.731352][T11495] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1864: corrupted inode contents
[  558.867218][T11527] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  559.071497][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.088582][T11505] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #16: comm syz.8.1868: corrupted inode contents
[  559.100983][T11495] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  559.110259][T11527] EXT4-fs (loop9): Remounting filesystem read-only
[  559.145224][T11527] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.1872: invalid indirect mapped block 4278190080 (level 0)
[  559.149597][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.166033][T11495] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #12: comm syz.2.1864: corrupted inode contents
[  559.198404][T11527] EXT4-fs (loop9): Remounting filesystem read-only
[  559.217056][T11495] EXT4-fs error (device loop2): ext4_truncate:4279: inode #12: comm syz.2.1864: mark_inode_dirty error
[  559.235143][T11527] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.1872: invalid indirect mapped block 1 (level 1)
[  559.236354][T11505] EXT4-fs error (device loop8) in ext4_orphan_del:303: Corrupt filesystem
[  559.295143][T11495] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  559.305194][T11527] EXT4-fs (loop9): Remounting filesystem read-only
[  559.341035][T11527] EXT4-fs (loop9): 1 truncate cleaned up
[  559.352883][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.358154][T11535] netlink: 'syz.4.1873': attribute type 10 has an invalid length.
[  559.369150][T11495] EXT4-fs (loop2): 1 truncate cleaned up
[  559.375145][T11527] EXT4-fs (loop9): mounted filesystem without journal. Opts: abort,errors=continue,inode_readahead_blks=0x0000000000000040,errors=remount-ro,barrier=0x0000000000001000,resgid=0x0000000000000000,nolazytime,noquota,auto_da_alloc=0x0000000000000006,data=journal,init_itable=0x000000000000. Quota mode: none.
[  559.390053][T11527] EXT4-fs error (device loop9): ext4_iget_extra_inode:4566: inode #15: comm syz.9.1872: corrupted in-inode xattr
[  559.424882][T11505] EXT4-fs error (device loop8): ext4_do_update_inode:5222: inode #16: comm syz.8.1868: corrupted inode contents
[  559.469275][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.485198][T11505] EXT4-fs error (device loop8): ext4_truncate:4279: inode #16: comm syz.8.1868: mark_inode_dirty error
[  559.533894][T11527] EXT4-fs (loop9): Remounting filesystem read-only
[  559.546583][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.553586][T11505] EXT4-fs error (device loop8) in ext4_process_orphan:345: Corrupt filesystem
[  559.592713][T11505] EXT4-fs (loop8): Remounting filesystem read-only
[  559.599992][T11495] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  559.665594][T11505] EXT4-fs (loop8): 1 truncate cleaned up
[  559.691760][T11505] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,nodioread_nolock,. Quota mode: writeback.
[  559.817162][T11546] usb usb9: usbfs: process 11546 (syz.9.1875) did not claim interface 7 before use
[  560.630258][T11570] loop8: detected capacity change from 0 to 128
[  560.753128][T11574] loop2: detected capacity change from 0 to 1024
[  560.767348][   T26] audit: type=1800 audit(1769137758.229:240): pid=11570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1878" name="file1" dev="loop8" ino=1048654 res=0 errno=0
[  560.792444][T11570] FAT-fs (loop8): error, invalid FAT chain (i_pos 548, last_block 8)
[  560.810146][T11570] FAT-fs (loop8): Filesystem has been set read-only
[  560.851717][T11570] FAT-fs (loop8): error, corrupted file size (i_pos 548, 522)
[  560.859795][   T26] audit: type=1800 audit(1769137758.249:241): pid=11570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1878" name="file1" dev="loop8" ino=1048654 res=0 errno=0
[  560.972632][T11584] loop9: detected capacity change from 0 to 512
[  561.004235][T11574] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  561.034832][T11584] EXT4-fs (loop9): Quota format mount options ignored when QUOTA feature is enabled
[  561.135150][T11584] EXT4-fs (loop9): Journaled quota options ignored when QUOTA feature is enabled
[  561.201575][T11584] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  561.346276][T11584] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3887: comm syz.9.1886: Allocating blocks 41-42 which overlap fs metadata
[  561.407597][T11584] Quota error (device loop9): write_blk: dquota write failed
[  561.454031][T11584] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[  561.468084][T11606] loop6: detected capacity change from 0 to 512
[  561.481471][T11606] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  561.502467][T11584] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3887: comm syz.9.1886: Allocating blocks 41-42 which overlap fs metadata
[  561.524676][T11584] Quota error (device loop9): write_blk: dquota write failed
[  561.533029][T11584] EXT4-fs error (device loop9): ext4_acquire_dquot:6234: comm syz.9.1886: Failed to acquire dquot type 1
[  561.565124][T11584] EXT4-fs error (device loop9): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  561.633399][T11584] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1886: corrupted inode contents
[  561.674963][T11584] EXT4-fs error (device loop9): ext4_dirty_inode:6058: inode #12: comm syz.9.1886: mark_inode_dirty error
[  561.704238][T11584] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1886: corrupted inode contents
[  561.815381][T11584] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #12: comm syz.9.1886: mark_inode_dirty error
[  561.879113][T11584] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1886: corrupted inode contents
[  561.922620][T11623] loop6: detected capacity change from 0 to 512
[  561.937285][T11584] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[  561.972456][T11623] EXT4-fs (loop6): Ignoring removed oldalloc option
[  562.003427][T11584] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1886: corrupted inode contents
[  562.018672][T11623] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  562.043618][T11584] EXT4-fs error (device loop9): ext4_truncate:4279: inode #12: comm syz.9.1886: mark_inode_dirty error
[  562.076913][T11584] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[  562.094076][T11623] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2806: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  562.147296][T11584] EXT4-fs (loop9): 1 truncate cleaned up
[  562.148060][T11623] EXT4-fs (loop6): 1 truncate cleaned up
[  562.175084][T11623] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsddf,oldalloc,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  562.231165][T11584] EXT4-fs (loop9): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  562.464665][T11636] loop8: detected capacity change from 0 to 128
[  562.673489][T11640] loop6: detected capacity change from 0 to 164
[  562.859857][T11640] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  563.426518][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  563.441578][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  563.987784][T11664] loop4: detected capacity change from 0 to 512
[  564.069128][T11671] loop6: detected capacity change from 0 to 512
[  564.098067][T11673] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1910'.
[  564.133966][T11671] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  564.184653][T11664] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  564.195491][T11671] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled
[  564.207935][T11664] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  564.280360][T11671] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  564.365501][T11684] loop9: detected capacity change from 0 to 1024
[  564.377211][T11671] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1909: Allocating blocks 41-42 which overlap fs metadata
[  564.410192][T11671] __quota_error: 2 callbacks suppressed
[  564.410204][T11671] Quota error (device loop6): write_blk: dquota write failed
[  564.432122][T11671] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  564.463431][T11688] EXT4-fs (loop8): Ignoring removed bh option
[  564.499042][T11671] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1909: Allocating blocks 41-42 which overlap fs metadata
[  564.556781][T11684] EXT4-fs (loop9): mounted filesystem without journal. Opts: acl,,errors=continue. Quota mode: none.
[  564.611681][T11671] Quota error (device loop6): write_blk: dquota write failed
[  564.621492][   T26] audit: type=1800 audit(1769137762.079:243): pid=11684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1913" name="bus" dev="loop9" ino=18 res=0 errno=0
[  564.669092][T11671] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  564.700082][T11671] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1909: Failed to acquire dquot type 1
[  564.702511][T11688] EXT4-fs (loop8): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none.
[  564.738771][T11671] EXT4-fs error (device loop6): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  564.785270][T11699] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  564.788959][T11688] EXT4-fs error (device loop8): ext4_read_inline_dir:1618: inode #12: block 7: comm syz.8.1915: path /50/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  564.801794][T11671] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1909: corrupted inode contents
[  564.909632][T11699] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  564.950356][T11671] EXT4-fs error (device loop6): ext4_dirty_inode:6058: inode #12: comm syz.6.1909: mark_inode_dirty error
[  564.962701][T11688] EXT4-fs (loop8): Remounting filesystem read-only
[  564.964158][T11671] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1909: corrupted inode contents
[  564.984149][T11671] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #12: comm syz.6.1909: mark_inode_dirty error
[  565.002911][T11699] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  565.043206][T11671] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1909: corrupted inode contents
[  565.087988][T11699] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  565.125381][T11699] System zones: 0-2, 18-18, 34-35
[  565.131469][T11699] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  565.161707][T11671] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  565.195455][T11671] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #12: comm syz.6.1909: corrupted inode contents
[  565.202410][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.221140][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.229019][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.236808][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.305426][T11671] EXT4-fs error (device loop6): ext4_truncate:4279: inode #12: comm syz.6.1909: mark_inode_dirty error
[  565.384009][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.402454][T11671] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  565.452030][T11671] EXT4-fs (loop6): 1 truncate cleaned up
[  565.461147][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.469151][T11671] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  565.470912][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.502927][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.511572][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.519975][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.534850][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.555227][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.556679][T11711] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  565.575098][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.582698][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.605124][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.612967][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.621151][T11711] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  565.645089][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.652701][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.665132][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.672561][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.680367][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.688055][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.691668][T11711] EXT4-fs (loop9): orphan cleanup on readonly fs
[  565.696007][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.710192][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.718350][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.726187][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.734787][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.748255][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.753979][T11711] Quota error (device loop9): v2_read_header: Failed header read: expected=8 got=0
[  565.762963][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.774772][T11717] set_capacity_and_notify: 3 callbacks suppressed
[  565.774786][T11717] loop4: detected capacity change from 0 to 1024
[  565.788831][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.796653][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.805329][ T1106] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  565.815136][T11711] EXT4-fs warning (device loop9): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  565.834634][ T1106] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  565.849955][T11717] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  565.864402][T11717] EXT4-fs (loop4): Ignoring removed nobh option
[  565.873054][T11711] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  565.943868][T11711] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1921: bg 0: block 40: padding at end of block bitmap is not set
[  565.998298][T11717] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,auto_da_alloc=0x0000000000000009,nodioread_nolock,usrquota,discard,max_dir_size_kb=0x0000000000000005,mblk_io_submit,nombcache,stripe=0x0000000000000000,nobh,inode_readahead_blks=0x0000000000040000,,errors=continue. Quota mode: writeback.
[  566.030258][T11711] EXT4-fs (loop9): Remounting filesystem read-only
[  566.048564][T11711] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  566.068740][T11711] EXT4-fs (loop9): Remounting filesystem read-only
[  566.085180][T11711] EXT4-fs (loop9): 1 truncate cleaned up
[  566.092313][T11711] EXT4-fs (loop9): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,dioread_lock,nouid32,data=writeback,. Quota mode: writeback.
[  566.414657][T11739] loop9: detected capacity change from 0 to 512
[  566.515769][T11739] EXT4-fs (loop9): Quota format mount options ignored when QUOTA feature is enabled
[  566.544415][T11739] EXT4-fs (loop9): Journaled quota options ignored when QUOTA feature is enabled
[  566.584980][T11739] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  566.680887][T11739] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3887: comm syz.9.1934: Allocating blocks 41-42 which overlap fs metadata
[  566.746232][T11739] Quota error (device loop9): write_blk: dquota write failed
[  566.754047][T11739] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[  566.771808][T11739] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3887: comm syz.9.1934: Allocating blocks 41-42 which overlap fs metadata
[  566.793699][T11739] Quota error (device loop9): write_blk: dquota write failed
[  566.882257][T11739] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  566.944356][T11739] EXT4-fs error (device loop9): ext4_acquire_dquot:6234: comm syz.9.1934: Failed to acquire dquot type 1
[  566.958587][T11757] fido_id[11757]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  567.011579][T11739] EXT4-fs error (device loop9): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  567.058734][T11739] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1934: corrupted inode contents
[  567.107450][T11771] loop4: detected capacity change from 0 to 512
[  567.135693][T11739] EXT4-fs error (device loop9): ext4_dirty_inode:6058: inode #12: comm syz.9.1934: mark_inode_dirty error
[  567.193374][T11739] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1934: corrupted inode contents
[  567.230393][T11739] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #12: comm syz.9.1934: mark_inode_dirty error
[  567.579221][T11739] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1934: corrupted inode contents
[  567.692872][T11771] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  567.794879][T11771] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  567.879221][T11739] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[  567.885747][T11771] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #13: comm syz.4.1943: iget: bad i_size value: 12154757448730
[  567.914665][T11739] EXT4-fs error (device loop9): ext4_do_update_inode:5222: inode #12: comm syz.9.1934: corrupted inode contents
[  567.939174][T11771] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1943: couldn't read orphan inode 13 (err -117)
[  567.949681][T11783] loop2: detected capacity change from 0 to 512
[  567.954623][T11784] loop6: detected capacity change from 0 to 128
[  567.974064][T11739] EXT4-fs error (device loop9): ext4_truncate:4279: inode #12: comm syz.9.1934: mark_inode_dirty error
[  568.006222][T11771] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,nodelalloc,sysvgroups,jqfmt=vfsold,nombcache,grpjquota=.seclabel,,errors=continue. Quota mode: writeback.
[  568.084795][T11739] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[  568.121501][T11739] EXT4-fs (loop9): 1 truncate cleaned up
[  568.128447][T11739] EXT4-fs (loop9): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  568.134311][T11771] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  568.198009][T11783] EXT4-fs error (device loop2): ext4_iget_extra_inode:4566: inode #15: comm syz.2.1945: corrupted in-inode xattr
[  568.201980][T11790] loop8: detected capacity change from 0 to 512
[  568.250830][T11783] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1945: couldn't read orphan inode 15 (err -117)
[  568.300848][T11790] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  568.318403][T11783] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none.
[  568.321490][T11790] EXT4-fs (loop8): invalid journal inode
[  568.402754][T11790] EXT4-fs (loop8): can't get journal size
[  568.461390][T11790] EXT4-fs (loop8): 1 truncate cleaned up
[  568.467762][T11790] EXT4-fs (loop8): mounted filesystem without journal. Opts: norecovery,sysvgroups,sysvgroups,lazytime,,errors=continue. Quota mode: none.
[  568.763765][T11812] loop4: detected capacity change from 0 to 512
[  568.842307][T11812] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  568.905238][T11812] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  568.954706][T11812] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  569.043533][T11812] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  569.145427][T11812] System zones: 0-2, 18-18, 34-35
[  569.171968][T11812] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  570.180446][   T26] audit: type=1326 audit(1769137767.639:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.269468][T11861] lo speed is unknown, defaulting to 1000
[  570.303203][   T26] audit: type=1326 audit(1769137767.639:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.382980][T11874] loop4: detected capacity change from 0 to 1024
[  570.386800][   T26] audit: type=1326 audit(1769137767.639:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.496340][   T26] audit: type=1326 audit(1769137767.639:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.562793][T11874] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,norecovery,min_batch_time=0x0000000010000005,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,inode_readahead_blks=0x0000000000200000,resgid=0x0000000000000000,inode_readahead_blks=0x0000000,errors=continue. Quota mode: none.
[  570.618485][   T26] audit: type=1326 audit(1769137767.639:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.629436][T11874] EXT4-fs error (device loop4): ext4_xattr_inode_iget:401: inode #11: comm syz.4.1972: missing EA_INODE flag
[  570.641621][   T26] audit: type=1326 audit(1769137767.639:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.641653][   T26] audit: type=1326 audit(1769137767.639:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.641677][   T26] audit: type=1326 audit(1769137767.639:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.641699][   T26] audit: type=1326 audit(1769137767.639:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.641721][   T26] audit: type=1326 audit(1769137767.639:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11866 comm="syz.6.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9545efcb9 code=0x7ffc0000
[  570.836905][T11886] loop2: detected capacity change from 0 to 512
[  570.846070][T11884] loop8: detected capacity change from 0 to 1024
[  570.859443][T11874] EXT4-fs error (device loop4): ext4_xattr_inode_iget:406: comm syz.4.1972: error while reading EA inode 11 err=-117
[  570.924441][T11886] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  570.948774][T11874] EXT4-fs error (device loop4): ext4_xattr_inode_iget:401: inode #11: comm syz.4.1972: missing EA_INODE flag
[  570.975147][T11886] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  570.995493][T11884] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  571.041138][T11886] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  571.086724][T11874] EXT4-fs error (device loop4): ext4_xattr_inode_iget:406: comm syz.4.1972: error while reading EA inode 11 err=-117
[  571.107143][T11886] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  571.114131][T11898] loop6: detected capacity change from 0 to 128
[  571.133020][T11884] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3887: comm syz.8.1975: Allocating blocks 385-513 which overlap fs metadata
[  571.166695][T11886] System zones: 0-2, 18-18, 34-35
[  571.225462][T11886] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  571.234846][T11884] EXT4-fs (loop8): shut down requested (0)
[  571.495856][T11882] EXT4-fs (loop8): pa ffff88807459e1c0: logic 16, phys. 129, len 24
[  573.224841][T11945] loop4: detected capacity change from 0 to 1024
[  573.269776][T11950] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2002'.
[  573.271383][T11948] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2001'.
[  573.309222][T11945] EXT4-fs (loop4): Ignoring removed bh option
[  573.338107][T11945] EXT4-fs (loop4): inline encryption not supported
[  573.345736][T11945] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  573.436097][T11945] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,bh,inlinecrypt,discard,data_err=ignore,nodiscard,nodelalloc,grpquota,init_itable,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,lazytime,. Quota mode: writeback.
[  573.492010][T11954] loop9: detected capacity change from 0 to 512
[  573.573650][T11954] EXT4-fs warning (device loop9): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  573.594162][T11954] EXT4-fs warning (device loop9): dx_probe:881: Enable large directory feature to access it
[  573.751721][T11954] EXT4-fs warning (device loop9): dx_probe:966: inode #2: comm syz.9.2003: Corrupt directory, running e2fsck is recommended
[  573.819242][T11954] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[  573.854388][T11954] EXT4-fs error (device loop9): ext4_iget_extra_inode:4566: inode #15: comm syz.9.2003: corrupted in-inode xattr
[  573.913931][T11954] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.2003: couldn't read orphan inode 15 (err -117)
[  574.004095][T11954] EXT4-fs (loop9): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,dioread_lock,stripe=0x00000000000001f5,grpjquota=.barrier,nolazytime,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback.
[  574.200567][T11954] EXT4-fs warning (device loop9): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  574.244787][T11954] EXT4-fs warning (device loop9): dx_probe:881: Enable large directory feature to access it
[  574.260671][T11967] EXT4-fs warning (device loop9): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  574.294768][T11954] EXT4-fs warning (device loop9): dx_probe:966: inode #2: comm syz.9.2003: Corrupt directory, running e2fsck is recommended
[  574.353791][T11967] EXT4-fs warning (device loop9): dx_probe:881: Enable large directory feature to access it
[  574.421057][T11967] EXT4-fs warning (device loop9): dx_probe:966: inode #2: comm syz.9.2003: Corrupt directory, running e2fsck is recommended
[  574.450907][T11974] loop8: detected capacity change from 0 to 512
[  574.519064][T11969] EXT4-fs warning (device loop9): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  574.575762][T11969] EXT4-fs warning (device loop9): dx_probe:881: Enable large directory feature to access it
[  574.621476][T11974] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.2007: bad orphan inode 11862016
[  574.661051][T11969] EXT4-fs warning (device loop9): dx_probe:966: inode #2: comm syz.9.2003: Corrupt directory, running e2fsck is recommended
[  574.701659][T11974] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  574.775145][T11974] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  574.802389][T11985] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  575.248546][T12005] loop4: detected capacity change from 0 to 1024
[  575.302610][T12008] loop2: detected capacity change from 0 to 512
[  575.532295][T12005] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  575.558553][T12005] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002]
[  575.567560][T12005] System zones: 0-1, 4-36, 102-102
[  575.574220][T12005] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback.
[  575.586426][T12014] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2016'.
[  575.799070][T12021] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  575.824206][T12008] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=ignore,,errors=continue. Quota mode: writeback.
[  575.935210][T12008] ext4 filesystem being mounted at /381/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  575.958886][ T7341] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  575.987560][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  575.987570][   T26] audit: type=1326 audit(1769137773.449:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.062303][T12025] loop8: detected capacity change from 0 to 2048
[  576.098229][ T7341] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  576.125466][   T26] audit: type=1326 audit(1769137773.479:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.226307][T12025] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  576.245463][   T26] audit: type=1326 audit(1769137773.569:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.247313][T12008] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #4: comm syz.2.2015: corrupted inode contents
[  576.270889][   T26] audit: type=1326 audit(1769137773.569:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.304792][   T26] audit: type=1326 audit(1769137773.569:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.328270][   T26] audit: type=1326 audit(1769137773.569:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.351354][   T26] audit: type=1326 audit(1769137773.579:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.374961][   T26] audit: type=1326 audit(1769137773.579:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.459744][   T26] audit: type=1326 audit(1769137773.579:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.482735][T12008] EXT4-fs error (device loop2): ext4_dirty_inode:6058: inode #4: comm syz.2.2015: mark_inode_dirty error
[  576.752879][T12039] fido_id[12039]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  576.781898][T12008] EXT4-fs error (device loop2): ext4_do_update_inode:5222: inode #4: comm syz.2.2015: corrupted inode contents
[  576.870320][T12045] tipc: Started in network mode
[  576.878857][T12045] tipc: Node identity f6c704c9b2b7, cluster identity 4711
[  576.892807][T12008] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #4: comm syz.2.2015: mark_inode_dirty error
[  576.925780][   T26] audit: type=1326 audit(1769137773.579:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.9.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442a9bcb9 code=0x7ffc0000
[  576.978666][T12045] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  577.004549][T12050] device syzkaller0 entered promiscuous mode
[  577.048168][T12008] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.2015: Failed to acquire dquot type 1
[  577.048471][T12055] Unsupported ieee802154 address type: 0
[  577.078506][T12056] loop8: detected capacity change from 0 to 256
[  577.093452][T12045] tipc: Resetting bearer <eth:syzkaller0>
[  577.124293][T12056] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  577.140848][T12041] tipc: Resetting bearer <eth:syzkaller0>
[  577.176220][T12041] tipc: Disabling bearer <eth:syzkaller0>
[  577.339835][T12065] loop4: detected capacity change from 0 to 1024
[  577.348618][T12069] loop9: detected capacity change from 0 to 128
[  577.482081][T12069] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  577.523535][T12074] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2033'.
[  577.533442][T12069] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  577.720934][T12065] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,,errors=continue. Quota mode: none.
[  577.846985][T12065] ext4 filesystem being mounted at /428/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.157445][ T4434] EXT4-fs error (device loop4): ext4_map_blocks:739: inode #15: comm kworker/u4:13: lblock 0 mapped to illegal pblock 0 (length 1)
[  578.283325][ T4434] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  578.345148][ T4434] EXT4-fs (loop4): This should not happen!! Data will be lost
[  578.345148][ T4434] 
[  578.673332][T12097] loop9: detected capacity change from 0 to 512
[  579.255171][T12134] loop2: detected capacity change from 0 to 1024
[  579.313866][T12134] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  579.400075][T12134] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002]
[  579.408881][T12134] System zones: 0-1, 4-36, 102-102
[  579.415483][T12134] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback.
[  579.458046][T12133] lo speed is unknown, defaulting to 1000
[  579.487968][T12138] loop9: detected capacity change from 0 to 512
[  579.500456][T12141] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2054'.
[  579.998125][T12138] EXT4-fs (loop9): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback.
[  580.061738][T12138] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  580.170368][T12138] EXT4-fs error (device loop9): ext4_xattr_block_get:543: inode #12: comm syz.9.2055: corrupted xattr block 6
[  580.409027][T12152] loop2: detected capacity change from 0 to 8192
[  580.569396][ T8566]  loop2: p1 p2 p3 p4
[  580.573447][ T8566] loop2: partition table partially beyond EOD, truncated
[  580.612795][T12168] loop9: detected capacity change from 0 to 1024
[  580.628528][ T8566] loop2: p1 start 16777216 is beyond EOD, truncated
[  580.641611][ T8566] loop2: p4 start 16777223 is beyond EOD, truncated
[  580.671336][T12152]  loop2: p1 p2 p3 p4
[  580.680936][T12152] loop2: partition table partially beyond EOD, truncated
[  580.725225][T12152] loop2: p1 start 16777216 is beyond EOD, truncated
[  580.736104][T12168] EXT4-fs (loop9): mounted filesystem without journal. Opts: nodelalloc,norecovery,min_batch_time=0x0000000010000005,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,inode_readahead_blks=0x0000000000200000,resgid=0x0000000000000000,inode_readahead_blks=0x0000000,errors=continue. Quota mode: none.
[  580.788243][T12152] loop2: p4 start 16777223 is beyond EOD, truncated
[  580.863365][T12168] EXT4-fs error (device loop9): ext4_xattr_inode_iget:401: inode #11: comm syz.9.2062: missing EA_INODE flag
[  580.910521][T12168] EXT4-fs error (device loop9): ext4_xattr_inode_iget:406: comm syz.9.2062: error while reading EA inode 11 err=-117
[  580.949680][T12180] EXT4-fs error (device loop9): ext4_xattr_inode_iget:401: inode #11: comm syz.9.2062: missing EA_INODE flag
[  581.003194][T12180] EXT4-fs error (device loop9): ext4_xattr_inode_iget:406: comm syz.9.2062: error while reading EA inode 11 err=-117
[  581.096706][T12187] loop2: detected capacity change from 0 to 512
[  581.198033][T12187] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  581.274242][T12187] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  581.293674][T12192] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2067'.
[  581.363150][T12187] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  581.426851][T12187] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  581.502299][T12187] System zones: 0-2, 18-18, 34-35
[  581.519790][ T8566] udevd[8566]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  581.536086][T12187] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  581.549901][T12199] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2068'.
[  581.554119][T11418] udevd[11418]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  582.193773][ T8566] udevd[8566]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  582.299449][T11418] udevd[11418]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  582.602620][T12217] loop9: detected capacity change from 0 to 512
[  582.726844][T12217] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  582.792957][T12217] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  582.859586][T12217] EXT4-fs error (device loop9): ext4_validate_inode_bitmap:106: comm syz.9.2074: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20
[  582.950965][T12217] EXT4-fs error (device loop9) in ext4_free_inode:362: Filesystem failed CRC
[  583.101531][T12239] loop2: detected capacity change from 0 to 256
[  583.193349][T12242] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2082'.
[  583.209801][T12243] loop9: detected capacity change from 0 to 512
[  583.344734][T12239] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  583.358639][T12243] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  583.388640][T12243] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  583.781802][T12243] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  583.817523][T12243] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  583.843116][T12243] System zones: 0-2, 18-18, 34-35
[  583.866097][T12243] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  584.203494][T12259] device syzkaller0 entered promiscuous mode
[  584.477436][T12271] loop2: detected capacity change from 0 to 512
[  584.526223][T12274] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  584.561396][T12271] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  584.636546][T12271] EXT4-fs (loop2): 1 truncate cleaned up
[  584.660741][T12271] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000100,stripe=0x0000000000004000,sysvgroups,minixdf,,errors=continue. Quota mode: none.
[  585.032559][T12298] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2095'.
[  585.149591][T12303] loop6: detected capacity change from 0 to 512
[  585.226719][T12303] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  585.288314][T12303] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  585.359885][T12303] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  585.382958][T12303] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  585.432294][T12313] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2100'.
[  585.445526][T12303] System zones: 0-2, 18-18, 34-35
[  585.492761][T12303] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  585.714500][T12320] loop2: detected capacity change from 0 to 512
[  585.790007][T12328] loop8: detected capacity change from 0 to 1024
[  586.015530][T12320] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  586.064957][T12328] EXT4-fs (loop8): mounted filesystem without journal. Opts: acl,,errors=continue. Quota mode: none.
[  586.112414][T12320] EXT4-fs error (device loop2): ext4_add_entry:2486: inode #2: comm syz.2.2101: Directory hole found for htree leaf block 0
[  586.259556][T12347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2113'.
[  586.375169][T12350] netlink: 260 bytes leftover after parsing attributes in process `syz.9.2115'.
[  586.384854][T12350] netlink: 60 bytes leftover after parsing attributes in process `syz.9.2115'.
[  587.009561][T12359] xt_hashlimit: size too large, truncated to 1048576
[  587.067823][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  587.067835][   T26] audit: type=1326 audit(1769137784.529:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.8.2118" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8a608afcb9 code=0x0
[  587.106802][T12369] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2116'.
[  587.188167][T12374] loop6: detected capacity change from 0 to 512
[  587.232426][T12374] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  587.270416][T12374] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  587.300418][T12374] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  587.319439][T12374] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  587.334570][T12374] System zones: 0-2, 18-18, 34-35
[  587.408165][T12374] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  587.568190][T12384] loop4: detected capacity change from 0 to 512
[  587.672880][T12387] device syzkaller0 entered promiscuous mode
[  587.687735][T12384] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  587.732769][T12384] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[  587.744232][T12384] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  587.784442][T12384] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.2125: Allocating blocks 41-42 which overlap fs metadata
[  587.805999][T12384] Quota error (device loop4): write_blk: dquota write failed
[  587.813501][T12384] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[  587.830063][T12384] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.2125: Allocating blocks 41-42 which overlap fs metadata
[  587.852364][T12384] Quota error (device loop4): write_blk: dquota write failed
[  587.860290][T12384] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  587.877718][T12384] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.2125: Failed to acquire dquot type 1
[  587.921205][T12384] EXT4-fs error (device loop4): mb_free_blocks:1876: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  587.947012][T12384] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.2125: corrupted inode contents
[  587.971725][T12384] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #12: comm syz.4.2125: mark_inode_dirty error
[  588.025546][T12384] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.2125: corrupted inode contents
[  588.054372][T12384] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #12: comm syz.4.2125: mark_inode_dirty error
[  588.072571][T12384] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.2125: corrupted inode contents
[  588.094431][T12384] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  588.104292][T12384] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #12: comm syz.4.2125: corrupted inode contents
[  588.117369][T12384] EXT4-fs error (device loop4): ext4_truncate:4279: inode #12: comm syz.4.2125: mark_inode_dirty error
[  588.129915][T12384] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  588.140125][T12384] EXT4-fs (loop4): 1 truncate cleaned up
[  588.152155][T12384] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,noblock_validity,inode_readahead_blks=0x0000000000200000,jqfmt=vfsold,noinit_itable,quota,noauto_da_alloc,sysvgroups,usrjquota=2,errors=continue. Quota mode: writeback.
[  588.236946][T12384] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.2125: Allocating blocks 41-42 which overlap fs metadata
[  588.252354][T12384] Quota error (device loop4): write_blk: dquota write failed
[  588.266550][T12384] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  588.283683][T12384] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.2125: Failed to acquire dquot type 1
[  590.044486][T12414] ODEBUG: Out of memory. ODEBUG disabled
[  590.262311][T12420] loop6: detected capacity change from 0 to 1024
[  590.311153][T12422] loop9: detected capacity change from 0 to 512
[  590.366048][T12420] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  590.416148][T12422] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  590.505189][T12422] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  590.526094][T12430] loop4: detected capacity change from 0 to 512
[  590.583516][T12422] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  590.599567][T12430] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  590.611036][T12422] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  590.625054][T12422] System zones: 0-2, 18-18, 34-35
[  590.639507][T12422] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  590.680414][T12430] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0102]
[  590.780120][T12430] EXT4-fs error (device loop4): ext4_iget_extra_inode:4566: inode #15: comm syz.4.2140: corrupted in-inode xattr
[  590.853339][T12437] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2141'.
[  590.875706][T12430] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2140: couldn't read orphan inode 15 (err -117)
[  591.043578][T12430] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,abort,,errors=continue. Quota mode: none.
[  592.282206][T12451] loop8: detected capacity change from 0 to 4096
[  592.381806][T12456] loop4: detected capacity change from 0 to 512
[  592.494522][T12456] EXT4-fs (loop4): Ignoring removed bh option
[  592.535379][T12451] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  592.624776][T12456] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  592.655367][T12456] ext4 filesystem being mounted at /451/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  592.742193][T12451] EXT4-fs (loop8): shut down requested (0)
[  592.750422][T12463] loop9: detected capacity change from 0 to 2048
[  592.893458][T12463] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  593.138879][T12470] device syzkaller0 entered promiscuous mode
[  593.317902][T12472] loop4: detected capacity change from 0 to 512
[  593.407416][T12472] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[  593.431481][T12472] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.933132][T12486] device team0 entered promiscuous mode
[  594.192276][T12486] device team_slave_0 entered promiscuous mode
[  594.301960][T12486] device team_slave_1 entered promiscuous mode
[  594.352424][T12483] device ip6gretap0 entered promiscuous mode
[  594.402400][T12489] loop9: detected capacity change from 0 to 128
[  594.438999][T12482] device ip6gretap0 left promiscuous mode
[  594.473244][T12482] device team0 left promiscuous mode
[  594.478783][T12482] device team_slave_0 left promiscuous mode
[  594.499413][   T26] audit: type=1800 audit(1769137791.959:277): pid=12489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2157" name="bus" dev="loop9" ino=1048661 res=0 errno=0
[  594.515655][T12482] device team_slave_1 left promiscuous mode
[  594.625207][T12491] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  594.658189][T12491] FAT-fs (loop9): Filesystem has been set read-only
[  594.847386][T12489] attempt to access beyond end of device
[  594.847386][T12489] loop9: rw=2049, want=225, limit=128
[  594.868992][T12489] attempt to access beyond end of device
[  594.868992][T12489] loop9: rw=2049, want=1041, limit=128
[  594.891021][T12489] attempt to access beyond end of device
[  594.891021][T12489] loop9: rw=2049, want=233, limit=128
[  594.960448][T12500] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  595.244542][T12514] loop6: detected capacity change from 0 to 512
[  595.271093][T12515] loop9: detected capacity change from 0 to 1024
[  595.404251][T12518] loop2: detected capacity change from 0 to 512
[  595.478048][T12514] ------------[ cut here ]------------
[  595.488440][T12514] EA inode 11 i_nlink=2
[  595.488965][T12514] WARNING: CPU: 1 PID: 12514 at fs/ext4/xattr.c:1005 ext4_xattr_inode_update_ref+0x4bd/0x510
[  595.505081][T12514] Modules linked in:
[  595.509265][T12514] CPU: 1 PID: 12514 Comm: syz.6.2168 Not tainted syzkaller #0
[  595.517852][T12514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  595.528761][T12514] RIP: 0010:ext4_xattr_inode_update_ref+0x4bd/0x510
[  595.558489][T12514] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 14 e8 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 a3 bd 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 ed ac 9f 07
[  595.580060][T12514] RSP: 0018:ffffc900036bf160 EFLAGS: 00010246
[  595.586718][T12514] RAX: 4cfe9a826726e100 RBX: 0000000000000002 RCX: 0000000000080000
[  595.595553][T12514] RDX: ffffc9000f65e000 RSI: 00000000000236d8 RDI: 00000000000236d9
[  595.604126][T12514] RBP: ffffc900036bf250 R08: ffff8880b912795b R09: 1ffff11017224f2b
[  595.705932][T12514] R10: dffffc0000000000 R11: ffffed1017224f2c R12: ffff88805fe07048
[  595.806313][T12515] EXT4-fs (loop9): mounted filesystem without journal. Opts: acl,,errors=continue. Quota mode: none.
[  595.896692][T12518] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  595.923742][T12514] R13: 1ffff1100bfc0e48 R14: dffffc0000000000 R15: ffff88805fe07088
[  595.932355][T12518] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  595.932483][T12514] FS:  00007fe95284b6c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  595.982029][   T26] audit: type=1800 audit(1769137793.439:278): pid=12515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2169" name="bus" dev="loop9" ino=18 res=0 errno=0
[  595.983062][T12515] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3887: comm syz.9.2169: Allocating blocks 481-513 which overlap fs metadata
[  596.031000][T12514] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  596.042877][T12514] CR2: 00007f4c86994000 CR3: 000000003c509000 CR4: 00000000003506e0
[  596.056582][T12514] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  596.101197][T12514] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  596.111150][T12514] Call Trace:
[  596.140697][T12514]  <TASK>
[  596.143865][T12514]  ? ext4_xattr_block_csum+0x560/0x560
[  596.159744][T12514]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  596.171415][   T26] audit: type=1800 audit(1769137793.569:279): pid=12527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2169" name="bus" dev="loop9" ino=18 res=0 errno=0
[  596.189291][T12514]  ? mb_cache_entry_create+0x62e/0x890
[  596.198478][T12514]  ext4_xattr_set_entry+0xed9/0x3ea0
[  596.204402][T12514]  ? mb_cache_entry_create+0x676/0x890
[  596.211132][T12514]  ? ext4_xattr_block_set+0xda0/0x2d20
[  596.217216][T12514]  ? ext4_xattr_ibody_set+0x330/0x330
[  596.222845][T12514]  ? ext4_get_inode_loc+0x120/0x120
[  596.228641][T12514]  ext4_xattr_ibody_set+0x112/0x330
[  596.234489][T12514]  ext4_expand_extra_isize_ea+0x10d3/0x19b0
[  596.240936][T12514]  __ext4_expand_extra_isize+0x301/0x3e0
[  596.252614][T12514]  __ext4_mark_inode_dirty+0x469/0x700
[  596.261507][T12514]  ext4_evict_inode+0xa8d/0x1090
[  596.269603][T12514]  ? _raw_spin_unlock+0x24/0x40
[  596.274662][T12514]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  596.287026][T12514]  ? do_raw_spin_unlock+0x11d/0x230
[  596.292481][T12514]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  596.310235][T12514]  evict+0x4c9/0x8d0
[  596.334320][T12514]  ? proc_nr_inodes+0x320/0x320
[  596.340198][T12514]  ? do_raw_spin_unlock+0x11d/0x230
[  596.346058][T12514]  ? _raw_spin_unlock+0x24/0x40
[  596.351028][T12514]  ? iput+0x706/0x8a0
[  596.355794][T12514]  ext4_orphan_cleanup+0xad2/0x1320
[  596.361143][T12514]  ? ext4_orphan_del+0xbf0/0xbf0
[  596.366345][T12514]  ? errseq_check_and_advance+0x62/0x120
[  596.372416][T12514]  ext4_fill_super+0x8e25/0x95a0
[  596.379550][T12514]  ? ext4_mount+0x40/0x40
[  596.384109][T12514]  ? set_blocksize+0x1f3/0x370
[  596.391595][T12514]  ? sb_set_blocksize+0xa5/0xe0
[  596.396894][T12514]  mount_bdev+0x287/0x3c0
[  596.401497][T12514]  ? ext4_mount+0x40/0x40
[  596.406778][T12514]  legacy_get_tree+0xe6/0x180
[  596.411879][T12514]  ? ext4_errno_to_code+0x160/0x160
[  596.417469][T12514]  vfs_get_tree+0x88/0x270
[  596.422356][T12514]  do_new_mount+0x24a/0xa40
[  596.427397][T12514]  __se_sys_mount+0x2e3/0x3d0
[  596.432103][T12514]  ? __x64_sys_mount+0xc0/0xc0
[  596.437302][T12514]  ? lockdep_hardirqs_on+0x94/0x140
[  596.442655][T12514]  ? __x64_sys_mount+0x1c/0xc0
[  596.447586][T12514]  do_syscall_64+0x4c/0xa0
[  596.452097][T12514]  ? clear_bhb_loop+0x30/0x80
[  596.457019][T12514]  ? clear_bhb_loop+0x30/0x80
[  596.461800][T12514]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  596.467751][T12514] RIP: 0033:0x7fe9545f0f4a
[  596.472494][T12514] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  596.493575][T12514] RSP: 002b:00007fe95284ae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  596.504343][T12514] RAX: ffffffffffffffda RBX: 00007fe95284aee0 RCX: 00007fe9545f0f4a
[  596.512926][T12514] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fe95284aea0
[  596.528328][T12514] RBP: 0000200000000180 R08: 00007fe95284aee0 R09: 0000000000800700
[  596.537047][T12514] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  596.545493][T12514] R13: 00007fe95284aea0 R14: 000000000000046f R15: 00002000000007c0
[  596.553661][T12514]  </TASK>
[  596.556786][T12514] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  596.564701][T12514] CPU: 0 PID: 12514 Comm: syz.6.2168 Not tainted syzkaller #0
[  596.572335][T12514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  596.583055][T12514] Call Trace:
[  596.586347][T12514]  <TASK>
[  596.589286][T12514]  dump_stack_lvl+0x188/0x250
[  596.593977][T12514]  ? show_regs_print_info+0x20/0x20
[  596.599328][T12514]  ? load_image+0x400/0x400
[  596.604025][T12514]  panic+0x2e5/0x810
[  596.608217][T12514]  ? bpf_jit_dump+0xd0/0xd0
[  596.612876][T12514]  ? ext4_xattr_inode_update_ref+0x4bd/0x510
[  596.620072][T12514]  __warn+0x248/0x2b0
[  596.624253][T12514]  ? ext4_xattr_inode_update_ref+0x4bd/0x510
[  596.630242][T12514]  report_bug+0x1b7/0x2e0
[  596.634619][T12514]  handle_bug+0x3a/0x70
[  596.639275][T12514]  exc_invalid_op+0x16/0x40
[  596.643866][T12514]  asm_exc_invalid_op+0x16/0x20
[  596.648754][T12514] RIP: 0010:ext4_xattr_inode_update_ref+0x4bd/0x510
[  596.655706][T12514] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 14 e8 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 a3 bd 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 ed ac 9f 07
[  596.676196][T12514] RSP: 0018:ffffc900036bf160 EFLAGS: 00010246
[  596.682400][T12514] RAX: 4cfe9a826726e100 RBX: 0000000000000002 RCX: 0000000000080000
[  596.690989][T12514] RDX: ffffc9000f65e000 RSI: 00000000000236d8 RDI: 00000000000236d9
[  596.699528][T12514] RBP: ffffc900036bf250 R08: ffff8880b912795b R09: 1ffff11017224f2b
[  596.707597][T12514] R10: dffffc0000000000 R11: ffffed1017224f2c R12: ffff88805fe07048
[  596.716179][T12514] R13: 1ffff1100bfc0e48 R14: dffffc0000000000 R15: ffff88805fe07088
[  596.725294][T12514]  ? ext4_xattr_block_csum+0x560/0x560
[  596.732285][T12514]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  596.738295][T12514]  ? mb_cache_entry_create+0x62e/0x890
[  596.743931][T12514]  ext4_xattr_set_entry+0xed9/0x3ea0
[  596.750108][T12514]  ? mb_cache_entry_create+0x676/0x890
[  596.756270][T12514]  ? ext4_xattr_block_set+0xda0/0x2d20
[  596.762039][T12514]  ? ext4_xattr_ibody_set+0x330/0x330
[  596.767585][T12514]  ? ext4_get_inode_loc+0x120/0x120
[  596.772805][T12514]  ext4_xattr_ibody_set+0x112/0x330
[  596.778444][T12514]  ext4_expand_extra_isize_ea+0x10d3/0x19b0
[  596.784599][T12514]  __ext4_expand_extra_isize+0x301/0x3e0
[  596.790612][T12514]  __ext4_mark_inode_dirty+0x469/0x700
[  596.796477][T12514]  ext4_evict_inode+0xa8d/0x1090
[  596.801727][T12514]  ? _raw_spin_unlock+0x24/0x40
[  596.806678][T12514]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  596.812782][T12514]  ? do_raw_spin_unlock+0x11d/0x230
[  596.818148][T12514]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  596.824584][T12514]  evict+0x4c9/0x8d0
[  596.828663][T12514]  ? proc_nr_inodes+0x320/0x320
[  596.833894][T12514]  ? do_raw_spin_unlock+0x11d/0x230
[  596.839458][T12514]  ? _raw_spin_unlock+0x24/0x40
[  596.844854][T12514]  ? iput+0x706/0x8a0
[  596.849655][T12514]  ext4_orphan_cleanup+0xad2/0x1320
[  596.855144][T12514]  ? ext4_orphan_del+0xbf0/0xbf0
[  596.860103][T12514]  ? errseq_check_and_advance+0x62/0x120
[  596.865935][T12514]  ext4_fill_super+0x8e25/0x95a0
[  596.871006][T12514]  ? ext4_mount+0x40/0x40
[  596.875329][T12514]  ? set_blocksize+0x1f3/0x370
[  596.880496][T12514]  ? sb_set_blocksize+0xa5/0xe0
[  596.886564][T12514]  mount_bdev+0x287/0x3c0
[  596.890913][T12514]  ? ext4_mount+0x40/0x40
[  596.895562][T12514]  legacy_get_tree+0xe6/0x180
[  596.900523][T12514]  ? ext4_errno_to_code+0x160/0x160
[  596.906032][T12514]  vfs_get_tree+0x88/0x270
[  596.910778][T12514]  do_new_mount+0x24a/0xa40
[  596.915290][T12514]  __se_sys_mount+0x2e3/0x3d0
[  596.920149][T12514]  ? __x64_sys_mount+0xc0/0xc0
[  596.924997][T12514]  ? lockdep_hardirqs_on+0x94/0x140
[  596.930308][T12514]  ? __x64_sys_mount+0x1c/0xc0
[  596.936043][T12514]  do_syscall_64+0x4c/0xa0
[  596.940764][T12514]  ? clear_bhb_loop+0x30/0x80
[  596.945714][T12514]  ? clear_bhb_loop+0x30/0x80
[  596.950581][T12514]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  596.956872][T12514] RIP: 0033:0x7fe9545f0f4a
[  596.961279][T12514] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  596.981155][T12514] RSP: 002b:00007fe95284ae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  596.989757][T12514] RAX: ffffffffffffffda RBX: 00007fe95284aee0 RCX: 00007fe9545f0f4a
[  596.998692][T12514] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fe95284aea0
[  597.007568][T12514] RBP: 0000200000000180 R08: 00007fe95284aee0 R09: 0000000000800700
[  597.016392][T12514] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  597.025363][T12514] R13: 00007fe95284aea0 R14: 000000000000046f R15: 00002000000007c0
[  597.034031][T12514]  </TASK>
[  597.037838][T12514] Kernel Offset: disabled
[  597.042952][T12514] Rebooting in 86400 seconds..