last executing test programs:

3m0.260705091s ago: executing program 32 (id=876):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000005c0), 0x1, 0x50d, &(0x7f0000001340)="$eJzs3F9oVNkZAPDvTv4YE9ukrS1V+pBiaQNqYpKpoWChgVIKlWLVh9L2JZg/hk6MNVGMpbSVQvWhD4W+tbT42qfQCqXtw+7Kwj7sg8uu7JOssPuy6xIiq/uyIrPcOzNqzCQxJuayzu8HZ+ac4x3PN3Pynblz4N4AGlZ3+pBE7IiIGxHRWWkuPaC78nR5cP5kWpIol48tJtlxZwfnT9YOrb2uI30oRLRFxLWLSez9w/JxZ+Yu/HKkVBo7U233zU6d7puZu7B/cmpkYmxi7FRxYGDoYLFYLA5t2nvtu3N+ouOlw/3/PXF76pvf/t/RJL6Xve944n1slu7oXvpZVjUnEb2bPVjOvvxYPWnOMRCe2m9Lc9ubIuJLEbEny//OaIrK5D348y8+6owPP1nptf//9d8/2MpYgc1XLndmZQV3ysALqxDpuX9S6K2csseOKBR6eyvn8DujvVCanpndOz599tRo5TdCV7QUxidLYweqvxW6oiVJ2/1Z/VF74In2YER8ISIuNW3P2r0npkujW7vUAVU7It75969OtHaskP+pm015Rwk8D2n+j/+l6Xdp/Z48h4aS5v8/7039KOQ/NBz5D41L/kPjkv/QuOQ/NC75D41L/kPjkv/QuOQ/NK5a/j+8DldFRaXhKnmvQwDA1iuXk8j7GmQgHyv/NMh7ZQKet/a7zXH8sXahep+OQrV8PSK7I1haH4yI1ohoiogHUbm/X5KeQ+QYP/Bstp354628YwAAAAAAAAAAAAAAAADWdnZw/mStbNWYo69t1UisZGG4coFnOu+Xq6XyL83ZNZ8RbdGSXSeaZNeB1iTV60I3YvF6RHeUFm/+6+qf0hLVv8MN/rd8Rsy/m3cE5Km1mHcE5Gn3T/KOgDxdv5R3BOTprYW8IyBPR4/lHQF5+vHBvCMgT39dzDsCXh6OiH319v8K8ZXsuS17fHL/pyMi2xfaiCOvR3TH6P3H+5bv/xRub3AYVrEwHHEoIi4v2/8r1A7paqq2Ppc2oiUZnyyNHYiIz0dET7RsS9v9q4zx/vSb5+r1H/tbOv8/763t/6UlHb+2F1iN43bztqWvGx2ZHdno+6Zi4fcRu5vrzX8t39uyvd72u4Vl+79d1ee07FxljBvtX9tTr//ccDr/r/SsPv88T+UrEd+qm//Jw2PSWt/s1Om+mbkL+yenRibGJsZOFQcGhg4Wi8XiUF+2HvTVVoXl3vvqP75Tr/+N++n8H7pq/vOT5n/76vOfrf+Pbg68/jF++Oo3dtXr/80P0vm/9fGzrP+tyfEswNZq3/mR2dkz/RGtyeHl/QPrj/lFVfs8ap9XOv89e+p//38xe66t/81L1v/13Cf2Pz878v16sVzszb7/98n//KTzP7pG/idL8n/9le/OvD1Xb+xdV9L5v/bTtfO/mAXTU+1x/re2p52gvOMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACARvJpAAAA//+F6yev")
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x2110000, &(0x7f0000000080), 0x1, 0x59e, &(0x7f0000001c80)="$eJzs3c9rHOUbAPDn3d2kTdM26ZcvaO3BQMEW1KRJK4oItlhvHvxR8FQwJmkp3bahiWBrxRbqf6B/gOBNEPFYRIp68epN8CpIsUibi7eV2Z1Nt3Y3Pzed2vl8YJp35s3wvLPbJ+/Mu+/MBlBaY9k/lYi9ETGfIkY66mqRV461fu/unSszS3euzKRoNN75K0XKt7V/P+U/h/Odt0fELz+k+F/1wbgLly6fna7X5y7m6xOL5+YnFi5dfv7MuenTc6fnzk9Nvjj5wpHDU0cO9eU4d0XET+PHa9dPvbbvm5kv93zy3Vc3UhyNnXl953H0y1iMLb8mnbLX9aV+BytINT+ezrc41QpsEOvSfv8GIuKJGIlq3HvzRuLTtwptHLClGimiAZRUkv9QUu3zgOz6t70Ue0YCPCy3j7UGAO6m1tje0nL+11pjg7G9OTawYylF57BOioh+jMxlMeafSSPZEls0Dgd0d/VaRDzZrf9PzdwcbY7iZ/lfuS//KxHxZv4z2/72RoIP5Z8/dJD/8PBsJv/f68j/9zcYX/4DAAAAAABA/9w8FhHPdfv8r7I8/ye6zP8ZjoijfYi/+ud/lVt9CAN0cftYxCsR0Z77t9SR/7nRar62qzkfYCCdOlOfOxQRuyPiYAxsy9YnV4gxtu/ngZ51HfP/siWL354LmLfjVm3b/fvMTi9Ob+aYgZbb1yKeqnXL/7Tc/6cu/X/W98+vMUbj+Ks/9qpbPf+BrdL4IuJA1/7/3pMr0srP55hong9MtM8KHvTRyRvf9oov/6E4Wf+/Y+X8H02dz+tZWH+Mj//8bRP53/38fzCdaD5yZjDf9uH04uLFyYjB9MaD26fW32Z4HLXzoZ0vWf4f3N/9+n+l8/+hiLi6xpgnvn/9eq86/T8UZ+haxOy6+v/1F/a/+/nfveKvrf8/0uzTD+ZbjP/BytaaoEW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+iyoRsTNSZXy5XKmMj0cMR8T/Y0elfmFh8dlTFz44P5vVNb//v9L+pt+R1npqf///aMf61L/WD0fEnoj4rDrUXB+fuVCfLfrgAQAAAAAAAAAAAAAAAAAA4BEx3OP+/8wf1aJbB2y5WtENAAoj/6G85D+Ul/yH8pL/UF7yH8pL/kN5yX8oL/kP5VVtfH2y6DYAAAAAAAB9s+fpm7+miLj68lBzyQzmdQOFtgzYakeLbgBQGI/4gfIy9Q/Ka7VrfGMA8PhLq9Rv3/CeAAAAAAAAAAAAAEC/HNjr/n8oq0rRDQAK0/v+f08GgMed+/+hvFzjA+7/BwAAAAAAAAAAAIBH38Kly2en6/W5ixstbNvc7goKay38vrv1f/ZRac/6C5H6kHEPqVD0XyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDtnwAAAP//b6n1bQ==")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10000, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x19, 0x5, 0xb, 0x6, 0xfffffff0, 0x89})

2m57.726601179s ago: executing program 33 (id=910):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x22, 0x0)

2m44.072800325s ago: executing program 3 (id=1175):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@deltaction={0x24, 0x31, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffd}}]}]}, 0x24}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r1, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000f0f000000000003"], 0x78}}, 0x0)

2m43.842937854s ago: executing program 3 (id=1181):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x106, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x2, @empty, 0xffffffff}, {0xa, 0x4e20, 0x101, @remote, 0x7}, r1, 0x6}}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f00000025c0)}}, 0x10)

2m43.370257724s ago: executing program 3 (id=1188):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0xdf, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m43.140598452s ago: executing program 3 (id=1194):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f00000001c0)='./file0/file0/../file0\x00', 0x2)

2m43.100273319s ago: executing program 3 (id=1195):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x3, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0xfffe, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000000000e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000ec0)={0x1, {{0xa, 0x3, 0x0, @mcast1}}}, 0x90)

2m42.880916287s ago: executing program 3 (id=1198):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1d, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r2, &(0x7f0000000180), 0x0}, 0x20)

2m42.880066247s ago: executing program 34 (id=1198):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1d, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r2, &(0x7f0000000180), 0x0}, 0x20)

2m27.339678942s ago: executing program 7 (id=1498):
r0 = fsopen(&(0x7f0000000180)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x20)
acct(&(0x7f00000001c0)='./file0\x00')

2m27.302759028s ago: executing program 7 (id=1499):
sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x7c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x6ad, 0x30}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@device_b}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x16}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x53}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x34}, @NL80211_ATTR_PMKID={0x14, 0x55, "89cbb02db0e368c6db3191aa962c3e0e"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4004045}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="00200000ffffffffffffbbbbbbbbbbbb08004500003cfffe20000029"], 0x4e)

2m26.905074135s ago: executing program 7 (id=1506):
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cd", 0x6, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

2m26.892833677s ago: executing program 7 (id=1509):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
syz_emit_ethernet(0xe, &(0x7f0000000a40)={@local, @random="7f2a5602d17c", @void, {@generic={0xa00}}}, 0x0)

2m26.859069083s ago: executing program 7 (id=1511):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0)

2m26.838932436s ago: executing program 7 (id=1513):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000, 0xffffffffffffffff}, 0xfffd}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2m11.583440123s ago: executing program 35 (id=1513):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000, 0xffffffffffffffff}, 0xfffd}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2m3.901529161s ago: executing program 6 (id=1757):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x300}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

2m2.889214551s ago: executing program 6 (id=1780):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000100), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

2m2.758963534s ago: executing program 6 (id=1783):
io_submit(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newsa={0x13c, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@multicast2, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xee01}, {@in6=@local, 0x0, 0x32}, @in=@empty, {0x0, 0x0, 0x6, 0xa, 0xa, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x7, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x68}, [@algo_aead={0x4c, 0x12, {{'rfc4106(aegis256-generic)\x00'}, 0x0, 0x80}}]}, 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

2m2.740465967s ago: executing program 6 (id=1784):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x821040, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)

2m2.711161822s ago: executing program 6 (id=1786):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x5, 0xffff}, {0xe, 0x10}}}, 0x24}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2m2.633438365s ago: executing program 6 (id=1789):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x8000, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x3b2, @time={0x65757100, 0x3}, 0x0, {0x3}})

2m2.633194895s ago: executing program 36 (id=1789):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x8000, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x3b2, @time={0x65757100, 0x3}, 0x0, {0x3}})

1m50.712311559s ago: executing program 5 (id=2054):
syz_open_procfs(0x0, &(0x7f00000005c0)='net/udplite6\x00')
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x1100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

1m50.435847205s ago: executing program 5 (id=2062):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000000)=[<r2=>r1])
setgroups(0x3, &(0x7f0000000040)=[r2, r1, r1])
setregid(0xffffffffffffffff, r1)
socket$inet(0x2, 0x2, 0x1)

1m50.390742083s ago: executing program 5 (id=2063):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x94)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x1f, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={r1, 0x86, &(0x7f0000000500)}, 0x31)

1m50.22861774s ago: executing program 5 (id=2066):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f00000000c0), 0xff, 0x4df, &(0x7f0000010a80)="$eJzs3c9rHFUcAPDv7Cb9GZuotdraarSKwR9Jk/6wBw8qCoIKgh7qMSZprd020kRoS9AoUs8F7+JR8OjJmxdRD+IfoOBRCkWD0FQUIrM7k2R/Jdsm6TbJ5wPbfW/2zcx7M+9l37y3Mw1g0+pN/0kiuiLi14jorkSrE/RW3mZnpkZuzEyNJDE39+afSTnd9ZmpkTxpvt7OLNJXiCh8msTzSf1+Jy5eOjNcKo2dz+IDk2ffH5i4eOmZ02eHT42dGjs3dPz4kcODzx4bOlq1XoNN1dneYFlaruv7Phzfv/eVt6+8PnLiyjs/fp1ua8+ByudZOba0sPmIG3W5eDViui5Zb3rU/porq/3s8ZZ2tH7ctSicdLQxI9yUYkSkp6uz3P67oxgLJ687Xv6krZkD1lT63bS1+cfTc8AGlkS7cwC0R/5Fn17/5q/47zZ1Pu4A115YuOifnZkamZ0fz+iIQra8cw333xsRJ6b/+SJ9Rc14CgDAWij3bZ6u6f+VFWJP+b0y17Erm0PpiYi7I+KeiLg3InZHxH0R5bT3R8QDlZXnulvcf29NvL7/U7jaMM+rJO3/Pbeo7zc7M1U9HFaInmL5rTLH0ROdycnTpbFD2THpi86taXxwiX1891LzaaXF/b/0leahJgNXOyoL5jcyOjw5vFoH4drHEfs6qsqfHf9kfiYgrQF7I2LfzW16Vx44/eRX+5slalT+vC+8rFWYZ5r7MuKJyvmfjpry55Im85NpHT82dHRgW5TGDg3ktaLeT79cfqPZ/ldU/lWQnv8d1fW/JkX330llvrYzSqWx8xM3v4/Lv33W9Jpm+fLP1/95af3fkrxVnrP++d3KsgvDk5PnByO2JK+V41lj2Rbp8qGFdS9k8Tx9Wv6+g43qf6H8Ny6y8/9gRKSV+EDEroci4uEs749ExKMRcXCJ8v/w4mPvLVH+JJJo6/kfjcbtP9OTLJ6vv4VA8cz33zabt2/t/B8pz673ZUvKf/+W0WoGV3j4AAAAYF0oRERXJIX+Sri3KwqF/v7Kb/h3x45CaXxi8qmT4x+cG63cI9ATnYV8pKt70XjoYJL//r0SH8rGivPPD2fjxp8Xt5fj/SPjpdE2lx02u53V7T/y9p/6o9ju3AFrrvk82hK3BgAbQm37L7QpH8Dt18rvaFwLwMbUoP0veobGv9W3CtU/5wJYxzoahIDNoVGr/6gmXtf/b/SULWDdqW//vzd4ZB2wEen1w+al/cPmpf3DprSS+/pvPZDfLLBk4jyLDdNsa/kO/80SyB8Ps5b72h4LS6JQDnRF07V2tOto5GPVSybubmWDEfHNivNTXIVypS2meklxuQKuMNDqf4YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZ/s/AAD//16M4Cg=")
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x3, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c67808cf338674bd9bffbcafd468e306d7b4af07ec3ad71e14dc00000000c2ab00c60e0000000000000800000901000038fabe8279c2f1d600", "f28359738e229a4c66810000000000d300e6d6020000d2000000000000000001", [0x9, 0x40000000000000]})
r1 = open(&(0x7f0000000000)='.\x00', 0x181000, 0x0)
getdents(r1, 0x0, 0x0)

1m49.961074626s ago: executing program 5 (id=2073):
inotify_init1(0x800)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x3003, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

1m49.336815591s ago: executing program 5 (id=2082):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)=<r1=>0x0)
tkill(r0, 0x24)
timer_settime(r1, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f0000000400)={&(0x7f00000003c0)={[0x8]}, 0x8})

1m49.322699254s ago: executing program 37 (id=2082):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)=<r1=>0x0)
tkill(r0, 0x24)
timer_settime(r1, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f0000000400)={&(0x7f00000003c0)={[0x8]}, 0x8})

48.0695875s ago: executing program 0 (id=3485):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a50000000060a010400000000000000000a0000010900010073797a310000000024000480200001800700010063740000140002800800014000000001080002400000000a0900020073797a320000000014000000110001"], 0x78}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaa95aa86dd608a37f200142c00fe8000000000000000000000000000bbff0f"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

47.725030638s ago: executing program 0 (id=3489):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x9, 0x3c231, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_bp, 0x204, 0x2, 0xfb3d, 0x7, 0xe, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x200004000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

47.59642559s ago: executing program 0 (id=3493):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="24000000010401"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r1, 0x0, 0x20000808)
r2 = socket$tipc(0x1e, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

47.520997713s ago: executing program 0 (id=3496):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x804b14, &(0x7f0000000040)={[{@nobarrier}]}, 0xfc, 0x491, &(0x7f0000000200)="$eJzs3MtrXFUYAPDvzmT6bhNrrba2Gq1i8ZE0adUuXKgouFAQdFGXMUlr7bSRJoItQaNIXUrBvbgU/AvcuRF1IYJbBZdSKBqEpq4i99VMJ5M0SZOMzfx+MDP33Mec8917zsy598ydADpWb/qUROyIiN8iojtP3rxCb/4yMz05fH16cjiJ2dk3/kqy9a5NTw6Xq5bbbS8ShysRlU+TeD6Zn+/4hYtnhur10fNFun/i7Hv94xcuPnX67NCp0VOj5waPHz92dODZZwafXpU407iu7f9w7MC+V966/Nrwictv//hNWqy9B/PljXHc0vUWAbXQm+61v2czzcseXUbZ7wQ7G6aTrjYWhGWpRkR6uGpZ+++OaswdvO54+ZO2Fg5YU+l30+aFF0/NAhtYEq3m1ta/IMA6K7/o0/Pf8rFOXY//hasvRGwqpmemJ4dnbsTfFZVifm0N8++NiBNT/36ZPmK51yEAAFYg69s82ar/V4m92Ws+1rGrGEPpiYi7ImJ3RNwdEXsi4p6IbN17I+K+fOPZ7iXm39uUnt//qVxpWeZVkvb/nmvo+800xF+89FSL1M4s/lpy8nR99EixTw5HbXOaHlgkj+9e+vXzhZY19v/SR5p/2RcsCnClq+kC3cjQxNBq7YSrH0fs72oVf3JjJCCtAfsiYv/y3npXOXH68a8PLLTSreNfxCqMM81+FfFYfvynoin+UrL4+GT/lqiPHukva8V8P/1y6fWF8r+t+FdBevy33Vz/m9bo/ifJx2trUa+Pnh9ffh6Xfv9swXOaldb/Tcmb2Zj1z+/k8z4Ympg4PxCxKXk1S5fndNn8wblty3S5fhr/4UOt2//uYps0/vsjIq3EByPigYh4sCj7QxHxcEQcWiT+H1585N1F4k8iibYe/5GWn3836n9P0jhev4KJ6pnvv11oxHxpx/9YTGWftbns8+8WllrA29x9AAAAcEeoRMSOSCp9+XTvjqhU+vry3/DviW2V+tj4xBMnx94/N5LfI9ATtUp5pau74XroQDJVvGOeHsyvFVfL5UeL68ZfVLdm6b7hsfpIm2OHTrf95vYfZftP/Vltd+mANed+Lehcze2/0qZyAOtvKd//zgVgY2po/+XPCre2qyzA+nL+D52rVfv/qCmt/w8b0/z2/0eLv6wDNiL9f+hc2j90riW1fz8KgI3mdu7rX/lEebPAyt9ny5Lv8O+UifIfL9Yyr60xNycqbQ+5g6pN2mLWN9O5/1ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4k/0XAAD//8Iq5SY=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
open(&(0x7f00000001c0)='./bus\x00', 0x400141042, 0x2e)
mount(&(0x7f0000000240)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
fdatasync(r0)

47.263935376s ago: executing program 0 (id=3503):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
shutdown(r0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "2d9421fe8a4c9563", "cf6ff9ff337ed301000100c747fbbfc1", "000100", "16de86d67a8426bd"}, 0x28)
poll(&(0x7f0000000180)=[{r0, 0x230}], 0x1, 0x5)

46.573034953s ago: executing program 0 (id=3516):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x0, r0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)={0x20000000})
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
kcmp$KCMP_EPOLL_TFD(r4, r3, 0x7, r2, &(0x7f0000000100)={r1, r2})

46.572556973s ago: executing program 38 (id=3516):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x0, r0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)={0x20000000})
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
kcmp$KCMP_EPOLL_TFD(r4, r3, 0x7, r2, &(0x7f0000000100)={r1, r2})

2.767485932s ago: executing program 2 (id=4223):
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0x54, 0x0, 0x0, 0x0, 0x0, 0xfb, 0xc458, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext={0x385b77ee, 0x1000}, 0x0, 0x0, 0xffffffff, 0x0, 0x10000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000044000)=<r1=>0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

2.322186527s ago: executing program 4 (id=4237):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1800040, &(0x7f00000001c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@block_validity}, {@nodioread_nolock}, {@acl}, {@resuid}, {@errors_remount}]}, 0x1, 0x5ab, &(0x7f0000000240)="$eJzs3U9oHGUbAPBnZrNN/+T70g8+QaWHokKF0k3SP1o9tVexUOhB8aJhsw0lm2zJJrYJAdN7EXsQlV7qTQ8eFQ8exItHr14Uz0KxQaHpQVc2O5tu092waZusZn8/mOR9Z2bned+ZfV5mhhk2gL51uP4njXgmIs4nEcMtywYiW3i4sd7qylLx3spSMYla7cJvSSQRcXdlqdhcP8n+H4iI5Yh4OiK+y0ccTdc3uadZqC4sTo2Xy6XZrD4yN315pLqweOzS9PhkabI0c+LlV06dPnlq7PhYa3Pv1Vpr+a319frPN96//sNrt258/sWh5eKH40mciaFsWWs/nqTGPsnHmQ3zT25HsB5Ket0AHkkuy/N6Kj0Vw5HLsr6dWuvgMLgjzQO2UW0woraupQj0gUTSQ59qngfUr3+b006ef9w+27gAqcddXVkqvhfN+AONexOxd+3aZP/vyQNXJvXrzYM72VB2peVrETE6MPDw9z/Jvn9dufJmm5mjT6yVbJdvzzYO1MPHP10ff6LN+DPUvHf6mJrj32o2/q22iZ/rMP6d32S7rev++dYvn3SMf20wnm0bP1mPn7SJn0bEO1328eYbX5/utKz2acSRaB+/Kdn8/vDIxUvl0mjjb9sY3xw59Grn/kfs7xC/cc9271pDWvu/J2tT2mX/v/r+y+eWN4n/4vObH/92+39fRHzQZfz/3f3s9U7Lbl9L7tTPArZ6/JPIx60u47905vBPWXGw891FAAAAAAAAAABgq9K1Z9mStLBeTtNCofEO7/9jf1quVOeOXqzMz0w0nnk7GPm0+aTVcKOe1Otj2fO4zfrxDfUTuSxgbt9avVCslCd63HcAAAAAAAAAAAAAAAAAAAD4pziw4f3/P3Jr7/9v/LlqYLfyozzQvzrl/74dbgew8x7M/6Rn7QB2nvN/6Fs1+Q/9S/5D/5L/0L/kP/Qv+Q/9S/5D/5L/AAAAAAAAAAAAAAAAAAAAAAAAAACwLc6fO1efavdWlor1+sTAwvxU5d1jE6XqVGF6vlgoVmYvFyYrlclyqVCsTLfbxnJLOalULo/GzPzVkblSdW6kurD49nRlfqb5m6Kl/I70CgAAAAAAAAAAAAAAAAAAAP5dhtamJC1E5Bv1NC0UIv4TEQeTSC5eKpdGI+K/EfFjLj9Yr4/1utEAAAAAAAAAAAAAAAAAAACwy1QXFqfGy+XS7PYVBrJQ2xii+8LAVlaOiOUn24z6Frf8qXy2A3u863ZHIfcY38PBfjoEPRyUAAAAAAAAAAAAAAAAAACgT91/6bfbT/y1vQ0CAAAAAAAAAAAAAAAAAACAvpT+mkREfToy/MLQxqV7ktXc2v+IuHLzwkdXx+fmZsfq8++sz5/7OJt/vBftB7rVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANxXXVicGi+XS7OPWBjsYp1e9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUfwdAAD//9pZzuw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0xa)
fcntl$setlease(r0, 0x400, 0x0)
ftruncate(r0, 0x66)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x88)
write$cgroup_subtree(r1, &(0x7f0000000140)={[{0x2b, 'freezer'}]}, 0x9)
sendfile(r1, r1, 0x0, 0x80000001)

2.057072102s ago: executing program 4 (id=4241):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xd31, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000007000010010ab4be68e8da23507000000", @ANYRES32=r2, @ANYBLOB="1000018004000480080001"], 0x28}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.989300644s ago: executing program 4 (id=4244):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x9, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x33, 0x0, 0x0)

1.878338663s ago: executing program 4 (id=4246):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x91000a7a)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x488)

1.842454228s ago: executing program 2 (id=4248):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r1, 0x1, 0xf, 0x6, @broadcast}, 0x14)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r3, &(0x7f0000000200)=ANY=[], 0xffffff6a)
splice(r2, 0x0, r0, 0x0, 0xfffd, 0x0)

1.793056017s ago: executing program 4 (id=4249):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
r2 = getpgid(0x0)
write$cgroup_pid(r1, &(0x7f00000001c0)=r2, 0x12)

1.792411677s ago: executing program 4 (id=4251):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f0000000600))
setns(0xffffffffffffffff, 0x24020000)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

1.429010178s ago: executing program 9 (id=4260):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x0, @perf_bp={0x0, 0x8}, 0x19105d55dfc078f, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x0, 0x808e}, 0x40000100)
write$cgroup_devices(r0, &(0x7f00000005c0)=ANY=[], 0xfffffeff)

1.425709139s ago: executing program 1 (id=4263):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
shutdown(r0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ppoll(&(0x7f0000000400)=[{r1}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, 0x0)

1.100395294s ago: executing program 9 (id=4268):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
sendto$packet(r0, &(0x7f0000000400)="05d936277c6f5422007f83470806", 0x5ea, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x4, 0x6, @local}, 0x14)

1.099998014s ago: executing program 9 (id=4269):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ppoll(&(0x7f0000001100)=[{r0, 0x80}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000080))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000200)=0x18)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)
ioctl$TCXONC(r1, 0x540a, 0x2)

1.073552379s ago: executing program 8 (id=4270):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x3, 0x1, 0xfe, "0062ba92600000f73809630400"})
r1 = syz_open_pts(r0, 0x900)
r2 = dup3(r1, r0, 0x80000)
read(r2, &(0x7f00000000c0)=""/226, 0xe2)
read$watch_queue(r2, 0x0, 0x0)

985.873973ms ago: executing program 2 (id=4271):
syz_open_dev$usbmon(&(0x7f00000001c0), 0x0, 0x502)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r0, 0x0}])
r2 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000080)={0x20, 0x24, 0x6, 0x2, 0x0, 0xffffd7c1, 0x0})

784.973078ms ago: executing program 2 (id=4272):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x200000, &(0x7f0000000180), 0x3, 0x566, &(0x7f00000015c0)="$eJzs3V9rW+UfAPDvSdv9//3WwRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cDfeyBBEHIgvwHsvh2/AVyHoYMgoeuFN5aQnW9YkTZtlNvN8PnC25znnpN/z5DnPk+/JSUgAuTWR/lOIeDkivkoiDrdsG41s48TGfmuPbsymSxLr65/8kUSSrWvun2T/H8wqL0XEz19EnCy0x62trC6UKpXyUlafrC9enaytrJ66vFiaL8+Xr0zPzJx5a2b63XfeHlhbX7/w17cf3//gzJfH17758cGRu0mci0PZttZ2PINbrZWJmMiek7E4t2nHqQEEGyZJrx06nAPsvpFsnI9FOgccjpFs1AP/fTcjYh3IqcT4h5xq5gHNa/sBXQe/MB6+v3EB1N7+0Y33RmJf49rowFry1JVRer07PoD4aYyffr93N12ix/sQNwcQD6Dp1u2IOD062j7/Jdn817/T23jXb3OMvL3+wG66n+Y/b3TKfwqP85/okP8c7DB2+9F7/BceDCBMV2n+917H/Pfx1DU+ktX+18j5xpJLlyvl0xHx/4g4EWN703q/93Na8790SeM3c8HsOB6M7n36MXOleqnPcG0e3o545Un+m0Tb/L+vketu7v/0+biwzRjHyvde7batd/tbDT4DXv8h4rWO/f/kjlay9f3Jycb5MNk8K9r9eefYL93i76z9g5f2/4Gt2z+etN6vre08xvf7/i5329bv+b8n+bRR3pOtu16q15emIvYkH7Wvn37y2Ga9uX/a/hPHt57/Op3/+yPis222/87R7mnQMPT/3I76f+eFXz/8/Ltu8bfX/282SieyNduZ/7Z7gM/y3AEAAAAAAMCwKUTEoUgKxcflQqFY3Ph8x9E4UKhUa/WTl6rLV+ai8V3Z8RgrNO90H275PMRU9nnYZn16U30mIo5ExNcj+xv14my1MrfbjQcAAAAAAAAAAAAAAAAAAIAhcbDL9/9Tv43s9tEBz52f/Ib86jn+B/FLT8BQ8voP+WX8Q34Z/5Bfxj/kl/EP+WX8Q34Z/5Bfxj8AAAAAAAAAAAAAAAAAAAAAAAAAAAAM1IXz59Nlfe3Rjdm0PndtZXmheu3UXLm2UFxcni3OVpeuFuer1flKuThbXez19yrV6tWp6Vi+Plkv1+qTtZXVi4vV5Sv1i5cXS/Pli+Wxf6VVAAAAAAAAAAAAAAAAAAAA8GKprawulCqV8pJC18LZGIrD6LuQ9Orls9nJ0FeI0d1voMJzKOzyxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALf4JAAD//5CPL9Y=")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0x20)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x9000)
fallocate(r0, 0x0, 0x0, 0x8800000)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0x9}, 0x6000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x9000, 0x0, 0x3)

727.699277ms ago: executing program 8 (id=4273):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c00000010001fff109e00008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a0001000000050009000100000008000a00", @ANYRES32=r3], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

714.035749ms ago: executing program 2 (id=4274):
r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x101100, 0x85)
lseek(r2, 0xfe, 0x2)
getdents64(r2, 0x0, 0x4f)

625.003974ms ago: executing program 2 (id=4275):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
socket$nl_route(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000a00)="c7", 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

563.881655ms ago: executing program 1 (id=4276):
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x6, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb228, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x10006, 0x20da, 0x5, 0xa, 0x20005, 0x24, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r1, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x10290, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x808000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

474.4031ms ago: executing program 8 (id=4277):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x9c, 0x7b5, 0x0, 0x0, 0x7579e159, 0x0, 0xfffffdfc, 0xef4}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x1d}}}], 0x18}, 0x922bac8556bdad8e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x298, 0x168, 0x0, 0x0, 0x200, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x13}, 0xff, 0xff000000, 'pim6reg1\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x88, 0x3}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x298}}, {{@ip={@private=0xa010100, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x2, 0x4, 0x11000000]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@private=0xa010102, @multicast1, 0x0, 0xffffff00, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)

390.404804ms ago: executing program 1 (id=4278):
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000180)={0x180, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x40}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000001}]}, @TIPC_NLA_NODE={0x158, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x148, 0x3, "ba5bdea387a06d90df8d6bb82a684ae45f90eb17d749cb417e622cdfcbcf40398222a35c54cea986b70c4e9d08b8257d5faaf40aa8e96affd0360137902ec5bd920c6be52a11f0436c9b964f6acdcfbd8bd52474cd1de5fc375b63bb88689bf9887c05892b19f0fcf678c13f6b0a330e1f2cb963ab0cf6e6626d9e776c812b880f2d5e2a2f51c359b09af9161daf389cd93c91da64b48ed131e9a10f9d8cfca183965c095ae35dcf438de1dcb8d6032c6edc5265c91d8d9e73b95d0216f16b3e6c85aa1c31f58418ddf63f1e3c8dc2912d82ffc03dd17d76388610a1807d242390dcb62e3a8794e38b2c0984d63ffd5e18d3e1f320f375ec673c6720e80d8bdac13b7c943d88b71daa53ff975463a639b9559a8dde4a1772d1e97ec6652e38deff8ebfbf0c1190dcc45405eb5bcd56d4d1ee684d090ba7e9c34d5c9e2753bfb8224c1618"}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x4000040}, 0x8004)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4})
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {&(0x7f0000000200)}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='*'], 0x50)
io_uring_enter(r0, 0x2219, 0x1adf, 0x16, 0x0, 0x0)

389.840164ms ago: executing program 8 (id=4279):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x1d8, 0x43, 0xa0, 0x0, 0x98, 0x290, 0x178, 0x178, 0x290, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0xff, 0x0, 'wg2\x00', 'ip6erspan0\x00'}, 0x12a, 0x178, 0x1d8, 0x0, {0x0, 0x7a010000}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@empty, [0xffffff00, 0xff000000, 0xff, 0xffffff00], @ipv4=@multicast1, [0xff, 0xffffffff, 0xffffff00, 0xffffff00], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffff00, 0xff000000, 0xff000000], @ipv6=@empty, [0x0, 0x0, 0xff], 0x1, 0x8, 0x3a, 0x4e22, 0x4e23, 0x4e22, 0x4e21, 0x0, 0x80}, 0x40, 0x90}}, @common=@unspec=@ipvs={{0x48}, {@ipv4=@private=0xa010102, [0x0, 0xff000000, 0x0, 0xffffffff], 0x4e22, 0x67, 0x6, 0x4e21, 0x8, 0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x7, 0x7, 0x334961a8be821844, 0x4, 0x5], 0x4, 0x2}, {0xffffffffffffffff, [0x1, 0x1, 0x1, 0x0, 0x6, 0x6], 0x3}}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r2, @ANYBLOB="00000000100000001c001a80", @ANYRES16=r3], 0x44}}, 0x2000800)

257.025056ms ago: executing program 8 (id=4280):
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='wchan\x00')
fchdir(r0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000000)='./file0\x00', 0x80000050)
mkdir(&(0x7f0000000000)='./bus\x00', 0x88)

243.516909ms ago: executing program 8 (id=4281):
ioperm(0x0, 0x2, 0x7e)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r1, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0xac1d})

241.161529ms ago: executing program 9 (id=4282):
getpid()
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)="ef9df1272c14f0060c88b5c1efe18aa6bc")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000003c0)='./file0\x00', 0xc0ed00c5, &(0x7f0000000180)={[{@noblock_validity}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@noload}, {@nobarrier}, {@usrquota}]}, 0xfe, 0x475, &(0x7f0000001600)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8+oJAQVQ8kiZ90AMXEEgcQCDBoYhTcNIq1G1QEyRaRRA4BCEOqBJ3xBGJv4ATXBBwQuIKd1QJoVxaOBmtvZs6rh3ycOK0/nykTWZ215n57u54Z2fsBNC1htIfScTuiPgtIgYjoti4w1Dt183FudLfi3OlJCqV1/9Klv2dJFtSu2orKpUsv6NJuQtvRYyXy5OXs/zI7MV3R2auXH166uL4+cnzk5fGzpw5eeJI3+mxU22JM43rxsEPpg8feOnNa6+Uzl57+6dv0vruzrbfWJwrtaWgOkO1o9vUY+0urMP21KWTYgcrwprsydp7b7X9Dx7qiYGlbYPx4scdrRywqSqVSqXZ/TkzXwHuYkl0ugZAZ+Q3+vT5N1+2qOuxLfz5XO0BKI37ZrbUthSjkO3T2/B82079EXF2/p8v0yU2aRwCAKDed2n/56lm/b9C3Fe33/+yOZS9EfH/iNgXEfdExP6IuDeiuu/9EfHAGstvnCG5vf9TuL6uwFYp7f89m81tLe//5b2/2NuT5fZU4+9Nzk2VJ49nx+RY9O5I86PLXrLc9y/8+nnjus+yYfahuv5fuqTl533BrB7Xiw0DdBPjs+NtCT6N/6OIg8Vm8SdL84BJRByIiIPrLGPqia8Pt9r23/GvoA3zTJWvIh6vnf/5aIg/l7Scnxx95vTYqZH+KE8eH8mvitv9/MvCa63K31D8bZCe/51Nr/9a/OkzYtIfMXPl6oXqfO3M2stY+P2TUtJi2/51Xv99yRvVdF+27v3x2dnLoxF9yctpdmDZ+rFbr83z+f5p/MeONm//+2qPZ9UjcSgi0ov4SEQ8GBEPZefu4Yh4JCKOrhD/j88/+k6rba3P/wqj8m2Uxj+xwvlP3/LS1K3zv/ZEz4Ufvm1VfmVV5/9kNXUsW7Oa97/VVnAjxw4AAADuFIXqZ+CTwvBSulAYHq59hn9/7CyUp2dmnzw3/d6lidpn5fdGbyEf6RqsGw8dzcaG8/xYQ/5ENm78Rc9ANT9cmi5PdDp46HK7WrT/1B89na4dsOl8Xwu6l/YP3Uv7h+7VrP33d6AewNZz/4cu1dd89YdbXQ+gI9Z+//d0AHcL/X/oXto/dC/tH7pSy+/GFzb0lf87NVHcHtVomhjYHtXIE1HYFtVoX+LVT2tNYrvUJ08UV/3PLNaZ2NF0U6ffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrj3wAAAP//X4Dj1Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000740)=ANY=[])

117.06655ms ago: executing program 1 (id=4283):
r0 = socket$inet6(0xa, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001400add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b740000000000000004ff", 0x49}], 0x1)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = dup(r2)
bind$unix(r3, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)

111.823251ms ago: executing program 1 (id=4284):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x1)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1511, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x400, 0x6, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x80}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0xd2}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x8c014)

97.291243ms ago: executing program 9 (id=4285):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x64, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x34, 0x2, [@TCA_FLOW_EMATCHES={0x30, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

679.78µs ago: executing program 9 (id=4286):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49db, 0x0, 0xfff9, 0xbfff, 0x18, "ec28a144f13d7607"})
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000001c0)={0x0, 0xffefef7b, 0x0, 0x2, 0x10, "1b09000040000000000000e678000000101000"})
r1 = syz_open_pts(r0, 0x20800)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x44)

0s ago: executing program 1 (id=4287):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x4, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
recvfrom$l2tp6(r0, 0x0, 0x94, 0x40000002, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

168.162154][T11135] lo: Caught tx_queue_len zero misconfig
[  168.178489][T11135] sch_tbf: burst 545 is lower than device lo mtu (11337746) !
[  168.380496][T11151] nlmon0: Caught tx_queue_len zero misconfig
[  168.413823][T11098] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  168.541330][T11168] lo: Caught tx_queue_len zero misconfig
[  168.611110][T11172] loop9: detected capacity change from 0 to 512
[  168.632522][T11172] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  168.678704][T11172] EXT4-fs error (device loop9): ext4_orphan_get:1397: inode #15: comm syz.9.2592: iget: bad i_size value: 38620345925642
[  168.720097][T11172] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  168.720269][T11172] EXT4-fs error (device loop9): ext4_orphan_get:1402: comm syz.9.2592: couldn't read orphan inode 15 (err -117)
[  168.729646][    C0] EXT4-fs (loop9): error count since last fsck: 1
[  168.729663][    C0] EXT4-fs (loop9): initial error at time 1776259817: ext4_orphan_get:1397: inode 15
[  168.729690][    C0] EXT4-fs (loop9): last error at time 1776259817: ext4_orphan_get:1397: inode 15
[  168.784264][T11172] loop9: lost filesystem error report for type 5 error -117
[  168.787069][T11172] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.852594][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.251878][   T28] audit: type=1400 audit(1776259817.636:776): avc:  denied  { watch watch_reads } for  pid=11231 comm="syz.0.2613" path="/proc/1277/task" dev="proc" ino=30059 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  169.505574][   T28] audit: type=1326 audit(1776259817.886:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11240 comm="syz.9.2617" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x0
[  169.942193][T11261] loop8: detected capacity change from 0 to 164
[  169.961172][T11263] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2625'.
[  169.964964][T11261] isofs_fill_super: bread failed, dev=loop8, iso_blknum=41, block=82
[  169.978958][T11263] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.986136][T11263] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.999760][T11263] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2625'.
[  170.097009][T11277] loop2: detected capacity change from 0 to 512
[  170.104317][T11277] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  170.116771][T11277] EXT4-fs (loop2): 1 truncate cleaned up
[  170.127051][T11277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.290331][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.378599][T11298] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2637'.
[  170.382223][T11296] loop2: detected capacity change from 0 to 164
[  170.433747][T11296] isofs_fill_super: bread failed, dev=loop2, iso_blknum=41, block=82
[  170.649014][T11316] SELinux:  Context system_u:object_r:syslog_conf_t:s0 is not valid (left unmapped).
[  170.679597][   T28] audit: type=1400 audit(1776259819.066:778): avc:  denied  { relabelto } for  pid=11315 comm="syz.1.2645" name="file1" dev="tmpfs" ino=3197 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0"
[  170.749704][   T28] audit: type=1400 audit(1776259819.066:779): avc:  denied  { associate } for  pid=11315 comm="syz.1.2645" name="file1" dev="tmpfs" ino=3197 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:syslog_conf_t:s0"
[  170.809535][   T28] audit: type=1400 audit(1776259819.066:780): avc:  denied  { map } for  pid=11315 comm="syz.1.2645" path="/618/file1" dev="tmpfs" ino=3197 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0"
[  170.859039][   T28] audit: type=1400 audit(1776259819.066:781): avc:  denied  { read write execute } for  pid=11315 comm="syz.1.2645" path="/618/file1" dev="tmpfs" ino=3197 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0"
[  171.232062][   T28] audit: type=1400 audit(1776259819.616:782): avc:  denied  { unlink } for  pid=3309 comm="syz-executor" name="file1" dev="tmpfs" ino=3197 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0"
[  171.555357][T11347] loop8: detected capacity change from 0 to 512
[  171.568647][T11347] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  171.594336][T11347] EXT4-fs (loop8): 1 truncate cleaned up
[  171.602721][T11347] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.741570][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.788764][T11369] xt_hashlimit: size too large, truncated to 1048576
[  171.839786][T11375] –: renamed from vxcan1 (while UP)
[  172.167453][T11391] loop9: detected capacity change from 0 to 164
[  172.232513][T11391] isofs_fill_super: bread failed, dev=loop9, iso_blknum=41, block=82
[  172.610974][T11420] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11420 comm=syz.2.2687
[  172.888109][T11437] __nla_validate_parse: 2 callbacks suppressed
[  172.888133][T11437] netlink: 399 bytes leftover after parsing attributes in process `syz.0.2695'.
[  172.919450][T11437] net_ratelimit: 10 callbacks suppressed
[  172.919465][T11437] openvswitch: netlink: ufid size 36 bytes exceeds the range (1, 16)
[  172.958341][T11437] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  173.084806][T11445] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  173.092112][T11445] IPv6: NLM_F_CREATE should be set when creating new route
[  173.099353][T11445] IPv6: NLM_F_CREATE should be set when creating new route
[  173.163107][   T28] audit: type=1400 audit(1776259821.546:783): avc:  denied  { mount } for  pid=11450 comm="syz.1.2701" name="/" dev="mqueue" ino=2702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  173.187777][T11449] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11449 comm=syz.0.2700
[  173.564596][T11483] gretap4: entered promiscuous mode
[  173.575674][T11485] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2715'.
[  173.591866][T11485] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2715'.
[  173.621677][  T130] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  173.630628][T11485] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2715'.
[  173.641069][  T130] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  173.650068][T11485] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2715'.
[  173.660481][  T130] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  173.673778][  T130] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  173.874498][T11500] loop9: detected capacity change from 0 to 1024
[  173.897425][T11500] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.976752][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.502670][T11522] pimreg: entered allmulticast mode
[  174.508892][T11522] pimreg: left allmulticast mode
[  174.821975][T11535] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11535 comm=syz.2.2733
[  174.937512][T11549] xt_hashlimit: size too large, truncated to 1048576
[  174.954094][T11546] netlink: 'syz.0.2737': attribute type 5 has an invalid length.
[  174.961914][T11546] netlink: 45 bytes leftover after parsing attributes in process `syz.0.2737'.
[  175.081880][T11560] netlink: 'syz.0.2743': attribute type 4 has an invalid length.
[  175.168364][T11571] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11571 comm=syz.0.2748
[  175.191708][T11575] loop2: detected capacity change from 0 to 256
[  175.210214][T11576] loop9: detected capacity change from 0 to 164
[  175.225578][   T28] audit: type=1400 audit(1776260079.610:784): avc:  denied  { setattr } for  pid=11577 comm="syz.8.2751" name="/" dev="configfs" ino=2033 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  175.296265][T11576] isofs_fill_super: bread failed, dev=loop9, iso_blknum=41, block=82
[  175.522572][   T28] audit: type=1326 audit(1776260079.910:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11582 comm="syz.2.2754" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x0
[  175.789001][T11604] tipc: Started in network mode
[  175.794023][T11604] tipc: Node identity fff, cluster identity 4711
[  175.800542][T11604] tipc: Node number set to 4095
[  175.819836][T11607] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11607 comm=syz.8.2762
[  176.015101][T11618] loop8: detected capacity change from 0 to 164
[  176.034875][T11618] isofs_fill_super: bread failed, dev=loop8, iso_blknum=41, block=82
[  176.093052][T11622] gretap1: entered promiscuous mode
[  176.223400][   T28] audit: type=1400 audit(1776260080.610:786): avc:  denied  { bind } for  pid=11625 comm="syz.8.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  176.251133][T11627] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2772'.
[  176.265581][   T28] audit: type=1400 audit(1776260080.630:787): avc:  denied  { write } for  pid=11625 comm="syz.8.2772" path="socket:[31045]" dev="sockfs" ino=31045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  176.425376][T11645] loop8: detected capacity change from 0 to 164
[  176.462186][T11645] isofs_fill_super: bread failed, dev=loop8, iso_blknum=41, block=82
[  176.513220][T11652] loop2: detected capacity change from 0 to 512
[  176.541884][T11652] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  176.570148][T11652] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  176.586566][T11652] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  176.627488][T11661] sch_tbf: burst 1402 is lower than device syzkaller0 mtu (1514) !
[  176.641485][T11652] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  176.661377][T11652] System zones: 0-2, 18-18, 34-35
[  176.683567][T11652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.723127][   T28] audit: type=1400 audit(1776260081.110:788): avc:  denied  { ioctl } for  pid=11666 comm="syz.0.2789" path="socket:[31139]" dev="sockfs" ino=31139 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  176.771216][T11667] team0: Device ipvlan2 failed to register rx_handler
[  176.803171][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.829807][T11673] loop9: detected capacity change from 0 to 512
[  176.836411][T11673] ext4: Unknown parameter 'subj_role'
[  176.864114][T11675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.896986][T11675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.905856][T11677] loop2: detected capacity change from 0 to 2048
[  176.932669][T11677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.998017][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.041232][T11700] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11700 comm=syz.0.2803
[  177.086855][T11703] loop2: detected capacity change from 0 to 1764
[  177.095582][   T28] audit: type=1400 audit(1776260081.480:789): avc:  denied  { mount } for  pid=11702 comm="syz.2.2804" name="/" dev="loop2" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  177.125029][T11705] loop8: detected capacity change from 0 to 512
[  177.188268][   T28] audit: type=1400 audit(1776260081.570:790): avc:  denied  { listen } for  pid=11709 comm="syz.0.2806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  177.347140][T11721] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2810'.
[  177.415456][   T28] audit: type=1326 audit(1776260081.800:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11731 comm="syz.8.2814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  177.448296][   T28] audit: type=1326 audit(1776260081.800:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11731 comm="syz.8.2814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  177.489802][   T28] audit: type=1326 audit(1776260081.800:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11731 comm="syz.8.2814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  177.513897][   T28] audit: type=1326 audit(1776260081.800:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11731 comm="syz.8.2814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  177.538199][   T28] audit: type=1326 audit(1776260081.800:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11731 comm="syz.8.2814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  177.696558][T10439] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.707741][T10439] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.763954][T10439] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.774931][T10439] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.788976][T11759] IPv4: Oversized IP packet from 127.202.26.0
[  177.830009][T11763] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2829'.
[  177.841232][T11763] bridge_slave_1: left allmulticast mode
[  177.847047][T11763] bridge_slave_1: left promiscuous mode
[  177.854270][T11763] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.867657][T11763] bridge_slave_0: left allmulticast mode
[  177.874322][T11763] bridge_slave_0: left promiscuous mode
[  177.881553][T11763] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.957990][T10439] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.975388][T10439] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.058441][T10439] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.097159][T10439] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.150759][T11786] isofs_fill_super: bread failed, dev=loop8, iso_blknum=41, block=82
[  178.450784][T11808] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.620102][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.663816][T10439] bond0 (unregistering): Released all slaves
[  178.687610][ T3038] 8021q: adding VLAN 0 to HW filter on device eth2
[  178.717458][T10439] hsr_slave_0: left promiscuous mode
[  178.727715][T10439] hsr_slave_1: left promiscuous mode
[  178.738546][T10439] veth1_macvtap: left promiscuous mode
[  178.751881][T10439] veth0_macvtap: left promiscuous mode
[  178.760563][T10439] veth1_vlan: left promiscuous mode
[  178.783169][T11845] netlink: 'syz.9.2855': attribute type 39 has an invalid length.
[  178.821566][T11850] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  178.841084][T11850] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2857: Invalid block bitmap block 0 in block_group 0
[  178.868560][T11850] loop2: lost filesystem error report for type 5 error -117
[  178.868790][T11850] EXT4-fs error (device loop2): ext4_acquire_dquot:7028: comm syz.2.2857: Failed to acquire dquot type 0
[  178.876352][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  178.876372][    C0] EXT4-fs (loop2): initial error at time 1776260083: ext4_read_block_bitmap_nowait:483
[  178.876401][    C0] EXT4-fs (loop2): last error at time 1776260083: ext4_read_block_bitmap_nowait:483
[  178.913915][T11850] loop2: lost filesystem error report for type 5 error -117
[  178.914053][T11850] EXT4-fs error (device loop2): ext4_free_blocks:6724: comm syz.2.2857: Freeing blocks not in datazone - block = 0, count = 4096
[  178.937819][T11850] loop2: lost filesystem error report for type 5 error -117
[  178.937976][T11850] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.2857: Invalid inode bitmap blk 0 in block_group 0
[  178.970663][  T308] EXT4-fs error (device loop2): ext4_release_dquot:7064: comm kworker/u8:6: Failed to release dquot type 0
[  178.973388][T11850] loop2: lost filesystem error report for type 5 error -117
[  178.983489][T11850] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  178.999693][T11850] loop2: lost filesystem error report for type 5 error -117
[  178.999809][  T308] loop2: lost filesystem error report for type 5 error -117
[  179.007210][T11850] EXT4-fs (loop2): 1 orphan inode deleted
[  179.024105][T11850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.030857][T11864] netlink: 'syz.8.2862': attribute type 1 has an invalid length.
[  179.070105][T11864] bond2: entered promiscuous mode
[  179.084316][T11864] 8021q: adding VLAN 0 to HW filter on device bond2
[  179.170594][T11864] 8021q: adding VLAN 0 to HW filter on device bond2
[  179.190056][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.206256][T11864] bond2: (slave ip6gre2): The slave device specified does not support setting the MAC address
[  179.219936][T11864] bond2: (slave ip6gre2): Setting fail_over_mac to active for active-backup mode
[  179.232490][T11864] bond2: (slave ip6gre2): making interface the new active one
[  179.240137][T11864] ip6gre2: entered promiscuous mode
[  179.250039][T11864] bond2: (slave ip6gre2): Enslaving as an active interface with an up link
[  179.259749][ T3038] 8021q: adding VLAN 0 to HW filter on device eth1
[  179.362473][T10439] IPVS: stop unused estimator thread 0...
[  179.421760][T11863] futex_wake_op: syz.0.2863 tries to shift op by 32; fix this program
[  179.485062][ T3038] 8021q: adding VLAN 0 to HW filter on device eth3
[  179.554188][T11931] set_capacity_and_notify: 4 callbacks suppressed
[  179.554206][T11931] loop2: detected capacity change from 0 to 512
[  179.625704][T11931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.644319][T11931] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.755739][ T3038] 8021q: adding VLAN 0 to HW filter on device eth4
[  179.807792][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.242271][T11986] loop8: detected capacity change from 0 to 512
[  180.286297][T11986] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.348534][T11986] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.502679][T12002] IPv4: Oversized IP packet from 127.202.26.0
[  180.514157][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.796605][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  180.826785][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.877344][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  180.908154][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.965436][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  180.986330][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.050477][T12037] netlink: 'syz.1.2909': attribute type 1 has an invalid length.
[  181.074285][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  181.085039][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.150223][T12037] bond0: entered promiscuous mode
[  181.163280][T12037] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.195798][T12043] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.234614][T12043] bond0: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  181.245211][T12043] bond0: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  181.258342][T12043] bond0: (slave ip6gre1): making interface the new active one
[  181.266091][T12043] ip6gre1: entered promiscuous mode
[  181.278671][T12043] bond0: (slave ip6gre1): Enslaving as an active interface with an up link
[  181.363415][   T49] vlan0: left allmulticast mode
[  181.381685][   T49] geneve0: left allmulticast mode
[  181.403915][   T49] vlan0: left promiscuous mode
[  181.416477][   T49] geneve0: left promiscuous mode
[  181.418692][T12057] loop9: detected capacity change from 0 to 4096
[  181.428133][   T49] bridge0: port 4(vlan0) entered disabled state
[  181.445010][T12057] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.461657][   T49] batadv1: left allmulticast mode
[  181.480118][   T28] kauditd_printk_skb: 14 callbacks suppressed
[  181.480133][   T28] audit: type=1400 audit(1776260085.870:807): avc:  denied  { bind } for  pid=12058 comm="syz.2.2915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  181.506346][   T49] batadv1: left promiscuous mode
[  181.520033][   T49] bridge0: port 3(batadv1) entered disabled state
[  181.550421][   T49] bridge_slave_1: left allmulticast mode
[  181.569861][   T49] bridge_slave_1: left promiscuous mode
[  181.588839][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.610298][   T49] bridge_slave_0: left allmulticast mode
[  181.619995][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.622338][   T49] bridge_slave_0: left promiscuous mode
[  181.634849][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.649814][   T49] pimreg: left allmulticast mode
[  181.707223][T12068] netlink: 32 bytes leftover after parsing attributes in process `syz.9.2919'.
[  181.911866][   T49] bond1 (unregistering): (slave gre3): Releasing backup interface
[  181.919793][   T49] gre3 (unregistering): left promiscuous mode
[  182.022912][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.034688][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.048489][   T49] bond0 (unregistering): Released all slaves
[  182.063368][   T49] bond1 (unregistering): Released all slaves
[  182.140255][   T49] hsr_slave_0: left promiscuous mode
[  182.156879][   T28] audit: type=1400 audit(1776260086.540:808): avc:  denied  { setopt } for  pid=12083 comm="syz.8.2926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  182.181585][   T49] hsr_slave_1: left promiscuous mode
[  182.191229][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.194768][   T28] audit: type=1400 audit(1776260086.570:809): avc:  denied  { read } for  pid=12083 comm="syz.8.2926" path="socket:[32823]" dev="sockfs" ino=32823 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  182.222977][   T49] batadv0: mtu less than device minimum
[  182.231055][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.242086][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.253325][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.264228][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.275286][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.286575][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.297514][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.308555][   T49] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  182.335531][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.343822][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.362812][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  182.373330][   T49] batman_adv: batadv0: Interface deactivated: dummy0
[  182.380291][   T49] batman_adv: batadv0: Removing interface: dummy0
[  182.389575][   T49] veth1_macvtap: left promiscuous mode
[  182.396774][   T49] veth0_macvtap: left promiscuous mode
[  182.404633][   T49] veth1_vlan: left promiscuous mode
[  182.410726][   T49] veth0_vlan: left promiscuous mode
[  182.498947][   T49] team0 (unregistering): Port device team_slave_1 removed
[  182.508895][   T49] team0 (unregistering): Port device team_slave_0 removed
[  182.580448][ T3038] 8021q: adding VLAN 0 to HW filter on device eth21
[  182.620406][T12116] loop9: detected capacity change from 0 to 512
[  182.634634][T12116] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.696400][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.740465][T12028] chnl_net:caif_netlink_parms(): no params data found
[  182.824311][T12028] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.840718][T12028] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.854423][T12028] bridge_slave_0: entered allmulticast mode
[  182.861178][T12028] bridge_slave_0: entered promiscuous mode
[  182.868116][T12028] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.875868][T12028] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.883289][T12028] bridge_slave_1: entered allmulticast mode
[  182.891792][T12028] bridge_slave_1: entered promiscuous mode
[  182.945963][T12028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.973728][ T3038] 8021q: adding VLAN 0 to HW filter on device eth22
[  182.994941][T12028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.018705][T12155] loop2: detected capacity change from 0 to 4096
[  183.036211][T12155] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=e842c018, mo2=0002]
[  183.049282][   T49] IPVS: stop unused estimator thread 0...
[  183.067414][T12028] team0: Port device team_slave_0 added
[  183.073764][T12155] System zones: 0-5
[  183.089705][T12155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.094669][T12028] team0: Port device team_slave_1 added
[  183.137592][T12028] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.155580][T12028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  183.183146][T12028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.183532][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.204203][T12028] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.211496][T12028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  183.245379][T12028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.304654][T12028] hsr_slave_0: entered promiscuous mode
[  183.323615][T12028] hsr_slave_1: entered promiscuous mode
[  183.343874][T12028] debugfs: 'hsr0' already exists in 'hsr'
[  183.344621][ T7759] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  183.351281][T12028] Cannot create hsr debugfs directory
[  183.377336][ T7759] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  183.464100][ T3038] 8021q: adding VLAN 0 to HW filter on device eth23
[  183.481747][T12201] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2954'.
[  183.500950][   T28] audit: type=1326 audit(1776260087.890:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.556892][   T28] audit: type=1326 audit(1776260087.890:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.622660][   T28] audit: type=1326 audit(1776260087.890:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.655750][T12212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2956'.
[  183.697412][   T28] audit: type=1326 audit(1776260087.890:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.723085][   T28] audit: type=1326 audit(1776260087.890:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.746779][   T28] audit: type=1326 audit(1776260087.890:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.776348][   T28] audit: type=1326 audit(1776260087.890:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12202 comm="syz.9.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  183.833294][T12227] loop2: detected capacity change from 0 to 512
[  183.855126][T12227] EXT4-fs: Ignoring removed bh option
[  183.881538][T12227] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  183.897232][T12028] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  183.911714][T12227] EXT4-fs error (device loop2): ext4_iget_extra_inode:5042: inode #15: comm syz.2.2967: corrupted in-inode xattr: e_value size too large
[  183.925968][T12227] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  183.927666][T12028] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  183.936934][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  183.936951][    C1] EXT4-fs (loop2): initial error at time 1776260088: ext4_iget_extra_inode:5042: inode 15
[  183.936978][    C1] EXT4-fs (loop2): last error at time 1776260088: ext4_iget_extra_inode:5042: inode 15
[  183.949286][T12227] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2967: couldn't read orphan inode 15 (err -117)
[  183.951358][T12028] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  183.991922][T12028] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  184.002608][T12227] loop2: lost filesystem error report for type 5 error -117
[  184.003223][T12227] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.023089][T12028] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  184.042463][T12028] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  184.050648][T12028] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  184.060406][T12227] EXT4-fs warning (device loop2): dx_probe:801: inode #2: comm syz.2.2967: Unrecognised inode hash code 4
[  184.071916][T12227] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.2967: Corrupt directory, running e2fsck is recommended
[  184.086555][T12028] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  184.117880][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.187824][T12028] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.226928][T12028] 8021q: adding VLAN 0 to HW filter on device team0
[  184.252411][ T4782] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.259544][ T4782] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.284873][  T130] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.292068][  T130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.329317][ T4997] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  184.454311][T12028] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.699242][T12028] veth0_vlan: entered promiscuous mode
[  184.724307][T12028] veth1_vlan: entered promiscuous mode
[  184.741990][T12028] veth0_macvtap: entered promiscuous mode
[  184.751688][T12028] veth1_macvtap: entered promiscuous mode
[  184.765975][T12028] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.784903][T12028] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.795958][  T130] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.816328][  T130] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.831581][  T130] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.843981][  T130] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.980747][T12370] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2990'.
[  185.047291][T12382] loop0: detected capacity change from 0 to 512
[  185.092440][T12382] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  185.125703][T12382] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.165057][T12382] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.291485][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.459718][T12422] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3009'.
[  185.579813][T12442] syzkaller1: entered promiscuous mode
[  185.585458][T12442] syzkaller1: entered allmulticast mode
[  186.214537][T12472] netlink: 199828 bytes leftover after parsing attributes in process `syz.9.3028'.
[  186.763469][T12508] loop2: detected capacity change from 0 to 4096
[  186.781109][T12508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.855093][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.955266][T12523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.004487][T12529] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3050'.
[  187.016957][T12523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.030397][T12529] netem: incorrect gi model size
[  187.048522][T12530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.058038][T12529] netem: change failed
[  187.087774][T12523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.109494][T12530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.172056][T12530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3048'.
[  187.183279][T12536] loop0: detected capacity change from 0 to 1024
[  187.219990][T12536] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  187.242597][T12536] System zones: 0-1, 3-36
[  187.247773][T12524] loop8: detected capacity change from 0 to 32768
[  187.264005][T12544] SELinux: security_context_str_to_sid (ÿû`Û'àˆsÃÉuàA^:=®‚) failed with errno=-22
[  187.276768][T12536] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.3052: bad orphan inode 134217728
[  187.302657][T12524]  loop8: p1 p2 p3 < > p4 < p5 p6 >
[  187.313414][T12524] loop8: p1 start 460800 is beyond EOD, truncated
[  187.331255][T12524] loop8: p2 size 83886080 extends beyond EOD, truncated
[  187.338767][T12536] loop0: lost filesystem error report for type 5 error -117
[  187.339356][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  187.354447][    C1] EXT4-fs (loop0): initial error at time 1776260091: ext4_orphan_get:1423
[  187.363837][    C1] EXT4-fs (loop0): last error at time 1776260091: ext4_orphan_get:1423
[  187.371115][T12524] loop8: p5 start 460800 is beyond EOD, truncated
[  187.382735][T12550] netlink: 199828 bytes leftover after parsing attributes in process `syz.1.3057'.
[  187.383656][T12536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.399853][T12524] loop8: p6 size 83886080 extends beyond EOD, truncated
[  187.528824][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.774990][T12568] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3066'.
[  188.019888][ T7771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=7771 comm=kworker/1:7
[  188.080354][T12583] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3073'.
[  188.106353][T12583] netlink: 'syz.1.3073': attribute type 7 has an invalid length.
[  188.122501][T12583] netlink: 'syz.1.3073': attribute type 8 has an invalid length.
[  188.189705][   T28] kauditd_printk_skb: 70 callbacks suppressed
[  188.189719][   T28] audit: type=1400 audit(1776260092.580:887): avc:  denied  { read } for  pid=12586 comm="syz.0.3075" path="socket:[34398]" dev="sockfs" ino=34398 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  188.443208][T12600] bridge_slave_0: left allmulticast mode
[  188.468888][T12600] bridge_slave_0: left promiscuous mode
[  188.492618][T12600] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.518807][T12600] bridge_slave_1: left allmulticast mode
[  188.538495][T12600] bridge_slave_1: left promiscuous mode
[  188.561010][T12600] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.587752][T12600] bond0: (slave bond_slave_0): Releasing backup interface
[  188.612118][T12600] bond0: (slave bond_slave_1): Releasing backup interface
[  188.638060][T12600] team0: Port device team_slave_0 removed
[  188.658554][T12600] team0: Port device team_slave_1 removed
[  188.671620][T12600] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.689366][T12600] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.709414][T12600] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.719329][T12600] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.735096][T12600] net_ratelimit: 31 callbacks suppressed
[  188.735109][T12600] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  188.874668][T12622] loop8: detected capacity change from 0 to 512
[  188.900232][T12622] EXT4-fs: test_dummy_encryption option not supported
[  188.923779][T12622] SELinux: security_context_str_to_sid (ÿû`Û'àˆsÃÉuàA^:=®‚) failed with errno=-22
[  189.069113][T12632] loop8: detected capacity change from 0 to 1024
[  189.104981][T12632] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  189.122506][T12632] System zones: 0-1, 3-36
[  189.146752][T12632] EXT4-fs error (device loop8): ext4_orphan_get:1423: comm syz.8.3089: bad orphan inode 134217728
[  189.192737][T12632] loop8: lost filesystem error report for type 5 error -117
[  189.199194][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  189.212968][    C0] EXT4-fs (loop8): initial error at time 1776260093: ext4_orphan_get:1423
[  189.221496][    C0] EXT4-fs (loop8): last error at time 1776260093: ext4_orphan_get:1423
[  189.238571][T12632] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.294221][T12651] bond0: entered allmulticast mode
[  189.308059][T12651] ip6gre1: entered allmulticast mode
[  189.323338][T12651] bond0: left allmulticast mode
[  189.333468][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.345556][T12651] ip6gre1: left allmulticast mode
[  189.432340][T12659] loop0: detected capacity change from 0 to 512
[  189.451725][T12659] EXT4-fs: test_dummy_encryption option not supported
[  189.501220][T12659] SELinux: security_context_str_to_sid (ÿû`Û'àˆsÃÉuàA^:=®‚) failed with errno=-22
[  189.628427][   T28] audit: type=1326 audit(1776260094.010:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  189.679774][   T28] audit: type=1326 audit(1776260094.010:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  189.746359][   T28] audit: type=1326 audit(1776260094.010:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  189.746852][T12675] loop2: detected capacity change from 0 to 512
[  189.819441][   T28] audit: type=1326 audit(1776260094.010:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  189.829683][T12675] EXT4-fs (loop2): 1 truncate cleaned up
[  189.871569][   T28] audit: type=1326 audit(1776260094.010:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  189.908726][T12675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.959655][   T28] audit: type=1326 audit(1776260094.060:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  190.058003][T12675] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3110: bg 0: block 465: padding at end of block bitmap is not set
[  190.072890][   T28] audit: type=1326 audit(1776260094.060:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  190.118067][T12675] EXT4-fs (loop2): Delayed block allocation failed for inode 13 at logical offset 2 with max blocks 2 with error 28
[  190.143449][   T28] audit: type=1326 audit(1776260094.060:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  190.179714][T12675] EXT4-fs (loop2): This should not happen!! Data will be lost
[  190.179714][T12675] 
[  190.208343][T12675] EXT4-fs (loop2): Total free blocks count 0
[  190.219620][   T28] audit: type=1326 audit(1776260094.060:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12668 comm="syz.8.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  190.244793][T12696] af_packet: tpacket_rcv: packet too big, clamped from 65386 to 4294967272. macoff=96
[  190.256212][T12675] EXT4-fs (loop2): Free/Dirty block details
[  190.263837][T12675] EXT4-fs (loop2): free_blocks=0
[  190.272332][T12675] EXT4-fs (loop2): dirty_blocks=2
[  190.288987][T12675] EXT4-fs (loop2): Block reservation details
[  190.301139][T12675] EXT4-fs (loop2): i_reserved_data_blocks=2
[  190.317664][T12693] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.3110: invalid indirect mapped block 234881024 (level 0)
[  190.377986][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.492954][T12704] loop2: detected capacity change from 0 to 1024
[  190.615449][T12704] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  190.677922][T12704] System zones: 0-1, 3-36
[  190.725835][T12704] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.3122: bad orphan inode 134217728
[  190.775508][T12704] loop2: lost filesystem error report for type 5 error -117
[  190.815289][T12704] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.877971][T12737] tipc: Failed to remove unknown binding: 66,1,1/0:4022568868/4022568870
[  190.890082][T12737] tipc: Failed to remove unknown binding: 66,1,1/0:4022568868/4022568870
[  191.009723][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.578672][T12804] loop9: detected capacity change from 0 to 1024
[  191.606900][T12804] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  191.636769][T12804] System zones: 0-1, 3-36
[  191.679119][T12804] EXT4-fs error (device loop9): ext4_orphan_get:1423: comm syz.9.3148: bad orphan inode 134217728
[  191.701721][T12804] loop9: lost filesystem error report for type 5 error -117
[  191.730580][T12804] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.884981][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.879012][T12848] loop0: detected capacity change from 0 to 32768
[  192.892121][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  192.914282][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  192.936000][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  192.957906][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  192.973955][T12848]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[  192.978081][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  192.995019][T12848] loop0: p1 start 460800 is beyond EOD, truncated
[  193.008418][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  193.021521][T12848] loop0: p2 size 83886080 extends beyond EOD, truncated
[  193.027256][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  193.046654][T12848] loop0: p5 start 460800 is beyond EOD, truncated
[  193.057887][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  193.064545][T12848] loop0: p6 size 83886080 extends beyond EOD, truncated
[  193.078968][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  193.104028][ T7771] hid-generic 0000:0000:000E.0004: unknown main item tag 0x0
[  193.127661][T12859] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  193.138768][ T7771] hid-generic 0000:0000:000E.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  193.219353][T12892] fido_id[12892]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  193.507394][T12907] __nla_validate_parse: 3 callbacks suppressed
[  193.507410][T12907] netlink: 33 bytes leftover after parsing attributes in process `syz.1.3182'.
[  193.556564][T12907] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3182'.
[  193.566447][T12907] netlink: 33 bytes leftover after parsing attributes in process `syz.1.3182'.
[  193.599253][T12914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3185'.
[  193.615404][T12914] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.632249][T12914] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.657157][T12923] loop0: detected capacity change from 0 to 512
[  193.664237][T12914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.672929][T12914] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.696303][T12922] netlink: 7 bytes leftover after parsing attributes in process `syz.9.3188'.
[  193.712896][T12923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.783225][   T28] kauditd_printk_skb: 205 callbacks suppressed
[  193.783253][   T28] audit: type=1400 audit(1776260098.170:1102): avc:  denied  { ioctl } for  pid=12919 comm="syz.0.3187" path="/42/file0/blkio.bfq.group_wait_time" dev="loop0" ino=18 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  193.818326][T12932] batadv_slave_0: Caught tx_queue_len zero misconfig
[  193.876111][T12937] loop2: detected capacity change from 0 to 2048
[  193.902420][T12937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.945360][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.024047][   T28] audit: type=1326 audit(1776260098.410:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.052312][   T28] audit: type=1326 audit(1776260098.410:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.084477][   T28] audit: type=1326 audit(1776260098.430:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.113168][   T28] audit: type=1326 audit(1776260098.430:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.139109][   T28] audit: type=1326 audit(1776260098.430:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.165932][   T28] audit: type=1326 audit(1776260098.440:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.190868][   T28] audit: type=1326 audit(1776260098.440:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.217024][T12946] loop2: detected capacity change from 0 to 8192
[  194.221978][   T28] audit: type=1326 audit(1776260098.440:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.272001][   T28] audit: type=1326 audit(1776260098.440:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.2.3196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  194.305932][T12958] lo: Caught tx_queue_len zero misconfig
[  194.595014][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.642527][ T9466] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  194.663836][ T9466] FAT-fs (loop2): Filesystem has been set read-only
[  194.735158][T12981] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  194.843632][T12996] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3219'.
[  194.867582][T12996] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3219'.
[  194.883068][T13000] loop2: detected capacity change from 0 to 1024
[  194.890763][T13000] EXT4-fs: Ignoring removed mblk_io_submit option
[  194.913781][T13000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.948580][T13000] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.3221: missing EA_INODE flag
[  194.993557][T13000] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.3221: error while reading EA inode 11 err=-117
[  195.039163][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.050573][T13013] netlink: 'syz.1.3226': attribute type 3 has an invalid length.
[  195.065420][ T7760] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  195.085435][T13013] netlink: 'syz.1.3226': attribute type 1 has an invalid length.
[  195.117033][T13013] netlink: 198116 bytes leftover after parsing attributes in process `syz.1.3226'.
[  195.276000][T13039] loop2: detected capacity change from 0 to 512
[  195.298133][T13039] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.3237: inode has both inline data and extents flags
[  195.326945][T13039] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  195.328129][T13039] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.3237: couldn't read orphan inode 15 (err -117)
[  195.337470][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  195.337498][    C0] EXT4-fs (loop2): initial error at time 1776260099: ext4_orphan_get:1397: inode 15
[  195.337527][    C0] EXT4-fs (loop2): last error at time 1776260099: ext4_orphan_get:1397: inode 15
[  195.375405][T13039] loop2: lost filesystem error report for type 5 error -117
[  195.379764][T13039] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.390198][T13017] hid-generic 0000:0000:0000.0005: pid 13017 passed too short report
[  195.486465][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.627106][T13077] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  195.692777][T13080] loop0: detected capacity change from 0 to 1024
[  195.731625][T13080] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  195.745802][T13080] System zones: 0-1, 3-36
[  195.762557][T13080] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.3253: bad orphan inode 134217728
[  195.784248][T13080] loop0: lost filesystem error report for type 5 error -117
[  195.792477][T13096] netlink: 27 bytes leftover after parsing attributes in process `syz.8.3260'.
[  195.794635][T13080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.908033][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.104188][T13123] loop0: detected capacity change from 0 to 1024
[  196.116262][T13123] EXT4-fs: Ignoring removed orlov option
[  196.131411][T13123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.173260][T13130] loop9: detected capacity change from 0 to 128
[  196.192391][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.215691][T13134] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3277'.
[  196.546912][T13157] loop2: detected capacity change from 0 to 512
[  196.554934][T13157] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  196.569899][T13157] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  196.579061][T13157] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  196.588855][T13157] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  196.597316][T13157] System zones: 0-2, 18-18, 34-35
[  196.603118][T13157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.626501][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.880371][T13168] loop2: detected capacity change from 0 to 2048
[  196.901523][T13168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.929720][T13167] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  196.944595][T13167] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 498 with error 28
[  196.956984][T13167] EXT4-fs (loop2): This should not happen!! Data will be lost
[  196.956984][T13167] 
[  196.966873][T13167] EXT4-fs (loop2): Total free blocks count 0
[  196.972977][T13167] EXT4-fs (loop2): Free/Dirty block details
[  196.978888][T13167] EXT4-fs (loop2): free_blocks=4096
[  196.984658][T13167] EXT4-fs (loop2): dirty_blocks=512
[  196.989894][T13167] EXT4-fs (loop2): Block reservation details
[  196.995902][T13167] EXT4-fs (loop2): i_reserved_data_blocks=32
[  197.025045][  T308] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 496 with error 28
[  197.040410][ T9466] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  197.562227][T13223] erspan0: entered promiscuous mode
[  197.571072][T13223] macvtap1: entered promiscuous mode
[  197.576591][T13223] macvtap1: entered allmulticast mode
[  197.582067][T13223] erspan0: entered allmulticast mode
[  197.591321][T13223] erspan0: left allmulticast mode
[  197.598657][T13223] erspan0: left promiscuous mode
[  197.636706][T13230] netlink: 'syz.1.3314': attribute type 1 has an invalid length.
[  197.679759][T13235] netlink: 'syz.1.3317': attribute type 10 has an invalid length.
[  197.750917][T13240] loop8: detected capacity change from 0 to 512
[  197.791356][T13240] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.804607][T13240] ext4 filesystem being mounted at /336/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.866959][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.098359][T13267] loop2: detected capacity change from 0 to 7
[  198.122718][T13269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.133184][T13267]  loop2:
[  198.156917][T13269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.229101][T13273] loop0: detected capacity change from 0 to 1024
[  198.261199][T13273] EXT4-fs: Ignoring removed orlov option
[  198.282719][T13273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.295958][T13276] loop9: detected capacity change from 0 to 512
[  198.315332][T13276] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  198.335264][T12028] EXT4-fs error (device loop0): ext4_free_inode:354: comm syz-executor: bit already cleared for inode 11
[  198.355967][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.365496][T13276] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[  198.380093][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.391606][T13276] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.3333: Corrupt directory, running e2fsck is recommended
[  198.407431][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.424865][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.434435][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.443791][T13276] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[  198.444207][T12028] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  198.452116][T13276] EXT4-fs error (device loop9): ext4_iget_extra_inode:5042: inode #15: comm syz.9.3333: corrupted in-inode xattr: e_name out of bounds
[  198.476610][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.486522][T13276] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  198.489221][    C0] EXT4-fs (loop9): error count since last fsck: 1
[  198.498621][T13276] EXT4-fs error (device loop9): ext4_orphan_get:1402: comm syz.9.3333: couldn't read orphan inode 15 (err -117)
[  198.505016][    C0] EXT4-fs (loop9): initial error at time 1776260102: ext4_iget_extra_inode:5042: inode 15
[  198.505049][    C0] EXT4-fs (loop9): last error at time 1776260102: ext4_iget_extra_inode:5042: inode 15
[  198.518238][T13276] loop9: lost filesystem error report for type 5 error -117
[  198.537669][T13276] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.666036][T13286] loop0: detected capacity change from 0 to 1024
[  198.686975][T13286] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  198.705668][T13286] System zones: 0-1, 3-36
[  198.729479][T13286] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.3334: bad orphan inode 134217728
[  198.742309][T13286] loop0: lost filesystem error report for type 5 error -117
[  198.743354][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.826391][T12028] EXT4-fs unmount: 1 callbacks suppressed
[  198.826444][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.920023][ T7756] hid_parser_main: 8 callbacks suppressed
[  198.920043][ T7756] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  198.972997][ T7756] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  200.493207][   T28] kauditd_printk_skb: 462 callbacks suppressed
[  200.493221][   T28] audit: type=1400 audit(1776260104.880:1574): avc:  denied  { listen } for  pid=13370 comm="syz.0.3368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  201.082967][T13394] __nla_validate_parse: 4 callbacks suppressed
[  201.082982][T13394] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3377'.
[  201.302134][T13401] loop2: detected capacity change from 0 to 512
[  201.334851][T13401] EXT4-fs: Ignoring removed mblk_io_submit option
[  201.440679][T13401] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  201.498714][T13401] loop2: detected capacity change from 0 to 256
[  201.635009][T13419] loop0: detected capacity change from 0 to 512
[  201.734902][   T28] audit: type=1326 audit(1776260106.120:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  201.814534][   T28] audit: type=1326 audit(1776260106.150:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  201.894961][   T28] audit: type=1326 audit(1776260106.150:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  201.919313][   T28] audit: type=1326 audit(1776260106.150:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  201.943378][   T28] audit: type=1326 audit(1776260106.150:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  201.969181][   T28] audit: type=1326 audit(1776260106.150:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13421 comm="syz.2.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebb5ec819 code=0x7ffc0000
[  202.028014][   T28] audit: type=1400 audit(1776260106.410:1581): avc:  denied  { accept } for  pid=13433 comm="syz.2.3393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  202.614764][T13454] netlink: 'syz.1.3402': attribute type 10 has an invalid length.
[  202.626618][T13454] netlink: 16154 bytes leftover after parsing attributes in process `syz.1.3402'.
[  202.959659][T13468] loop9: detected capacity change from 0 to 512
[  203.866902][T13528] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3433'.
[  203.914624][T13534] loop2: detected capacity change from 0 to 764
[  203.959749][T13535] loop0: detected capacity change from 0 to 512
[  203.977348][T13535] EXT4-fs: Ignoring removed bh option
[  204.007275][T13535] EXT4-fs: inline encryption not supported
[  204.015297][T13535] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  204.024924][T13543] netlink: 'syz.1.3440': attribute type 1 has an invalid length.
[  204.036449][T13543] netlink: 'syz.1.3440': attribute type 4 has an invalid length.
[  204.044756][T13543] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.3440'.
[  204.062505][T13535] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  204.077623][   T28] audit: type=1400 audit(1776260108.460:1582): avc:  denied  { read } for  pid=13545 comm="syz.8.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  204.078755][T13535] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3436: bg 0: block 248: padding at end of block bitmap is not set
[  204.126093][T13535] loop0: lost filesystem error report for type 5 error -117
[  204.129188][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  204.137628][T13535] Quota error (device loop0): write_blk: dquota write failed
[  204.143348][    C0] EXT4-fs (loop0): last error at time 1776260108: ext4_validate_block_bitmap:441
[  204.181703][ T3398] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  204.189533][T13535] EXT4-fs error (device loop0): ext4_acquire_dquot:7028: comm syz.0.3436: Failed to acquire dquot type 1
[  204.199793][ T3398] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  204.201257][T13535] loop0: lost filesystem error report for type 5 error -28
[  204.225670][T13535] EXT4-fs (loop0): 1 truncate cleaned up
[  204.252263][T13535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  204.302869][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  204.442987][T13584] io-wq is not configured for unbound workers
[  204.598670][T13608] loop9: detected capacity change from 0 to 128
[  204.622557][T13610] veth0_to_team: entered promiscuous mode
[  204.688898][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.688898][   T39] loop9: rw=1, sector=145, nr_sectors = 16 limit=128
[  204.709550][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.709550][   T39] loop9: rw=1, sector=169, nr_sectors = 8 limit=128
[  204.724527][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.724527][   T39] loop9: rw=1, sector=185, nr_sectors = 8 limit=128
[  204.738773][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.738773][   T39] loop9: rw=1, sector=201, nr_sectors = 8 limit=128
[  204.768077][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.768077][   T39] loop9: rw=1, sector=217, nr_sectors = 8 limit=128
[  204.796288][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.796288][   T39] loop9: rw=1, sector=233, nr_sectors = 8 limit=128
[  204.818152][T13613] loop0: detected capacity change from 0 to 256
[  204.824871][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.824871][   T39] loop9: rw=1, sector=249, nr_sectors = 8 limit=128
[  204.852023][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.852023][   T39] loop9: rw=1, sector=265, nr_sectors = 8 limit=128
[  204.874032][T13613] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  204.886552][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.886552][   T39] loop9: rw=1, sector=281, nr_sectors = 8 limit=128
[  204.902419][   T39] kworker/u8:2: attempt to access beyond end of device
[  204.902419][   T39] loop9: rw=1, sector=297, nr_sectors = 8 limit=128
[  204.919006][T13613] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  205.727940][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  205.727955][   T28] audit: type=1400 audit(1776260110.110:1585): avc:  denied  { setcurrent } for  pid=13663 comm="syz.0.3489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  205.754643][   T28] audit: type=1401 audit(1776260110.110:1586): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  205.845763][T13673] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3493'.
[  205.888193][T13677] loop0: detected capacity change from 0 to 512
[  205.904747][T13677] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.3496: inode has both inline data and extents flags
[  205.971885][T13677] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  205.972019][T13677] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.3496: couldn't read orphan inode 15 (err -117)
[  205.981188][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  205.981212][    C0] EXT4-fs (loop0): initial error at time 1776260110: ext4_orphan_get:1397: inode 15
[  205.981247][    C0] EXT4-fs (loop0): last error at time 1776260110: ext4_orphan_get:1397: inode 15
[  205.993325][T13679] loop2: detected capacity change from 0 to 8192
[  206.025399][T13677] loop0: lost filesystem error report for type 5 error -117
[  206.032733][T13677] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.099837][T13677] EXT4-fs error (device loop0): __ext4_get_inode_loc_noinmem:4922: inode #18: block 9: comm syz.0.3496: unable to read itable block
[  206.113849][T13677] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[  206.122920][T13677] EXT4-fs (loop0): I/O error while writing superblock
[  206.145243][T12028] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  206.168457][  T308] EXT4-fs error (device loop0): __ext4_get_inode_loc_noinmem:4922: inode #2: block 5: comm kworker/u8:6: unable to read itable block
[  206.193030][  T308] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[  206.201664][  T308] EXT4-fs (loop0): I/O error while writing superblock
[  206.209231][T12028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.218632][T12028] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[  206.227086][T12028] EXT4-fs (loop0): I/O error while writing superblock
[  206.438372][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.451650][T13708] netlink: 'syz.2.3510': attribute type 1 has an invalid length.
[  206.461073][T13708] netlink: 'syz.2.3510': attribute type 4 has an invalid length.
[  206.469780][T13708] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3510'.
[  206.487888][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.524884][T13714] set_capacity_and_notify: 1 callbacks suppressed
[  206.524899][T13714] loop2: detected capacity change from 0 to 128
[  206.552743][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.615678][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.889679][   T49] bond0 (unregistering): Released all slaves
[  206.900977][   T49] bond1 (unregistering): Released all slaves
[  206.972757][   T49] hsr_slave_0: left promiscuous mode
[  206.990000][   T49] hsr_slave_1: left promiscuous mode
[  207.007239][   T49] veth1_macvtap: left promiscuous mode
[  207.016919][   T49] veth0_macvtap: left promiscuous mode
[  207.028077][   T49] veth1_vlan: left promiscuous mode
[  207.039447][   T49] veth0_vlan: left promiscuous mode
[  207.304608][ T3038] 8021q: adding VLAN 0 to HW filter on device eth22
[  207.488742][   T39] Bluetooth: hci0: Frame reassembly failed (-84)
[  207.585165][T13731] chnl_net:caif_netlink_parms(): no params data found
[  207.605570][ T3038] 8021q: adding VLAN 0 to HW filter on device eth21
[  207.764605][T13731] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.791805][T13731] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.818119][T13731] bridge_slave_0: entered allmulticast mode
[  207.854904][T13731] bridge_slave_0: entered promiscuous mode
[  207.870361][T13731] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.895702][T13731] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.910758][T13731] bridge_slave_1: entered allmulticast mode
[  207.929316][T13731] bridge_slave_1: entered promiscuous mode
[  207.965028][T13731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.992669][T13731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.030353][ T3038] 8021q: adding VLAN 0 to HW filter on device eth23
[  208.055493][T13731] team0: Port device team_slave_0 added
[  208.072188][T13731] team0: Port device team_slave_1 added
[  208.106112][T13731] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.119296][T13731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  208.170468][T13731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.194973][T13731] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.209828][T13731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  208.258169][T13731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.332482][T13731] hsr_slave_0: entered promiscuous mode
[  208.349460][T13731] hsr_slave_1: entered promiscuous mode
[  208.359567][T13731] debugfs: 'hsr0' already exists in 'hsr'
[  208.370853][T13731] Cannot create hsr debugfs directory
[  208.385856][T13849] loop8: detected capacity change from 0 to 128
[  208.573879][ T3038] 8021q: adding VLAN 0 to HW filter on device eth24
[  208.807014][T13731] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  208.832530][T13731] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  208.857574][T13731] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  208.881275][T13731] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  208.903394][T13731] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  208.929558][T13731] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  208.952259][T13731] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  208.977685][T13731] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  209.088011][T13731] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.125160][T13731] 8021q: adding VLAN 0 to HW filter on device team0
[  209.151124][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.158236][  T308] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.206496][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.213689][  T308] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.387397][T13731] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.516431][T13929] loop8: detected capacity change from 0 to 8192
[  209.529339][ T4997] Bluetooth: hci0: command 0x1003 tx timeout
[  209.535365][ T3483] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  209.746133][T13731] veth0_vlan: entered promiscuous mode
[  209.765367][T13731] veth1_vlan: entered promiscuous mode
[  209.805690][T13731] veth0_macvtap: entered promiscuous mode
[  209.834510][T13731] veth1_macvtap: entered promiscuous mode
[  209.860538][T13731] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.894405][T13731] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.925373][T13981] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3554'.
[  209.926574][   T39] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.954496][   T39] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.970531][   T39] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.014051][   T39] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.146556][T14000] netlink: 33 bytes leftover after parsing attributes in process `syz.8.3558'.
[  210.179936][T14000] netlink: 140 bytes leftover after parsing attributes in process `syz.8.3558'.
[  210.202417][T14000] netlink: 33 bytes leftover after parsing attributes in process `syz.8.3558'.
[  210.293688][T14012] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3560'.
[  210.375885][T14017] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3562'.
[  210.411761][T14017] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.438181][T14017] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.525750][T14017] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.540805][T14017] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.554492][T14029] loop4: detected capacity change from 0 to 2048
[  210.594063][T14029] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.689251][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.086054][T14081] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  211.469380][T14121] syzkaller0: entered promiscuous mode
[  211.475020][   T28] audit: type=1400 audit(1776260115.850:1587): avc:  denied  { ioctl } for  pid=14119 comm="syz.8.3585" path="socket:[40018]" dev="sockfs" ino=40018 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  211.505914][T14121] syzkaller0: entered allmulticast mode
[  212.210498][T14185] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  212.245180][   T28] audit: type=1326 audit(1776260116.630:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.271268][   T28] audit: type=1326 audit(1776260116.630:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.295671][   T28] audit: type=1326 audit(1776260116.630:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.328334][   T28] audit: type=1326 audit(1776260116.630:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.352938][   T28] audit: type=1326 audit(1776260116.630:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.377350][   T28] audit: type=1326 audit(1776260116.630:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.379610][T14189] loop4: detected capacity change from 0 to 8192
[  212.402543][   T28] audit: type=1326 audit(1776260116.630:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.493732][   T28] audit: type=1326 audit(1776260116.630:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.531795][   T28] audit: type=1326 audit(1776260116.630:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.4.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001b4c819 code=0x7ffc0000
[  212.603930][T13731] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[  212.622601][T14197] loop9: detected capacity change from 0 to 512
[  212.632335][T13731] FAT-fs (loop4): Filesystem has been set read-only
[  212.681277][T14197] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.718113][T14197] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.785476][T14197] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  212.830333][T14197] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  212.849583][T14197] EXT4-fs (loop9): This should not happen!! Data will be lost
[  212.849583][T14197] 
[  212.859726][T14197] EXT4-fs (loop9): Total free blocks count 0
[  212.875079][T14197] EXT4-fs (loop9): Free/Dirty block details
[  212.889674][T14209] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 28
[  212.918687][T14209] EXT4-fs (loop9): This should not happen!! Data will be lost
[  212.918687][T14209] 
[  212.942825][T14197] EXT4-fs (loop9): free_blocks=65280
[  212.964356][T14197] EXT4-fs (loop9): dirty_blocks=26
[  212.980125][T14209] EXT4-fs (loop9): Total free blocks count 0
[  213.031941][ T8579] EXT4-fs warning (device loop9): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  213.107913][   T30] Bluetooth: hci0: Frame reassembly failed (-84)
[  213.180674][T14233] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  214.887139][T14285] loop8: detected capacity change from 0 to 512
[  214.903642][T14283] netlink: 27 bytes leftover after parsing attributes in process `syz.1.3632'.
[  214.918819][T14285] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.974950][T14296] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  215.109276][T14292] EXT4-fs error (device loop8): ext4_validate_block_bitmap:423: comm ext4lazyinit: bg 0: bad block bitmap checksum
[  215.129432][ T3483] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  215.129725][ T4997] Bluetooth: hci0: command 0x1003 tx timeout
[  215.722826][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.853893][T14318] loop8: detected capacity change from 0 to 1024
[  215.872431][T14318] EXT4-fs: Ignoring removed orlov option
[  215.922002][T14318] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.970762][T14332] loop4: detected capacity change from 0 to 512
[  216.015045][T14332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.036484][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.054056][T14332] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.070803][T14332] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  216.109396][T14332] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  216.126332][T14332] EXT4-fs (loop4): This should not happen!! Data will be lost
[  216.126332][T14332] 
[  216.128724][T14342] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 28
[  216.136173][T14332] EXT4-fs (loop4): Total free blocks count 0
[  216.154490][T14332] EXT4-fs (loop4): Free/Dirty block details
[  216.160454][T14332] EXT4-fs (loop4): free_blocks=65280
[  216.165830][T14332] EXT4-fs (loop4): dirty_blocks=26
[  216.171075][T14332] EXT4-fs (loop4): Block reservation details
[  216.177427][T14332] EXT4-fs (loop4): i_reserved_data_blocks=26
[  216.530181][T13731] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  216.673577][T14359] loop2: detected capacity change from 0 to 7
[  217.003683][T14380] netlink: 'syz.8.3672': attribute type 10 has an invalid length.
[  217.045234][T14380] 8021q: adding VLAN 0 to HW filter on device team0
[  217.062832][T14384] loop2: detected capacity change from 0 to 7
[  217.087089][T14380] bond0: (slave team0): Enslaving as an active interface with an up link
[  217.100140][T14384]  loop2:
[  217.476330][T14402] loop8: detected capacity change from 0 to 32768
[  217.540023][T14402]  loop8: p1 p3 < >
[  217.599504][T14410] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3686'.
[  217.617708][T14410] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.629929][T14410] batadv0: mtu less than device minimum
[  217.641211][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.652443][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.663578][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.674467][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.678389][ T8001] udevd[8001]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  217.685709][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.696292][T12893] udevd[12893]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  217.705493][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.725845][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.736791][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.747799][T14410] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.772001][T14410] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.255993][T14427] loop9: detected capacity change from 0 to 2048
[  218.286394][T14427] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.412695][T14437] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3696'.
[  218.426207][T14426] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  218.458761][T14426] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 498 with error 28
[  218.476144][T14437] bridge_slave_1 (unregistering): left allmulticast mode
[  218.487176][T14426] EXT4-fs (loop9): This should not happen!! Data will be lost
[  218.487176][T14426] 
[  218.497877][T14437] bridge_slave_1 (unregistering): left promiscuous mode
[  218.505904][T14437] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.513236][T14426] EXT4-fs (loop9): Total free blocks count 0
[  218.519901][T14426] EXT4-fs (loop9): Free/Dirty block details
[  218.526037][T14426] EXT4-fs (loop9): free_blocks=4096
[  218.531844][T14426] EXT4-fs (loop9): dirty_blocks=512
[  218.547484][T14426] EXT4-fs (loop9): Block reservation details
[  218.554837][T14426] EXT4-fs (loop9): i_reserved_data_blocks=32
[  218.581722][T14440] syzkaller0: entered allmulticast mode
[  218.594206][T14439] syzkaller0: left allmulticast mode
[  218.628269][   T30] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 496 with error 28
[  218.665946][ T8579] EXT4-fs warning (device loop9): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  219.954980][   T28] kauditd_printk_skb: 42 callbacks suppressed
[  219.955067][   T28] audit: type=1400 audit(1776260124.340:1639): avc:  denied  { create } for  pid=14514 comm="syz.9.3715" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1
[  220.378850][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  220.386803][   T23] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  220.397253][T14537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.417816][T14537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.858462][T14547] loop9: detected capacity change from 0 to 512
[  220.865524][T14547] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  220.882075][T14547] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.3726: Invalid block bitmap block 0 in block_group 0
[  220.897681][T14547] loop9: lost filesystem error report for type 5 error -117
[  220.898200][T14547] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  220.899182][    C1] EXT4-fs (loop9): error count since last fsck: 1
[  220.906162][T14547] loop9: lost filesystem error report for type 5 error -117
[  220.914219][    C1] EXT4-fs (loop9): initial error at time 1776260125: ext4_read_block_bitmap_nowait:483
[  220.921056][T14547] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #11: comm syz.9.3726: attempt to clear invalid blocks 983261 len 1
[  220.927889][    C1] 
[  220.927898][    C1] EXT4-fs (loop9): last error at time 1776260125: ext4_mb_clear_bb:6685
[  220.938178][T14547] loop9: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  220.950933][    C1] 
[  220.964684][   T28] audit: type=1326 audit(1776260125.350:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  220.973396][T14547] EXT4-fs error (device loop9): __ext4_get_inode_loc:4799: comm syz.9.3726: Invalid inode table block 0 in block_group 0
[  221.009429][   T28] audit: type=1326 audit(1776260125.360:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.011037][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.033114][   T28] audit: type=1326 audit(1776260125.360:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.033701][T14547] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6293: Corrupt filesystem
[  221.040451][   T28] audit: type=1326 audit(1776260125.360:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.064408][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.073625][   T28] audit: type=1326 audit(1776260125.360:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.099393][T14547] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[  221.104548][   T28] audit: type=1326 audit(1776260125.360:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.160651][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.160803][T14547] EXT4-fs error (device loop9): __ext4_get_inode_loc:4799: comm syz.9.3726: Invalid inode table block 0 in block_group 0
[  221.161621][   T28] audit: type=1326 audit(1776260125.360:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113e4ec819 code=0x7ffc0000
[  221.168236][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.205649][T14547] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6293: Corrupt filesystem
[  221.222639][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.222853][T14547] EXT4-fs error (device loop9): ext4_truncate:4604: inode #11: comm syz.9.3726: mark_inode_dirty error
[  221.241439][T14547] loop9: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  221.241631][T14547] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[  221.260423][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.260803][T14547] EXT4-fs error (device loop9): __ext4_get_inode_loc:4799: comm syz.9.3726: Invalid inode table block 0 in block_group 0
[  221.281191][T14547] loop9: lost filesystem error report for type 5 error -117
[  221.281479][T14547] EXT4-fs (loop9): 1 truncate cleaned up
[  221.294899][T14547] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.347822][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.628300][T14444] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  221.696405][T14568] loop8: detected capacity change from 0 to 2048
[  221.723866][T14568] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.741297][T14572] syzkaller0: entered allmulticast mode
[  221.751158][T14570] syzkaller0: left allmulticast mode
[  221.840037][T14566] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  221.855208][T14566] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 498 with error 28
[  221.868110][T14566] EXT4-fs (loop8): This should not happen!! Data will be lost
[  221.868110][T14566] 
[  221.878026][T14566] EXT4-fs (loop8): Total free blocks count 0
[  221.884357][T14566] EXT4-fs (loop8): Free/Dirty block details
[  221.890424][T14566] EXT4-fs (loop8): free_blocks=4096
[  221.895692][T14566] EXT4-fs (loop8): dirty_blocks=512
[  221.901236][T14566] EXT4-fs (loop8): Block reservation details
[  221.907533][T14566] EXT4-fs (loop8): i_reserved_data_blocks=32
[  221.941441][   T39] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 496 with error 28
[  221.956904][ T7967] EXT4-fs warning (device loop8): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  222.458602][T14616] netlink: 'syz.2.3752': attribute type 29 has an invalid length.
[  222.484468][T14616] netlink: 'syz.2.3752': attribute type 29 has an invalid length.
[  222.512606][T14616] netlink: 500 bytes leftover after parsing attributes in process `syz.2.3752'.
[  223.276197][T14663] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3758'.
[  223.635874][T14687] loop4: detected capacity change from 0 to 512
[  224.017457][T14699] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3776'.
[  224.065865][T14699] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.104321][T14699] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.342279][T14709] loop8: detected capacity change from 0 to 128
[  224.454306][T14712] loop8: detected capacity change from 0 to 512
[  224.481880][T14712] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.520333][T14712] ext4 filesystem being mounted at /423/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.734345][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.965910][   T28] audit: type=1400 audit(1776260130.350:1647): avc:  denied  { create } for  pid=14758 comm="syz.4.3801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  226.112235][T14770] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3804'.
[  226.361850][T14788] loop4: detected capacity change from 0 to 512
[  226.405613][T14788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.421074][T14788] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.627393][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.673602][T14799] SELinux: failed to load policy
[  226.709805][T14801] netlink: 'syz.4.3817': attribute type 1 has an invalid length.
[  226.745155][T14801] netlink: 'syz.4.3817': attribute type 22 has an invalid length.
[  226.753766][T14805] loop2: detected capacity change from 0 to 128
[  226.765535][T14801] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.772792][T14801] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.813771][T14808] netlink: 136 bytes leftover after parsing attributes in process `syz.8.3821'.
[  226.829282][T14808] net_ratelimit: 10 callbacks suppressed
[  226.829298][T14808] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  227.974919][T14843] netlink: 'syz.2.3833': attribute type 1 has an invalid length.
[  228.007519][T14843] netlink: 'syz.2.3833': attribute type 22 has an invalid length.
[  228.622117][T14864] netlink: 'syz.4.3841': attribute type 1 has an invalid length.
[  228.665368][T14864] 8021q: adding VLAN 0 to HW filter on device bond1
[  228.772359][T14864] bond1: (slave veth0_to_bond): making interface the new active one
[  228.830510][T14864] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  229.229620][T14880] netlink: 'syz.8.3849': attribute type 1 has an invalid length.
[  229.305174][T14880] gretap2: entered allmulticast mode
[  229.344599][T14880] bond3: (slave gretap2): making interface the new active one
[  229.379959][T14880] bond3: (slave gretap2): Enslaving as an active interface with an up link
[  229.566169][T14888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3852'.
[  229.618000][T14888] bridge_slave_0 (unregistering): left allmulticast mode
[  229.652884][T14888] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.038751][   T28] audit: type=1400 audit(1776260134.420:1648): avc:  denied  { connect } for  pid=14895 comm="syz.8.3855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  230.081504][   T28] audit: type=1400 audit(1776260134.420:1649): avc:  denied  { read } for  pid=14895 comm="syz.8.3855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  230.120858][   T28] audit: type=1400 audit(1776260134.480:1650): avc:  denied  { ioctl } for  pid=14895 comm="syz.8.3855" path="socket:[42013]" dev="sockfs" ino=42013 ioctlcmd=0x891c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  230.166364][   T28] audit: type=1400 audit(1776260134.530:1651): avc:  denied  { write } for  pid=14895 comm="syz.8.3855" path="socket:[42014]" dev="sockfs" ino=42014 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  230.293177][   T28] audit: type=1326 audit(1776260134.680:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14901 comm="syz.8.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  230.339010][   T28] audit: type=1326 audit(1776260134.680:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14901 comm="syz.8.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  230.399404][   T28] audit: type=1326 audit(1776260134.680:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14901 comm="syz.8.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  230.453822][   T28] audit: type=1326 audit(1776260134.680:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14901 comm="syz.8.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  230.845509][   T28] audit: type=1400 audit(1776260135.230:1656): avc:  denied  { ioctl } for  pid=14929 comm="syz.4.3869" path="socket:[41143]" dev="sockfs" ino=41143 ioctlcmd=0x583f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  231.125046][T14848] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  231.268473][T14958] veth1_to_bond: entered allmulticast mode
[  231.278888][   T28] audit: type=1326 audit(1776260135.670:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14957 comm="syz.8.3878" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x0
[  231.330589][T14963] veth1_to_bond: left allmulticast mode
[  231.337375][T14962] loop2: detected capacity change from 0 to 512
[  231.353819][T14962] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[  231.377164][T14962] EXT4-fs warning (device loop2): ext4_enable_quotas:7263: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  231.394295][T14962] EXT4-fs (loop2): mount failed
[  231.727924][T14982] loop2: detected capacity change from 0 to 736
[  231.878586][T14986] loop9: detected capacity change from 0 to 256
[  231.927629][T14986] FAT-fs (loop9): Directory bread(block 64) failed
[  231.944124][T14986] FAT-fs (loop9): Directory bread(block 65) failed
[  231.968405][T14986] FAT-fs (loop9): Directory bread(block 66) failed
[  231.979249][T14986] FAT-fs (loop9): Directory bread(block 67) failed
[  231.990328][T14986] FAT-fs (loop9): Directory bread(block 68) failed
[  232.001911][T14986] FAT-fs (loop9): Directory bread(block 69) failed
[  232.014759][T14986] FAT-fs (loop9): Directory bread(block 70) failed
[  232.028603][T14986] FAT-fs (loop9): Directory bread(block 71) failed
[  232.037416][T14986] FAT-fs (loop9): Directory bread(block 72) failed
[  232.046630][T14986] FAT-fs (loop9): Directory bread(block 73) failed
[  232.064367][T14986] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=33397 sclass=netlink_route_socket pid=14986 comm=syz.9.3889
[  232.387583][T15003] SELinux: failed to load policy
[  232.962981][T15014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.006292][T15014] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.219599][T15020] loop9: detected capacity change from 0 to 256
[  233.927286][T15051] ipip0: entered promiscuous mode
[  234.016203][T15060] loop4: detected capacity change from 0 to 128
[  234.045634][T15060] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  234.157022][   T49] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  235.095653][T15133] loop8: detected capacity change from 0 to 512
[  237.288182][T10439] Bluetooth: hci0: Frame reassembly failed (-84)
[  237.406256][   T28] audit: type=1326 audit(1776260141.790:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.437582][   T28] audit: type=1326 audit(1776260141.790:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.468904][   T28] audit: type=1326 audit(1776260141.790:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.499083][   T28] audit: type=1326 audit(1776260141.790:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.523714][   T28] audit: type=1326 audit(1776260141.820:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.547740][   T28] audit: type=1326 audit(1776260141.820:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.594287][   T28] audit: type=1326 audit(1776260141.820:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.619422][   T28] audit: type=1326 audit(1776260141.820:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.643390][   T28] audit: type=1326 audit(1776260141.820:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  237.667556][   T28] audit: type=1326 audit(1776260141.820:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15163 comm="syz.8.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f937759c819 code=0x7ffc0000
[  238.174613][T15178] hsr0: entered promiscuous mode
[  238.180409][T15178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3948'.
[  238.195527][T15178] hsr_slave_0: left promiscuous mode
[  238.201434][T15178] hsr_slave_1: left promiscuous mode
[  238.219437][T15178] hsr0 (unregistering): left promiscuous mode
[  238.252597][T15185] loop8: detected capacity change from 0 to 8192
[  238.316558][T15185]  loop8: p1 < > p2 p3 p4 < p5 >
[  238.322128][T15185] loop8: partition table partially beyond EOD, truncated
[  238.330046][T15185] loop8: p1 start 530432 is beyond EOD, truncated
[  238.338128][T15185] loop8: p2 size 117440774 extends beyond EOD, truncated
[  238.352180][T15185] loop8: p3 start 655105 is beyond EOD, truncated
[  238.359441][T15185] loop8: p5 size 117440774 extends beyond EOD, truncated
[  238.385747][ T8001] udevd[8001]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[  238.397103][T12893] udevd[12893]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  238.408278][ T9841] udevd[9841]: inotify_add_watch(7, /dev/loop8p5, 10) failed: No such file or directory
[  238.410294][T15195] loop9: detected capacity change from 0 to 4096
[  238.439025][T15195] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.514806][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.635868][T15217] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3954'.
[  239.289196][ T4997] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  239.295319][ T3483] Bluetooth: hci0: command 0x1003 tx timeout
[  239.996497][T15245] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3965'.
[  240.168669][T15261] bond_slave_0: Caught tx_queue_len zero misconfig
[  240.647318][T15303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4000'.
[  240.676555][T15303] team1: entered promiscuous mode
[  240.681969][T15303] team1: entered allmulticast mode
[  240.687463][T15303] 8021q: adding VLAN 0 to HW filter on device team1
[  241.198764][T15180] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  241.444637][T15334] netlink: 'syz.4.4005': attribute type 21 has an invalid length.
[  241.523591][T15344] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4010'.
[  241.571129][T15348] ref_ctr_offset mismatch. inode: 0x78a offset: 0x0 ref_ctr_offset(old): 0x14 ref_ctr_offset(new): 0x0
[  242.009312][T15368] netlink: 140 bytes leftover after parsing attributes in process `syz.4.4022'.
[  242.606935][   T28] kauditd_printk_skb: 27 callbacks suppressed
[  242.606951][   T28] audit: type=1400 audit(1776260146.990:1695): avc:  denied  { name_bind } for  pid=15385 comm="syz.1.4030" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  243.291575][T15428] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4047'.
[  243.305654][   T28] audit: type=1326 audit(1776260147.690:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.354371][T15428] 8021q: adding VLAN 0 to HW filter on device bond5
[  243.363764][   T28] audit: type=1326 audit(1776260147.690:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.400170][T15434] bond5: option ad_select: unable to set because the bond device is up
[  243.409254][   T28] audit: type=1326 audit(1776260147.690:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.433450][   T28] audit: type=1326 audit(1776260147.690:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.462955][   T28] audit: type=1326 audit(1776260147.760:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.487904][   T28] audit: type=1326 audit(1776260147.780:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.512703][   T28] audit: type=1326 audit(1776260147.820:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.531040][T15430] loop9: detected capacity change from 0 to 1024
[  243.577228][   T28] audit: type=1326 audit(1776260147.820:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.579697][T15430] EXT4-fs: Ignoring removed nobh option
[  243.619517][   T28] audit: type=1326 audit(1776260147.850:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15429 comm="syz.9.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd4db46c819 code=0x7ffc0000
[  243.660501][T15430] EXT4-fs: Ignoring removed nomblk_io_submit option
[  243.695085][T15445] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4054'.
[  243.706586][T15445] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4054'.
[  243.727915][T15430] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.846179][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.283558][T15697] sctp: [Deprecated]: syz.4.4118 (pid 15697) Use of int in maxseg socket option.
[  247.283558][T15697] Use struct sctp_assoc_value instead
[  247.288881][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4119'.
[  247.322010][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4119'.
[  247.368398][T15700] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4120'.
[  247.422756][T15704] netlink: 56 bytes leftover after parsing attributes in process `syz.8.4122'.
[  247.446327][T15704] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4122'.
[  247.671499][T15724] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4130'.
[  247.786643][T15726] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  247.802582][T15726] SELinux: failed to load policy
[  247.858651][   T28] kauditd_printk_skb: 67 callbacks suppressed
[  247.858744][   T28] audit: type=1400 audit(1776260152.240:1772): avc:  denied  { write } for  pid=15743 comm="syz.8.4138" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  247.888931][T15745] random: crng reseeded on system resumption
[  247.954647][T15744] loop4: detected capacity change from 0 to 512
[  247.976142][T12893] udevd[12893]: incorrect ext4 checksum on /dev/loop4
[  248.035740][T15749] loop2: detected capacity change from 0 to 128
[  248.389697][T15781] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4153'.
[  248.416467][T15785] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4155'.
[  248.770220][T15809] loop4: detected capacity change from 0 to 512
[  248.790105][T15809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.056305][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.095270][T15835] loop4: detected capacity change from 0 to 1024
[  249.121466][T15835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.209439][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.296959][   T28] audit: type=1400 audit(1776260153.680:1773): avc:  denied  { relabelfrom } for  pid=15847 comm="syz.9.4180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  249.317698][   T28] audit: type=1400 audit(1776260153.700:1774): avc:  denied  { relabelto } for  pid=15847 comm="syz.9.4180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  249.353371][   T28] audit: type=1400 audit(1776260153.740:1775): avc:  denied  { write } for  pid=15849 comm="syz.4.4181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  249.362467][T15849] delete_channel: no stack
[  249.630976][T15863] loop8: detected capacity change from 0 to 512
[  249.641822][T15863] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.657647][T15863] ext4 filesystem being mounted at /513/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  249.846856][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.257004][T15919] netlink: 44 bytes leftover after parsing attributes in process `syz.8.4207'.
[  250.283788][T15922] dummy0: entered promiscuous mode
[  250.407916][   T28] audit: type=1400 audit(1776260154.730:1776): avc:  denied  { read write } for  pid=15926 comm="syz.2.4210" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  250.434040][T15922] dummy0: left promiscuous mode
[  250.441803][   T28] audit: type=1400 audit(1776260154.730:1777): avc:  denied  { open } for  pid=15926 comm="syz.2.4210" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  250.920405][T15954] loop8: detected capacity change from 0 to 32768
[  250.930521][T15983] tipc: Started in network mode
[  250.939348][T15983] tipc: Node identity ac14142f, cluster identity 4711
[  250.946644][T15983] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  250.992203][T15989] loop4: detected capacity change from 0 to 512
[  251.000449][T15989] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.008293][T15989] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  251.026708][T15989] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.4234: iget: bad i_size value: -3863736636562997238
[  251.040307][T15989] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  251.040535][T15989] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.4234: couldn't read orphan inode 15 (err -117)
[  251.049724][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  251.049742][    C1] EXT4-fs (loop4): initial error at time 1776260155: ext4_orphan_get:1397: inode 15
[  251.049773][    C1] EXT4-fs (loop4): last error at time 1776260155: ext4_orphan_get:1397: inode 15
[  251.087037][T15989] loop4: lost filesystem error report for type 5 error -117
[  251.088039][T15989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.125387][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.172664][T15998] loop4: detected capacity change from 0 to 1024
[  251.190895][T15998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  251.209832][T15998] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.225619][T16003] loop9: detected capacity change from 0 to 512
[  251.242432][T16003] FAT-fs (loop9): Directory bread(block 199916) failed
[  251.253246][T16003] FAT-fs (loop9): Directory bread(block 199917) failed
[  251.254974][T15998] EXT4-fs error (device loop4): ext4_map_blocks:833: inode #15: comm syz.4.4237: lblock 0 mapped to illegal pblock 0 (length 1)
[  251.260302][   T28] audit: type=1400 audit(1776260155.640:1778): avc:  denied  { lock } for  pid=15996 comm="syz.4.4237" path="/164/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  251.274540][T16003] FAT-fs (loop9): Directory bread(block 199918) failed
[  251.309393][T16003] FAT-fs (loop9): Directory bread(block 199919) failed
[  251.310107][T15998] EXT4-fs (loop4): Remounting filesystem read-only
[  251.318591][T16003] FAT-fs (loop9): Directory bread(block 199920) failed
[  251.332250][T16003] FAT-fs (loop9): Directory bread(block 199921) failed
[  251.341270][T16003] FAT-fs (loop9): Directory bread(block 199922) failed
[  251.349075][T13731] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  251.349849][T16003] FAT-fs (loop9): Directory bread(block 199923) failed
[  251.402862][T16003] FAT-fs (loop9): Directory bread(block 199916) failed
[  251.410266][T16003] FAT-fs (loop9): Directory bread(block 199917) failed
[  251.543152][   T28] audit: type=1400 audit(1776260155.930:1779): avc:  denied  { watch watch_reads } for  pid=16015 comm="syz.4.4246" path="/" dev="ramfs" ino=48298 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  251.673742][T10442] Bluetooth: hci0: Frame reassembly failed (-84)
[  251.683255][   T28] audit: type=1400 audit(1776260156.070:1780): avc:  denied  { ioctl } for  pid=16027 comm="syz.4.4251" path="socket:[49336]" dev="sockfs" ino=49336 ioctlcmd=0x48de scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  251.752472][T16039] loop9: detected capacity change from 0 to 512
[  251.767528][T16039] EXT4-fs error (device loop9): ext4_orphan_get:1397: inode #15: comm syz.9.4256: inode has both inline data and extents flags
[  251.793680][T16039] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  251.799171][    C1] EXT4-fs (loop9): error count since last fsck: 1
[  251.814962][    C1] EXT4-fs (loop9): initial error at time 1776260156: ext4_orphan_get:1397: inode 15
[  251.819442][T16039] EXT4-fs error (device loop9): ext4_orphan_get:1402: comm syz.9.4256: couldn't read orphan inode 15 (err -117)
[  251.824387][    C1] EXT4-fs (loop9): last error at time 1776260156: ext4_orphan_get:1397: inode 15
[  251.842636][T16042] syzkaller0: entered promiscuous mode
[  251.851523][T16039] loop9: lost filesystem error report for type 5 error -117
[  251.851628][T16042] syzkaller0: entered allmulticast mode
[  251.854056][T16039] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.934085][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.036011][T16061] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4264'.
[  252.084027][T16063] loop8: detected capacity change from 0 to 1024
[  252.099818][T16063] EXT4-fs: Ignoring removed i_version option
[  252.114266][T16063] EXT4-fs: Ignoring removed bh option
[  252.130252][T16063] ext4: Unknown parameter 'noacl'
[  252.226807][T16066] loop8: detected capacity change from 0 to 1024
[  252.243659][T16066] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.259131][T16066] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.308215][ T7967] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  252.478911][   T28] audit: type=1400 audit(1776260156.860:1781): avc:  denied  { append } for  pid=16079 comm="syz.2.4271" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  252.515585][T16080] vhci_hcd vhci_hcd.4: default hub control req: 2024 v0006 i0002 l0
[  252.652324][T16084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.732710][ T9466] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.744050][T16088] netlink: 'syz.8.4273': attribute type 1 has an invalid length.
[  252.856399][T16088] bond4: (slave geneve2): making interface the new active one
[  252.911162][T16088] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  252.920416][ T4782] netdevsim netdevsim8 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  252.929831][ T4782] netdevsim netdevsim8 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  252.938878][ T4782] netdevsim netdevsim8 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  252.948051][ T4782] netdevsim netdevsim8 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  253.248675][T16108] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  253.272146][T16108] EXT4-fs (loop9): orphan cleanup on readonly fs
[  253.288555][T16108] EXT4-fs error (device loop9): ext4_read_inode_bitmap:139: comm syz.9.4282: Invalid inode bitmap blk 4 in block_group 0
[  253.301409][T16108] loop9: lost filesystem error report for type 5 error -117
[  253.302176][T16108] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.347630][ T8579] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.612215][T16094] ==================================================================
[  253.620451][T16094] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  253.627578][T16094] 
[  253.629891][T16094] write to 0xffff88811b370224 of 4 bytes by task 16093 on cpu 0:
[  253.637698][T16094]  xas_set_mark+0x12b/0x140
[  253.642398][T16094]  __folio_start_writeback+0x17b/0x370
[  253.647871][T16094]  __mpage_writepages+0xdbd/0x1390
[  253.653176][T16094]  fat_writepages+0x26/0x30
[  253.657697][T16094]  do_writepages+0x1c6/0x310
[  253.662309][T16094]  file_write_and_wait_range+0x178/0x2f0
[  253.668180][T16094]  mmb_fsync_noflush+0x48/0x140
[  253.673096][T16094]  fat_file_fsync+0x98/0x110
[  253.677736][T16094]  vfs_fsync_range+0xc5/0xe0
[  253.682597][T16094]  generic_file_write_iter+0x1ba/0x310
[  253.688070][T16094]  iter_file_splice_write+0x6c4/0xa80
[  253.693909][T16094]  direct_splice_actor+0x156/0x2a0
[  253.699295][T16094]  splice_direct_to_actor+0x311/0x670
[  253.704712][T16094]  do_splice_direct+0x119/0x1a0
[  253.709793][T16094]  do_sendfile+0x382/0x650
[  253.714658][T16094]  __x64_sys_sendfile64+0x105/0x150
[  253.719958][T16094]  x64_sys_call+0x2dc4/0x3020
[  253.724653][T16094]  do_syscall_64+0x12c/0x3b0
[  253.729349][T16094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.730043][ T3483] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  253.735269][T16094] 
[  253.735277][T16094] read to 0xffff88811b370224 of 4 bytes by task 16094 on cpu 1:
[  253.741637][ T4997] Bluetooth: hci0: command 0x1003 tx timeout
[  253.743818][T16094]  xas_find_marked+0x5d7/0x620
[  253.751797][T16028] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[  253.757653][T16094]  filemap_get_folios_tag+0xfa/0x510
[  253.757693][T16094]  filemap_fdatawait_range+0x88/0x1e0
[  253.779721][T16094]  __writeback_single_inode+0xda/0x650
[  253.785291][T16094]  writeback_single_inode+0x16d/0x3f0
[  253.790861][T16094]  sync_inode_metadata+0x6e/0xa0
[  253.796182][T16094]  mmb_fsync_noflush+0xfa/0x140
[  253.801214][T16094]  fat_file_fsync+0x98/0x110
[  253.805890][T16094]  vfs_fsync_range+0xc5/0xe0
[  253.810574][T16094]  generic_file_write_iter+0x1ba/0x310
[  253.816126][T16094]  iter_file_splice_write+0x6c4/0xa80
[  253.821742][T16094]  direct_splice_actor+0x156/0x2a0
[  253.827393][T16094]  splice_direct_to_actor+0x311/0x670
[  253.832877][T16094]  do_splice_direct+0x119/0x1a0
[  253.837750][T16094]  do_sendfile+0x382/0x650
[  253.842267][T16094]  __x64_sys_sendfile64+0x105/0x150
[  253.847503][T16094]  x64_sys_call+0x2dc4/0x3020
[  253.852458][T16094]  do_syscall_64+0x12c/0x3b0
[  253.857079][T16094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.863002][T16094] 
[  253.865323][T16094] value changed: 0x0a000021 -> 0x04000021
[  253.871049][T16094] 
[  253.873372][T16094] Reported by Kernel Concurrency Sanitizer on:
[  253.879799][T16094] CPU: 1 UID: 0 PID: 16094 Comm: syz.2.4275 Not tainted syzkaller #0 PREEMPT(full) 
[  253.889876][T16094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  253.899948][T16094] ==================================================================