last executing test programs:

38.035788405s ago: executing program 3 (id=2192):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10, &(0x7f0000000400)=[{&(0x7f00000004c0)='\b', 0x1}, {&(0x7f0000000180)="96bc1480bb35", 0x6}, {0x0}, {&(0x7f0000000380)="a6", 0x1}], 0x4, &(0x7f0000000340)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x1}}], 0x18}, 0x24008004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_delete(0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000780)={'syztnl2\x00', &(0x7f00000008c0)={'syztnl2\x00', 0x0, 0x7, 0x700, 0xfffffff0, 0x6, {{0x5, 0x4, 0x1, 0x38, 0x14, 0x65, 0x0, 0xea, 0x2f, 0x0, @multicast2, @rand_addr=0x64010101}}}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000180)}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000440)={@broadcast, @dev, @val={@void, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x68, 0x0, 0xfe, 0x1, 0x0, @private=0xa010101, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, @private, @local}}}}}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vlan1\x00'})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

36.849525612s ago: executing program 3 (id=2201):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
brk(0x200000001000)

36.479291417s ago: executing program 3 (id=2206):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4f9", 0x3)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000002c0)='\x04\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000940)="ad", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='t`\x16{\xf9\x8eE5\xf7\xbbE\xc94I\xb4\xbap\xc7\x13\x0f\xa8\x8c.\xc8\xe5\xbc\xbeQ#\v$z\x7f:\xe5J\xad\xf1\xdc\x8dE\x90\xf8\x01\x1f\xdd\xa6!\xf0\x1a\x9b\'\x8a\x83Y\x8d\x01\xf8\xda$\x93\xbb|\x00', &(0x7f0000000a80)='U&~=\xd8G\x93\x14\xc9o\xaf\x8b\xd4-\xc5\x12\x8d\xc8\xf1\'\xcf\x92V\xceKg\x8b\xc3\x9e\xd6H\xad0`\xaf\x06\x00xOq\xb6H\x11', 0x0)
close(r0)

35.338555303s ago: executing program 3 (id=2208):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000080)={[{@noblock_validity}, {@jqfmt_vfsold}, {@jqfmt_vfsold}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x11080, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')

34.669584432s ago: executing program 3 (id=2214):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './bus\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

33.049864765s ago: executing program 3 (id=2232):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

32.71967039s ago: executing program 32 (id=2232):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

32.395556604s ago: executing program 4 (id=2241):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263d", 0x5b}, {0x0}, {0x0}], 0x3}}, {{0x0, 0x0, 0x0}}], 0x2, 0xc0)

32.195464797s ago: executing program 4 (id=2242):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './bus\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

31.082854113s ago: executing program 4 (id=2247):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r1, 0x50487, 0x8044}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}]}}}]}, 0x3c}}, 0x20008884)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {}, {0x5, 0xf}}}, 0x24}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

30.763634027s ago: executing program 4 (id=2251):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000080)={[{@noblock_validity}, {@jqfmt_vfsold}, {@jqfmt_vfsold}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x11080, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
pivot_root(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')

30.531436201s ago: executing program 4 (id=2253):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x1, r2, 0x1, 0x7}, 0x14)

29.630005453s ago: executing program 0 (id=2258):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000880)=ANY=[@ANYRES32=r0, @ANYRES64=0x0, @ANYRES64=<r1=>r0, @ANYBLOB, @ANYRESHEX=r0, @ANYRES64=<r2=>r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYRES8=r1], 0x34)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYRESDEC=r2], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="3736775c1ed47cf4ffd6d68e802c89fee02ea7d29679e678bf0bd92ed4db110ceb4dc627ed58df6796f6faf999", @ANYRES32=0x0, @ANYRES64=0x0, @ANYRES16=r3], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000380)='kfree\x00', r6}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000851000000300000018000000000000000000000001000000950000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, 0x0, 0x0, r4)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(r4)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
connect$unix(0xffffffffffffffff, &(0x7f0000000dc0)=@file={0x1, './file0/file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000400), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

29.503276325s ago: executing program 4 (id=2259):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @private=0xa010100}, 0x1, 0x0, 0x2}}, 0x2e)

29.13957712s ago: executing program 33 (id=2259):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @private=0xa010100}, 0x1, 0x0, 0x2}}, 0x2e)

28.995309072s ago: executing program 0 (id=2263):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000040)=ANY=[@ANYBLOB="911017000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc904800000b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44014)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008010}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xc}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000005c0)={'ip6_vti0\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x4, 0x4, 0x1, 0xf, 0x0, @empty, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x700, 0x40, 0x8, 0x2}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000680)={'ip6tnl0\x00', &(0x7f0000000600)={'syztnl2\x00', 0x0, 0x4, 0x6, 0x80, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x2f}, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x700, 0x8000, 0x4, 0x2e}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000007c0)={'ip6gre0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2f, 0x69, 0x8, 0x2, 0x75, @remote, @remote, 0x7f60, 0x10, 0x200, 0x8}})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000800), &(0x7f0000000840)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000008c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000009c0)={'syztnl2\x00', &(0x7f0000000900)={'gre0\x00', 0x0, 0x700, 0x8000, 0xbf1, 0x0, {{0x19, 0x4, 0x1, 0x2, 0x64, 0x65, 0x0, 0x5, 0x29, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x30}, {[@timestamp_prespec={0x44, 0x2c, 0xa, 0x3, 0x3, [{@remote, 0x8}, {@loopback, 0x80000001}, {@broadcast, 0x6}, {@private=0xa010100, 0x800}, {@multicast1, 0x7}]}, @cipso={0x86, 0x21, 0x3, [{0x0, 0xb, "51815c74bace341e81"}, {0x6, 0x10, "3eb12118462d62d7a5706422c50b"}]}]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000a00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000a40)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000dc0))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000e80)={'ip6tnl0\x00', &(0x7f0000000e00)={'syztnl2\x00', 0x0, 0x29, 0x7, 0x5, 0x81, 0x32, @rand_addr=' \x01\x00', @empty, 0x700, 0x700, 0x10, 0x6}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000fc0)={'syztnl2\x00', &(0x7f0000000ec0)={'syztnl2\x00', 0x0, 0x20, 0x8, 0x8715, 0x7, {{0x29, 0x4, 0x0, 0x2, 0xa4, 0x67, 0x0, 0x3, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@lsrr={0x83, 0x7, 0x8e, [@multicast2]}, @timestamp_addr={0x44, 0x4, 0x12, 0x1, 0xe}, @cipso={0x86, 0x61, 0xffffffffffffffff, [{0x6, 0x8, "6de5a8d34acd"}, {0x5, 0xb, "02e7d62625d28c2c50"}, {0x2, 0x10, "c7abb1f003c8e970b10b99d23949"}, {0x7, 0x11, "079acec80f16e504d39eb1ce5a5715"}, {0x6, 0xa, "3e03009a7141c867"}, {0x2, 0x6, "e797ce80"}, {0x6, 0x12, "3e68067946af33dd2e50f12ac7496127"}, {0x0, 0x5, "c43dcb"}]}, @timestamp_addr={0x44, 0x24, 0x16, 0x1, 0x0, [{@multicast1, 0x76}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x48}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, {@empty, 0xff}]}]}}}}})
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)

26.167095012s ago: executing program 0 (id=2269):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xfffffe10, 0x0, 0x0, 0x0, r1}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0xb8, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0xa4, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x5c, 0x3, 0x0, 0x0, {{0x9}, {0x4}, {0x2f, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xb8}}, 0x0)

25.660911049s ago: executing program 0 (id=2275):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000080)={[{@noblock_validity}, {@jqfmt_vfsold}, {@jqfmt_vfsold}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x11080, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')

25.194888246s ago: executing program 0 (id=2280):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000001f)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}})

23.574086189s ago: executing program 0 (id=2288):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000080)={[{@noblock_validity}, {@jqfmt_vfsold}, {@jqfmt_vfsold}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x11080, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')

23.229970093s ago: executing program 34 (id=2288):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000080)={[{@noblock_validity}, {@jqfmt_vfsold}, {@jqfmt_vfsold}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x11080, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')

4.571964666s ago: executing program 5 (id=2422):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

4.28394235s ago: executing program 6 (id=2425):
getdents(0xffffffffffffffff, 0x0, 0xd914ab22e0847df)

4.095799503s ago: executing program 6 (id=2429):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0xffff20c6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
close(r0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0xc, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x13)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x284}, 0x1, 0x0, 0x0, 0x4800}, 0x4004001)

4.061172433s ago: executing program 5 (id=2430):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)

3.882846996s ago: executing program 6 (id=2434):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './bus\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

3.864077366s ago: executing program 1 (id=2435):
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x94173000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x1000}, 0x18)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r2, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

3.683559179s ago: executing program 5 (id=2438):
ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8907, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
read$ptp(0xffffffffffffffff, &(0x7f0000000280)=""/176, 0xb0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

3.407684252s ago: executing program 2 (id=2441):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

2.714897722s ago: executing program 6 (id=2443):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000140)={0xe021, 0x1, [{0x1, 0x1}]})

2.387727537s ago: executing program 6 (id=2447):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r0)
getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000305ff810000fddbdf2500000000", @ANYRES32=r1, @ANYRES32=r1], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)

2.385105677s ago: executing program 5 (id=2448):
sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, 0x0, 0x40)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)

2.335223887s ago: executing program 2 (id=2449):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
inotify_init1(0x80000)

2.227644989s ago: executing program 6 (id=2451):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=@newtaction={0xf0, 0x30, 0x1, 0x2, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2, 0x0, 0x446, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffd}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x401, 0x1, 0x0, {0x0, 0x0, 0x0, 0x401}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000)

2.095468061s ago: executing program 5 (id=2453):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './bus\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

2.095110191s ago: executing program 2 (id=2454):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x0, 0x55f, &(0x7f0000001040)="$eJzs3V1rHNUbAPBnNknf//+mUAoKSqAXVmo3TeJLBcF6KVos6H1dkmko2XRLdlOaWGh7YW+8kSKIWBA/gPdeFr+An6KghSIl6IU3K7OZTbfNbpKmGzd1fj+Y9pyZ2Zx59sxz9szOLhtAYY1l/5QiXoqIr5OIwx3bhiPfOLa638qj69PZkkSz+ekfSST5uvb+Sf7/weRx5ZcvI06W1rdbX1qeq1Sr6UJeH2/MXxmvLy2fujRfmU1n08uTU1Nn3pqafPedt/sW6+vn//ruk3sfnvnq+Mq3Pz04cieJs3Eo39YZx3O42VkZi7H8aRiJs0/tONGHxnaTZNAHwLYM5Xk+EtkYcDiG8qwH/vtuREQTKKhE/kNBtecB7Wv7Pl0HvzAefrB6AbQ+/uHV90ZiX+va6MBK8sSVUXa9O9qH9rM2fv797p1siU3eh7jRh/YA2m7eiojTw8Prx78kH/+273TrzeONPd1G0V5/YJDuZfOfN7rNf0pr85/oMv852CV3t2Pz/C896EMzPWXzv/e6zn/Xhq7Robz2v9acbyS5eKmano6I/0fEiRjZm9U3up9zZuV+s9e2zvlftmTtt+eC+XE8GN775GNmKo3K88Tc6eGtiJe7zn+Ttf5PuvR/9nyc32Ibx9K7r/batnn8O6v5Y8RrXfv/8R2tZOP7k+Ot82G8fVas9+ftY7/2an/Q8Wf9f2Dj+EeTzvu19Wdv44d9f6e9tm33/N+TfNYq78nXXas0GgsTEXuSj9evn3z82Ha9vX8W/4njG49/3c7//RHx+Rbjv330ds9dB97/zSRmnqn/n71w/6Mvvu/V/tb6/81W6US+Zivj31YP8HmeOwAAAAAAANhtShFxKJJSea1cKpXLq5/vOBoHStVavXHyYm3x8ky0vis7GiOl/E73K9HxeYiJ/POw7frkU/WpiDgSEd8M7W/Vy9O16syggwcAAAAAAAAAAAAAAAAAAIBd4mCP7/9nfhsa9NEBO85PfkNxbZr//filJ2BX8voPxSX/objkPxSX/Ifikv9QXPIfikv+Q3HJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOir8+fOZUtz5dH16aw+c3Vpca529dRMWp8rzy9Ol6drC1fKs7XabDUtT9fmN/t71VrtysRkLF4bb6T1xnh9afnCfG3xcuPCpfnKbHohHflXogIAAAAAAAAAAAAAAAAAAIAXS31pea5SraYLCj0L78euOIydDHDVth4+vFuiUOhrYcADEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0+CcAAP//PZ416Q==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000002c0), 0x0, 0x361, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000240)={{}, {}, [{0x2, 0x3}, {0x2, 0x6}, {0x2, 0x1}, {0x2, 0x3}], {}, [{}, {}], {0x10, 0x2}}, 0x54, 0x0)

1.766582115s ago: executing program 7 (id=2456):
r0 = socket(0x200000000000011, 0x2, 0x0)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {0x16}}}}}, 0x0)

1.703497696s ago: executing program 1 (id=2457):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000140)={0xe021, 0x1, [{0x1, 0x1}]})

1.053353096s ago: executing program 2 (id=2458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

987.480267ms ago: executing program 5 (id=2459):
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB], 0x48)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$TCSETSF(r1, 0x5404, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r2}, 0x10)
sendfile(r0, r0, 0x0, 0x800000009)

867.665858ms ago: executing program 7 (id=2460):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

867.221768ms ago: executing program 2 (id=2461):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x15, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f00000003c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4)

866.311008ms ago: executing program 1 (id=2462):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r0)
getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000305ff810000fddbdf2500000000", @ANYRES32=r1, @ANYRES32=r1], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)

723.43248ms ago: executing program 7 (id=2463):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2, 0x400000000000003, 0x20, 0x0, 0x12, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0x0, 0x100000000000000}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @rand_addr=0x64010100}}, @sadb_lifetime={0x4, 0x4, 0x0, 0xfffffffffffffffe}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @broadcast}}]}, 0x90}}, 0x0)

625.772571ms ago: executing program 2 (id=2464):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
fallocate(r3, 0x8, 0x4000, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004, @void, @value}, 0xfffffffffffffef9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x57d, &(0x7f0000000cc0)="$eJzs3c1rHOUfAPDvbF7aX9qfTaEUFZFAD1bUTZNoX8BDPYoWC3qvS7KG0k23JBtpYqHtwV68SBFELHjypnePxX/Av6KgxSIl6MFLZDazyab7km2ycbfu5wMTnmdmNs/z3XmeZ57ZmWUDGFgT6Z9cxAsR8WUScSQikmzbcGQbJzb2W3t8YzZdklhf//CPpLpfmq/9r9rrDmWZ5yPi588jXss1lru0snqlUCoVF7P8ZGXh2uTSyuoblxcK88X54tXpmZmzb81Mnztzumuxvnrxr28+uP/u2S9OrH3948Ojd5M4H4ezbfVx7MGt+sxETGTvyUicf2LHqS4U1k+SXleAXRnK+vlIpGPAkRjKej3w33czItaBAZXo/zCgavOA2rV9l66DnxmP3tm4AGqMf3jjs5E4WL02GltLtl0Zpde7410oPy3jp9/u3U2X6N7nEAA7unU7Ik4NDzeOf0k2/u3eqQ72ebKM+vFv6+wE7If76fzn9Wbzn9zm/CeazH8ONem7u9Gu/2f1eNiFYlpK539vN53/bt60Gh/Kcv+vzvlGkk8ul4rp2PZcRJyMkQNpvt39nLNrD1qOZPXzv3RJy6/NBbN6PBw+sP01c4VKYS8x13t0O+LFpvPfZPP4J02Of/p+XOywjOPFey+32rZz/PtrLCJeaXr8t+5oJS3uT6aH5dyZ05PV9jBZaxWN/rxz/JdW5TfGPxpt47+5p3AbpMd/rH3840n9/dqlpy/ju4N/F1tt2xZ/dN7+R5OPqunRbN31QqWyOBUxmrzfuH5667W1fG3/NP6TJ9qPf9vaf11dPu4w/jvHfnipo/h70P7T+Oee6vjX3oCtNTslHrz32betyu9s/HuzmjqZrelk/OukXrtrzQAAAAAAANC/chFxOJJcfjOdy+XzG893HIuxXGl84/mPmIvqd2XHYyRXu9N9pO55iKnsedhafvqJ/ExEHI2Ir4b+V83nZ8uluV4HDwAAAAAAAAAAAAAAAAAAAH3iUIvv/6d+Hep17YB95ye/YXDt2P+78UtPQF9y/ofBpf/D4NL/YXDp/zC46vr/gV7WA/j3Of/D4NL/YXDp/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBVFy9cSJf1tcc3ZtP83Kcry+vZtvzC8mx+trx4LT9fLs+XivnZ8sJO/69ULl+bmo7l65OV4lJlcmll9dJCeflq5dLlhcJ88VJxZN8jAgAAAAAAAAAAAAAAAAAAgGfP0srqlUKpVFyUkNhVYrg/qrGRSJt03Zqbva5Pu8Tv3/dFNVolej0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWfwIAAP//iOAtLA==")
r7 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x369ac89f52bf2160}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="191d25bd7000ffdbdf256300000008000300", @ANYRES32, @ANYBLOB], 0x1c}}, 0x40)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000001240)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f00000008c0)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x10, 0x7e}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2000c841}, 0x4000000)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), r8)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000580)={&(0x7f0000000740)="be2d582b7d62fd539bfc98fb70c6a62e7f7803e4e1b5aee41641b18643066f5a159534295a04b6e3c956da725f144576b8fb075413ef5dfcd63832e6f0469a3747f62209cacc", &(0x7f00000002c0)=""/2, &(0x7f00000007c0)="071525742fbda97d85680ba69d4206fcf08edb83d747178b62a2f775e55b64a9e1a2079f0577f4a24fd3898f760f75f80194ade9fe63327734689d7741c0a197c8842415b4b1feafe5718971ecd62f8e37fc6fd6245afe22f9cda31cbeddb4820742b652879ec853f3f749ad2df983393b841cd0e5784a98883694a3b66997162175af86091e56f2d477face975a7e09b0c88242dc3f117484c636c0fd212d70571e326023a893b447ef7a8bc7ea245a74f8", &(0x7f0000000940)="5650d04281142a89dabcf8b6b9bf05d01a65a19755cd9a2ef7d73ec6474059d23a8ce240e0011490dde4bd25a154e406d5cc63558b2da7dda7440b8cf94c64a189910dce3b1bf2960de1642ffe39ab6b6fc009a4d09a4b69704ed4b865aa9a02bd7adf7a731187c029927bcdadfb9fed34d483150d410a956a141c054e5e3a7876dca2", 0x2, r0, 0x4}, 0x38)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), r8)

595.039652ms ago: executing program 1 (id=2465):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
getitimer(0x2, 0x0)

447.444454ms ago: executing program 7 (id=2466):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x8000000000}, 0x18)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/136, 0xfffffffffffffe05)

416.801374ms ago: executing program 1 (id=2467):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000200)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x6, 0x3a, '@', 0x3a, '\\', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)

238.197617ms ago: executing program 7 (id=2468):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000804}, 0x24040084)

763.88µs ago: executing program 1 (id=2469):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x15c}}, 0x4000080)

0s ago: executing program 7 (id=2470):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eeb1948bf42bc7fc2cb274849c9524154fa24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a8684853abf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000400000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f500000010000000000944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a808000000000000000562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844892f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727ba"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0])

kernel console output (not intermixed with test programs):

="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  381.860313][ T9489] loop3: detected capacity change from 0 to 512
[  381.876886][   T27] audit: type=1326 audit(1750013653.116:2494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  381.949237][ T9489] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  383.415982][ T9505] loop0: detected capacity change from 0 to 512
[  383.426059][ T9505] EXT4-fs: Ignoring removed mblk_io_submit option
[  383.432722][ T9505] EXT4-fs: Ignoring removed bh option
[  383.442249][ T9505] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  383.453968][ T9505] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  383.565339][ T9505] EXT4-fs (loop0): 1 truncate cleaned up
[  383.571232][ T9505] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  383.863304][ T9489] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  383.883547][ T9500] lo speed is unknown, defaulting to 1000
[  383.972011][ T9489] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  383.988006][ T9503] lo speed is unknown, defaulting to 1000
[  384.239127][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  384.317376][ T9517] loop4: detected capacity change from 0 to 164
[  384.342427][ T9518] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1786'.
[  384.354520][ T9517] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  384.518779][ T9525] loop4: detected capacity change from 0 to 128
[  384.560898][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  384.626401][ T9530] syz.4.1788: attempt to access beyond end of device
[  384.626401][ T9530] loop4: rw=2049, sector=977, nr_sectors = 64 limit=128
[  386.299496][ T9561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1799'.
[  386.487509][ T9569] loop3: detected capacity change from 0 to 512
[  386.491856][ T9571] loop0: detected capacity change from 0 to 128
[  386.536577][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  386.536594][   T27] audit: type=1800 audit(1750013658.816:2507): pid=9571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1803" name="bus" dev="loop0" ino=1048670 res=0 errno=0
[  386.542135][   T27] audit: type=1326 audit(1750013658.826:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.544193][   T27] audit: type=1326 audit(1750013658.826:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.544238][   T27] audit: type=1326 audit(1750013658.826:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.544276][   T27] audit: type=1326 audit(1750013658.826:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.544363][   T27] audit: type=1326 audit(1750013658.826:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.545272][   T27] audit: type=1326 audit(1750013658.826:2513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.545315][   T27] audit: type=1326 audit(1750013658.826:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.545351][   T27] audit: type=1326 audit(1750013658.826:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.547696][   T27] audit: type=1326 audit(1750013658.836:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.2.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  386.558623][ T9569] EXT4-fs (loop3): 1 orphan inode deleted
[  386.558657][ T9569] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  386.559407][ T9569] ext4 filesystem being mounted at /346/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.757639][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  386.760803][ T9577] syz.0.1803: attempt to access beyond end of device
[  386.760803][ T9577] loop0: rw=2049, sector=577, nr_sectors = 464 limit=128
[  387.020430][ T9581] device ip6gre1 entered promiscuous mode
[  387.098592][ T9584] program syz.3.1805 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.570151][ T9601] smc: net device bond0 erased user defined pnetid SYZ0
[  388.546751][ T9611] program syz.2.1817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  388.719749][ T9617] loop3: detected capacity change from 0 to 128
[  390.070263][ T9647] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  390.081022][ T9647] netlink: 'syz.3.1826': attribute type 27 has an invalid length.
[  390.090111][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1826'.
[  390.209964][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1826'.
[  391.356974][ T9663] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1832'.
[  391.412909][ T9665] program syz.2.1833 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  391.429390][ T9668] loop3: detected capacity change from 0 to 512
[  391.455216][ T9668] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  391.456736][ T9668] EXT4-fs (loop3): orphan cleanup on readonly fs
[  391.468707][ T9668] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.1834: corrupted inode contents
[  391.499196][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.499220][ T9668] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #16: comm syz.3.1834: mark_inode_dirty error
[  391.499549][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.499608][ T9668] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.1834: corrupted inode contents
[  391.499920][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.499936][ T9668] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1834: mark_inode_dirty error
[  391.500391][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.500451][ T9668] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.1834: corrupted inode contents
[  391.500795][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.500812][ T9668] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  391.501121][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.501148][ T9668] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.1834: corrupted inode contents
[  391.501458][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.501473][ T9668] EXT4-fs error (device loop3): ext4_truncate:4312: inode #16: comm syz.3.1834: mark_inode_dirty error
[  391.501768][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.501785][ T9668] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  391.502077][ T9668] EXT4-fs (loop3): Remounting filesystem read-only
[  391.502593][ T9668] EXT4-fs (loop3): 1 truncate cleaned up
[  391.504355][ T4557] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:12: Failed to release dquot type 1
[  391.504748][ T4557] EXT4-fs (loop3): Remounting filesystem read-only
[  391.504972][ T9668] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  391.557480][   T27] kauditd_printk_skb: 161 callbacks suppressed
[  391.557496][   T27] audit: type=1326 audit(1750013663.846:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb5d1858e7 code=0x7ffc0000
[  391.557540][   T27] audit: type=1326 audit(1750013663.846:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdb5d12ab19 code=0x7ffc0000
[  391.557577][   T27] audit: type=1326 audit(1750013663.846:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  391.564731][   T27] audit: type=1326 audit(1750013663.846:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb5d1858e7 code=0x7ffc0000
[  391.564778][   T27] audit: type=1326 audit(1750013663.846:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdb5d12ab19 code=0x7ffc0000
[  391.564813][   T27] audit: type=1326 audit(1750013663.846:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  391.576936][   T27] audit: type=1326 audit(1750013663.866:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb5d1858e7 code=0x7ffc0000
[  391.576984][   T27] audit: type=1326 audit(1750013663.866:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdb5d12ab19 code=0x7ffc0000
[  391.577023][   T27] audit: type=1326 audit(1750013663.866:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  391.584265][   T27] audit: type=1326 audit(1750013663.866:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9662 comm="syz.4.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb5d1858e7 code=0x7ffc0000
[  391.584821][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  391.623180][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1835'.
[  391.948149][ T9673] batman_adv: batadv0: Removing interface: batadv_slave_0
[  391.958786][ T9673] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.224332][ T9675] netlink: 'syz.3.1836': attribute type 13 has an invalid length.
[  392.243778][ T9681] loop0: detected capacity change from 0 to 128
[  393.142435][ T9687] syz.0.1838: attempt to access beyond end of device
[  393.142435][ T9687] loop0: rw=2049, sector=497, nr_sectors = 456 limit=128
[  393.566966][ T9705] program syz.2.1845 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  395.981233][ T9743] loop4: detected capacity change from 0 to 128
[  396.108794][ T9747] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1859'.
[  396.108885][ T9747] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1859'.
[  396.109185][ T9745] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1859'.
[  396.135334][ T9746] syz.4.1857: attempt to access beyond end of device
[  396.135334][ T9746] loop4: rw=2049, sector=897, nr_sectors = 144 limit=128
[  396.189298][ T9747] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  396.582477][ T9756] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1864'.
[  397.673410][ T9771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1870'.
[  397.686034][ T9766] loop4: detected capacity change from 0 to 8192
[  397.830765][   T27] kauditd_printk_skb: 241 callbacks suppressed
[  397.830784][   T27] audit: type=1326 audit(1750013670.116:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  397.880599][   T27] audit: type=1326 audit(1750013670.116:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  397.946177][ T9781] loop2: detected capacity change from 0 to 128
[  397.963273][ T9775] loop0: detected capacity change from 0 to 8192
[  397.976306][   T27] audit: type=1326 audit(1750013670.116:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  397.999943][ T9783] loop1: detected capacity change from 0 to 256
[  398.019488][   T27] audit: type=1326 audit(1750013670.116:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.091321][   T27] audit: type=1326 audit(1750013670.116:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.155871][ T9785] syz.2.1874: attempt to access beyond end of device
[  398.155871][ T9785] loop2: rw=2049, sector=657, nr_sectors = 384 limit=128
[  398.156092][   T27] audit: type=1326 audit(1750013670.116:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.200099][   T27] audit: type=1326 audit(1750013670.116:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.234797][   T27] audit: type=1326 audit(1750013670.126:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.258147][   T27] audit: type=1326 audit(1750013670.126:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  398.280901][   T27] audit: type=1326 audit(1750013670.126:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9764 comm="syz.4.1867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  400.474558][ T9830] loop3: detected capacity change from 0 to 128
[  400.625242][ T9837] netlink: '+}[@': attribute type 6 has an invalid length.
[  400.662020][ T9836] syz.3.1893: attempt to access beyond end of device
[  400.662020][ T9836] loop3: rw=2049, sector=737, nr_sectors = 304 limit=128
[  400.734550][ T9840] loop4: detected capacity change from 0 to 128
[  400.757435][ T9840] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  400.769126][ T9840] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  400.964710][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  401.273729][ T9860] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  401.273798][ T9860] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  401.273819][ T9860] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  402.499857][ T9875] loop1: detected capacity change from 0 to 128
[  402.677284][ T9878] syz.1.1911: attempt to access beyond end of device
[  402.677284][ T9878] loop1: rw=2049, sector=913, nr_sectors = 128 limit=128
[  402.699234][ T9880] loop2: detected capacity change from 0 to 256
[  402.713707][ T9880] FAT-fs (loop2): bogus logical sector size 2304
[  402.730836][ T9880] FAT-fs (loop2): Can't find a valid FAT filesystem
[  402.882502][ T9888] loop3: detected capacity change from 0 to 128
[  402.920423][ T9888] EXT4-fs: Ignoring removed oldalloc option
[  402.962395][ T9888] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  402.981924][ T9888] ext4 filesystem being mounted at /373/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  403.152720][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  403.238917][   T27] kauditd_printk_skb: 128 callbacks suppressed
[  403.238932][   T27] audit: type=1326 audit(1750013675.526:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.407031][   T27] audit: type=1326 audit(1750013675.556:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.481675][   T27] audit: type=1326 audit(1750013675.556:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.514922][ T9882] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  403.517027][   T27] audit: type=1326 audit(1750013675.566:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.546145][   T27] audit: type=1326 audit(1750013675.566:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.583048][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1925'.
[  403.668939][   T27] audit: type=1326 audit(1750013675.566:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  403.830377][   T27] audit: type=1326 audit(1750013675.566:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  404.305528][   T27] audit: type=1326 audit(1750013675.566:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  404.305577][   T27] audit: type=1326 audit(1750013675.566:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  404.305614][   T27] audit: type=1326 audit(1750013675.566:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  404.657374][ T9935] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1929'.
[  404.884814][ T9945] loop3: detected capacity change from 0 to 1024
[  404.885602][ T9945] EXT4-fs: Ignoring removed nomblk_io_submit option
[  404.886144][ T9945] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  404.925702][ T9945] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  404.991498][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  405.052015][ T9951] loop2: detected capacity change from 0 to 256
[  405.694591][ T9955] loop4: detected capacity change from 0 to 512
[  405.701951][ T9955] EXT4-fs: Ignoring removed mblk_io_submit option
[  405.702164][ T9955] EXT4-fs: Ignoring removed bh option
[  405.795502][ T9955] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  405.795531][ T9955] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  405.842370][ T9953] lo speed is unknown, defaulting to 1000
[  405.899096][ T9955] EXT4-fs (loop4): 1 truncate cleaned up
[  405.899129][ T9955] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  406.158925][ T9963] loop0: detected capacity change from 0 to 512
[  406.167789][ T9963] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  406.180430][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  406.209484][ T9963] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  406.247404][ T9963] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1938: invalid indirect mapped block 2683928664 (level 1)
[  406.247988][ T9963] EXT4-fs (loop0): Remounting filesystem read-only
[  406.248361][ T9963] EXT4-fs (loop0): 1 truncate cleaned up
[  406.248390][ T9963] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  406.366973][ T9968] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.1941'.
[  406.392806][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  406.568226][ T9974] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  406.599431][ T9974] netlink: 'syz.4.1944': attribute type 27 has an invalid length.
[  406.601723][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1944'.
[  406.763030][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1944'.
[  406.865405][ T9985] loop0: detected capacity change from 0 to 1024
[  406.866194][ T9985] EXT4-fs: Ignoring removed nomblk_io_submit option
[  406.869852][ T9985] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  406.889357][ T9985] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  407.030136][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1944'.
[  407.042853][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  407.235971][ T9993] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1950'.
[  407.599810][ T9999] loop1: detected capacity change from 0 to 128
[  407.702168][T10001] loop0: detected capacity change from 0 to 1024
[  407.718965][T10001] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  407.744881][ T9999] syz.1.1953: attempt to access beyond end of device
[  407.744881][ T9999] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  407.772928][T10001] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  407.821370][T10001] System zones: 0-1, 3-36
[  407.827252][T10001] EXT4-fs (loop0): orphan cleanup on readonly fs
[  407.853292][T10001] EXT4-fs (loop0): 1 orphan inode deleted
[  407.870037][T10001] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  407.884667][T10001] EXT4-fs (loop0): unmounting filesystem.
[  409.073716][T10017] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  409.107452][T10017] netlink: 'syz.0.1960': attribute type 27 has an invalid length.
[  409.175107][T10017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1960'.
[  409.278916][T10028] netlink: 'syz.1.1963': attribute type 4 has an invalid length.
[  409.306820][T10028] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1963'.
[  409.357421][T10017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1960'.
[  409.458948][T10031] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1966'.
[  409.478800][T10035] loop4: detected capacity change from 0 to 128
[  409.513073][T10031] device batadv1 entered promiscuous mode
[  409.701727][T10017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1960'.
[  410.642599][T10048] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1970'.
[  410.691318][T10050] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1972'.
[  410.728155][T10050] device vlan2 entered promiscuous mode
[  410.741356][T10050] device dummy0 entered promiscuous mode
[  412.375885][T10073] loop0: detected capacity change from 0 to 512
[  412.398840][T10073] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  412.622245][T10073] EXT4-fs (loop0): 1 orphan inode deleted
[  412.628330][T10073] EXT4-fs (loop0): 1 truncate cleaned up
[  412.634126][T10073] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  413.087938][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  414.368127][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1986'.
[  414.609017][T10102] netlink: 'syz.4.1989': attribute type 39 has an invalid length.
[  414.678931][T10104] lo speed is unknown, defaulting to 1000
[  415.004886][   T27] kauditd_printk_skb: 126 callbacks suppressed
[  415.004903][   T27] audit: type=1326 audit(1750013687.286:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.039776][   T27] audit: type=1326 audit(1750013687.286:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.067157][   T27] audit: type=1326 audit(1750013687.286:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.102512][   T27] audit: type=1326 audit(1750013687.286:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.210773][   T27] audit: type=1326 audit(1750013687.286:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.241557][   T27] audit: type=1326 audit(1750013687.286:3207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.269644][   T27] audit: type=1326 audit(1750013687.286:3208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.295350][   T27] audit: type=1326 audit(1750013687.286:3209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.492890][T10120] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  415.708936][   T27] audit: type=1326 audit(1750013687.306:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  415.941449][T10104] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1990'.
[  416.021180][   T27] audit: type=1326 audit(1750013687.306:3211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.4.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  416.278912][T10129] lo speed is unknown, defaulting to 1000
[  416.433649][T10134] IPVS: Error connecting to the multicast addr
[  416.624717][T10140] loop3: detected capacity change from 0 to 1024
[  416.644190][T10140] EXT4-fs: Ignoring removed nomblk_io_submit option
[  416.662904][T10140] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  416.704902][T10140] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  416.766225][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  417.158683][T10164] loop4: detected capacity change from 0 to 1024
[  417.170841][T10164] EXT4-fs: Ignoring removed nomblk_io_submit option
[  417.460536][T10164] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  417.640410][T10166] loop3: detected capacity change from 0 to 764
[  418.063158][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  418.164555][T10182] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  418.270318][T10186] loop1: detected capacity change from 0 to 256
[  418.277559][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2018'.
[  418.436812][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2018'.
[  418.454691][T10182] netlink: 'syz.0.2018': attribute type 27 has an invalid length.
[  418.479949][T10197] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2022'.
[  418.517801][T10197] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2022'.
[  418.791585][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2018'.
[  418.898923][T10207] loop2: detected capacity change from 0 to 512
[  418.922126][T10207] EXT4-fs: Ignoring removed bh option
[  418.947359][T10207] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  419.028732][T10207] EXT4-fs (loop2): 1 truncate cleaned up
[  419.046267][T10207] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  420.181646][T10220] loop1: detected capacity change from 0 to 512
[  420.287829][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  420.361715][T10220] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  420.392561][T10220] ext4 filesystem being mounted at /417/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.404975][   T27] kauditd_printk_skb: 63 callbacks suppressed
[  420.404992][   T27] audit: type=1326 audit(1750013692.696:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.4.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  420.453145][T10220] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  420.454263][   T27] audit: type=1326 audit(1750013692.706:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.486875][   T27] audit: type=1326 audit(1750013692.706:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.509855][   T27] audit: type=1326 audit(1750013692.706:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.532577][   T27] audit: type=1326 audit(1750013692.706:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.559093][T10229] batman_adv: batadv0: Adding interface: dummy0
[  420.582313][   T27] audit: type=1326 audit(1750013692.706:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.631201][T10229] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.673839][   T27] audit: type=1326 audit(1750013692.706:3281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.697237][   T27] audit: type=1326 audit(1750013692.706:3282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.720991][   T27] audit: type=1326 audit(1750013692.706:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.744407][T10229] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  420.761621][   T27] audit: type=1326 audit(1750013692.706:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10230 comm="syz.3.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  420.965532][T10239] lo speed is unknown, defaulting to 1000
[  421.293063][T10240] loop2: detected capacity change from 0 to 512
[  421.306169][T10240] EXT4-fs: Ignoring removed mblk_io_submit option
[  421.312838][T10240] EXT4-fs: Ignoring removed bh option
[  421.321208][T10240] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  421.332816][T10240] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  421.429935][T10240] EXT4-fs (loop2): 1 truncate cleaned up
[  421.435780][T10240] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  421.746652][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  421.795801][T10249] loop0: detected capacity change from 0 to 1024
[  421.803277][T10249] EXT4-fs: Ignoring removed nomblk_io_submit option
[  421.842216][T10249] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  421.875687][T10249] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  422.111575][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  422.963589][T10265] loop2: detected capacity change from 0 to 512
[  422.973545][T10265] EXT4-fs: Ignoring removed mblk_io_submit option
[  422.980282][T10265] EXT4-fs: Ignoring removed bh option
[  422.991766][T10265] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  423.003454][T10265] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  423.096377][T10265] EXT4-fs (loop2): 1 truncate cleaned up
[  423.102354][T10265] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  423.594110][T10269] loop3: detected capacity change from 0 to 512
[  423.664682][T10269] EXT4-fs: Ignoring removed orlov option
[  423.731015][T10263] lo speed is unknown, defaulting to 1000
[  423.855265][T10260] EXT4-fs (loop1): unmounting filesystem.
[  423.888053][T10269] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  423.915342][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  423.918366][T10269] EXT4-fs (loop3): orphan cleanup on readonly fs
[  423.934054][T10269] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2044: bg 0: block 248: padding at end of block bitmap is not set
[  424.015935][T10278] loop0: detected capacity change from 0 to 512
[  424.037326][T10269] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.2044: Failed to acquire dquot type 1
[  424.100799][T10278] EXT4-fs (loop0): 1 orphan inode deleted
[  424.106855][T10278] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  424.121070][ T4591] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:13: Failed to release dquot type 1
[  424.133188][T10278] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.176762][T10269] EXT4-fs (loop3): 1 truncate cleaned up
[  424.360899][T10269] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  424.380271][T10269] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  424.454314][T10269] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  424.470755][T10269] ext4 filesystem being remounted at /402/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  424.634951][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  424.912470][T10299] lo speed is unknown, defaulting to 1000
[  425.253014][T10300] loop2: detected capacity change from 0 to 512
[  425.262692][T10300] EXT4-fs: Ignoring removed mblk_io_submit option
[  425.269360][T10300] EXT4-fs: Ignoring removed bh option
[  425.278904][T10300] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  425.290504][T10300] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  425.425726][T10300] EXT4-fs (loop2): 1 truncate cleaned up
[  425.431715][T10300] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  425.498819][   T27] kauditd_printk_skb: 59 callbacks suppressed
[  425.498836][   T27] audit: type=1326 audit(1750013697.786:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10297 comm="syz.3.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  425.561544][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  425.596272][   T27] audit: type=1326 audit(1750013697.786:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10297 comm="syz.3.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64d1b8e929 code=0x7ffc0000
[  425.735716][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  426.218079][T10333] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  426.247071][T10333] netlink: 'syz.0.2063': attribute type 27 has an invalid length.
[  426.275544][T10333] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2063'.
[  427.629981][T10347] lo speed is unknown, defaulting to 1000
[  427.772956][T10346] loop4: detected capacity change from 0 to 512
[  427.782979][T10346] EXT4-fs: Ignoring removed mblk_io_submit option
[  427.789670][T10346] EXT4-fs: Ignoring removed bh option
[  427.858473][T10346] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  427.870203][T10346] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  427.957531][T10346] EXT4-fs (loop4): 1 truncate cleaned up
[  427.963865][T10346] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  428.406285][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  428.647378][   T27] audit: type=1326 audit(1750013700.936:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  428.746606][   T27] audit: type=1326 audit(1750013700.936:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  428.790901][T10369] loop4: detected capacity change from 0 to 128
[  428.807446][   T27] audit: type=1326 audit(1750013700.936:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  428.902988][T10373] loop2: detected capacity change from 0 to 256
[  428.933019][   T27] audit: type=1326 audit(1750013700.936:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  428.965465][   T27] audit: type=1326 audit(1750013700.936:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  428.974292][T10376] syz.4.2074: attempt to access beyond end of device
[  428.974292][T10376] loop4: rw=2049, sector=969, nr_sectors = 72 limit=128
[  429.047083][   T27] audit: type=1326 audit(1750013700.936:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  429.078244][T10380] netlink: 'syz.1.2079': attribute type 13 has an invalid length.
[  429.102978][   T27] audit: type=1326 audit(1750013700.936:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  429.142531][   T27] audit: type=1326 audit(1750013700.936:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10362 comm="syz.2.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  429.203753][T10380] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  429.223336][T10380] 8021q: adding VLAN 0 to HW filter on device bond0
[  429.262871][T10380] 8021q: adding VLAN 0 to HW filter on device team0
[  429.304148][T10380] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  429.709268][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x7
[  429.710465][T10400] loop2: detected capacity change from 0 to 512
[  429.721204][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.738969][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.748201][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.755762][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.768874][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.779377][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.789569][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.803507][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.821599][T10400] EXT4-fs (loop2): 1 orphan inode deleted
[  429.830973][T10400] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  429.831744][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.844014][T10400] ext4 filesystem being mounted at /430/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.863300][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.871096][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.878880][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.886928][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.894384][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.902146][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.909824][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.917510][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.924971][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.932662][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.940195][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.947822][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.955466][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.963173][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.970732][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.978377][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.985849][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  429.993484][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.001236][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.008872][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.016439][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.024609][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.032585][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.040570][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.049309][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.057425][ T4307] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.079385][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  430.085850][ T4307] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  431.554969][T10439] loop3: detected capacity change from 0 to 512
[  431.896718][T10439] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  432.017848][T10439] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.2106: invalid block
[  432.040727][T10439] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2106: invalid indirect mapped block 4294967295 (level 1)
[  432.065463][T10439] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2106: invalid indirect mapped block 4294967295 (level 1)
[  432.127470][T10439] EXT4-fs (loop3): 2 truncates cleaned up
[  432.133305][T10439] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  432.255517][T10458] program syz.0.2113 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  432.291292][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  432.312639][T10461] device netdevsim0 entered promiscuous mode
[  432.338314][T10461] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  432.355105][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  432.355121][   T27] audit: type=1326 audit(1750013704.636:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.456625][   T27] audit: type=1326 audit(1750013704.636:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.516544][   T27] audit: type=1326 audit(1750013704.676:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.548436][   T27] audit: type=1326 audit(1750013704.676:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.621693][   T27] audit: type=1326 audit(1750013704.676:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.707007][   T27] audit: type=1326 audit(1750013704.676:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.774900][   T27] audit: type=1326 audit(1750013704.676:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.823580][T10474] loop2: detected capacity change from 0 to 8192
[  432.830685][   T27] audit: type=1326 audit(1750013704.676:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.856213][   T27] audit: type=1326 audit(1750013704.676:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  432.879671][   T27] audit: type=1326 audit(1750013704.686:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  433.077482][T10489] lo speed is unknown, defaulting to 1000
[  433.796258][T10487] device wireguard0 entered promiscuous mode
[  434.182658][T10501] program syz.2.2128 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  434.204361][T10499] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  434.211961][T10499] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  434.250915][T10499] vhci_hcd vhci_hcd.0: Device attached
[  434.272228][T10504] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15)
[  434.278930][T10504] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  434.306086][T10508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2130'.
[  434.324680][T10509] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  434.344280][T10504] vhci_hcd vhci_hcd.0: Device attached
[  434.391611][T10499] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(19)
[  434.398302][T10499] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  434.431172][T10499] vhci_hcd vhci_hcd.0: Device attached
[  434.451044][   T14] vhci_hcd: vhci_device speed not set
[  434.474517][T10504] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(17)
[  434.481204][T10504] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  434.690892][   T14] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  434.732344][T10504] vhci_hcd vhci_hcd.0: Device attached
[  434.766660][T10499] vhci_hcd vhci_hcd.0: pdev(0) rhport(5) sockfd(21)
[  434.773452][T10499] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  435.636673][T10502] vhci_hcd: connection reset by peer
[  435.642197][T10505] vhci_hcd: connection closed
[  435.645258][T10510] vhci_hcd: connection closed
[  435.662806][T10516] vhci_hcd: connection closed
[  435.668271][ T4320] vhci_hcd: stop threads
[  435.678200][T10499] vhci_hcd vhci_hcd.0: Device attached
[  435.700175][T10512] vhci_hcd: connection closed
[  435.701659][ T4320] vhci_hcd: release socket
[  435.733718][ T4320] vhci_hcd: disconnect device
[  435.757018][ T4320] vhci_hcd: stop threads
[  435.761452][ T4320] vhci_hcd: release socket
[  435.771653][ T4320] vhci_hcd: disconnect device
[  435.786862][ T4320] vhci_hcd: stop threads
[  435.791200][ T4320] vhci_hcd: release socket
[  435.806100][ T4320] vhci_hcd: disconnect device
[  435.815971][ T4320] vhci_hcd: stop threads
[  435.828999][ T4320] vhci_hcd: release socket
[  435.894897][ T4320] vhci_hcd: disconnect device
[  435.909219][ T4320] vhci_hcd: stop threads
[  435.918094][ T4320] vhci_hcd: release socket
[  435.924542][ T4320] vhci_hcd: disconnect device
[  436.150754][T10535] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  436.163584][T10535] netlink: 'syz.3.2139': attribute type 27 has an invalid length.
[  436.185365][T10535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2139'.
[  436.353569][T10535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2139'.
[  436.632662][T10535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2139'.
[  436.973654][T10552] loop4: detected capacity change from 0 to 2048
[  437.045887][T10552] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  437.157140][ T4371] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  437.208836][ T4371] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 54 with error 28
[  437.247440][ T4371] EXT4-fs (loop4): This should not happen!! Data will be lost
[  437.247440][ T4371] 
[  437.274716][ T4371] EXT4-fs (loop4): Total free blocks count 0
[  437.292215][ T4371] EXT4-fs (loop4): Free/Dirty block details
[  437.309980][ T4371] EXT4-fs (loop4): free_blocks=2415919104
[  437.322565][ T4371] EXT4-fs (loop4): dirty_blocks=64
[  437.338352][ T4371] EXT4-fs (loop4): Block reservation details
[  437.355753][ T4371] EXT4-fs (loop4): i_reserved_data_blocks=4
[  437.434021][T10568] loop0: detected capacity change from 0 to 512
[  437.483118][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  437.499869][T10568] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  437.571248][T10568] EXT4-fs (loop0): 1 truncate cleaned up
[  437.597264][T10568] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  437.953794][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  438.759549][T10590] lo speed is unknown, defaulting to 1000
[  439.106202][T10605] loop0: detected capacity change from 0 to 512
[  439.120032][T10607] loop3: detected capacity change from 0 to 256
[  439.147627][T10605] EXT4-fs: Ignoring removed oldalloc option
[  439.183801][T10605] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.2162: Parent and EA inode have the same ino 15
[  439.207321][T10605] EXT4-fs (loop0): Remounting filesystem read-only
[  439.216377][T10605] EXT4-fs (loop0): 1 orphan inode deleted
[  439.246511][   T27] kauditd_printk_skb: 56 callbacks suppressed
[  439.246528][   T27] audit: type=1326 audit(1750013711.526:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.293868][T10605] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  439.425155][   T27] audit: type=1326 audit(1750013711.536:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.460575][   T27] audit: type=1326 audit(1750013711.536:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.483782][   T27] audit: type=1326 audit(1750013711.536:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.516165][   T27] audit: type=1326 audit(1750013711.536:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.745029][   T27] audit: type=1326 audit(1750013711.536:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  439.848409][   T14] vhci_hcd: vhci_device speed not set
[  440.160917][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.202618][   T27] audit: type=1326 audit(1750013711.536:3427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  440.225209][   T27] audit: type=1326 audit(1750013711.536:3428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  440.247744][   T27] audit: type=1326 audit(1750013711.536:3429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  440.270367][   T27] audit: type=1326 audit(1750013711.536:3430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10612 comm="syz.4.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  440.327978][T10622] program syz.3.2167 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  440.387103][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  441.330698][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2177'.
[  441.970115][T10651] loop3: detected capacity change from 0 to 128
[  442.172881][T10658] syz.3.2178: attempt to access beyond end of device
[  442.172881][T10658] loop3: rw=2049, sector=553, nr_sectors = 488 limit=128
[  442.253031][T10663] netlink: 'syz.4.2182': attribute type 21 has an invalid length.
[  442.733353][T10680] loop0: detected capacity change from 0 to 256
[  442.858606][T10683] loop4: detected capacity change from 0 to 2048
[  442.937695][T10683] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  443.830682][ T4253] EXT4-fs (loop4): unmounting filesystem.
[  443.903543][T10703] loop0: detected capacity change from 0 to 512
[  443.911011][T10703] EXT4-fs: Ignoring removed i_version option
[  443.927377][T10703] ext4: Unknown parameter 'seclabel'
[  444.335661][T10720] syz.0.2195[10720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.336156][T10720] syz.0.2195[10720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  445.605796][T10729] loop3: detected capacity change from 0 to 512
[  445.663189][T10730] loop2: detected capacity change from 0 to 512
[  445.681601][T10729] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  445.703544][T10730] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  445.738679][T10729] EXT4-fs (loop3): 1 truncate cleaned up
[  445.744430][T10729] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  445.818777][T10736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2211'.
[  445.854577][T10730] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  445.904915][T10730] ext4 filesystem being mounted at /453/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  446.066140][ T4261] EXT4-fs error (device loop3): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /428/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  446.104550][T10739] 9pnet_virtio: no channels available for device éq‰Y’3aK
[  446.209943][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.230746][ T4261] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  446.297701][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.311688][ T4261] EXT4-fs error (device loop3): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /428/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  446.376965][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.397220][ T4261] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  446.493627][T10747] xt_recent: hitcount (692) is larger than allowed maximum (255)
[  446.531198][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.588511][ T4261] EXT4-fs error (device loop3): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /428/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  446.634577][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.642776][ T4261] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  446.679930][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  446.694971][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.742748][ T4261] EXT4-fs error (device loop3): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /428/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  446.838408][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  446.864681][ T4261] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  446.946066][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  447.006069][ T4261] EXT4-fs error (device loop3): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /428/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  447.076994][ T4261] EXT4-fs (loop3): Remounting filesystem read-only
[  447.094287][ T4261] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  447.307213][T10770] netlink: 'syz.1.2226': attribute type 21 has an invalid length.
[  447.316682][T10770] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2226'.
[  447.325950][T10770] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2226'.
[  447.438747][T10772] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  447.702126][T10779] loop2: detected capacity change from 0 to 512
[  447.727673][T10779] EXT4-fs: Ignoring removed bh option
[  447.756978][T10779] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  447.812806][T10779] EXT4-fs (loop2): 1 truncate cleaned up
[  447.832900][T10779] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  447.855444][   T27] kauditd_printk_skb: 26 callbacks suppressed
[  447.855461][   T27] audit: type=1800 audit(1750013720.136:3457): pid=10779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2230" name="file1" dev="loop2" ino=15 res=0 errno=0
[  448.186401][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  448.231682][ T4371] tipc: Disabling bearer <udp:s >
[  448.269860][ T4371] tipc: Left network mode
[  448.515687][   T27] audit: type=1326 audit(1750013720.796:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.564602][   T27] audit: type=1326 audit(1750013720.796:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.682154][   T27] audit: type=1326 audit(1750013720.836:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.711016][   T27] audit: type=1326 audit(1750013720.836:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.775040][   T27] audit: type=1326 audit(1750013720.836:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.799129][   T27] audit: type=1326 audit(1750013720.836:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  448.822487][ T4259] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  448.840052][ T4259] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  448.999365][ T4259] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  449.016891][ T4259] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  449.074054][ T4259] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  449.085904][ T4259] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  449.446947][   T27] audit: type=1326 audit(1750013720.836:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  449.563977][   T27] audit: type=1326 audit(1750013720.836:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  449.589431][   T27] audit: type=1326 audit(1750013720.846:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10808 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb5d18e929 code=0x7ffc0000
[  449.611532][T10812] lo speed is unknown, defaulting to 1000
[  449.952114][T10834] loop4: detected capacity change from 0 to 512
[  449.972911][T10834] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  450.017950][T10834] EXT4-fs (loop4): 1 truncate cleaned up
[  450.023800][T10834] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  450.132882][T10812] chnl_net:caif_netlink_parms(): no params data found
[  450.139319][ T4253] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /452/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  450.167204][ T4371] IPVS: stopping backup sync thread 6963 ...
[  450.196319][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.229239][ T4253] EXT4-fs error (device loop4): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  450.255131][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.262550][ T4253] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /452/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  450.290613][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.298968][ T4253] EXT4-fs error (device loop4): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  450.327219][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.334178][ T4253] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /452/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  450.403942][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.428974][ T4253] EXT4-fs error (device loop4): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  450.496960][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.504039][ T4253] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /452/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  450.527068][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.533986][ T4253] EXT4-fs error (device loop4): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  450.554268][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.561427][ T4253] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /452/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  450.590316][ T4253] EXT4-fs (loop4): Remounting filesystem read-only
[  450.597253][ T4253] EXT4-fs error (device loop4): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  450.627524][T10812] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.634683][T10812] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.680941][T10847] 9p: Unknown Cache mode mmé
[  450.722242][T10812] device bridge_slave_0 entered promiscuous mode
[  450.964357][T10812] bridge0: port 2(bridge_slave_1) entered blocking state
[  450.976565][T10812] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.005195][T10812] device bridge_slave_1 entered promiscuous mode
[  451.051992][T10854] loop2: detected capacity change from 0 to 8192
[  451.141350][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  451.180852][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_1
[  451.189747][T10860] loop0: detected capacity change from 0 to 512
[  451.201239][ T4259] Bluetooth: hci4: command 0x0409 tx timeout
[  451.211871][ T4371] device bridge_slave_1 left promiscuous mode
[  451.224961][T10860] EXT4-fs: Ignoring removed nomblk_io_submit option
[  451.235261][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.247551][T10860] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  451.268013][ T4371] device bridge_slave_0 left promiscuous mode
[  451.277658][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.325453][T10860] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  451.370033][T10860] EXT4-fs (loop0): 1 truncate cleaned up
[  451.375797][T10860] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  451.536810][ T4371] team0 (unregistering): Port device geneve0 removed
[  451.641934][T10868] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  451.687061][ T4256] EXT4-fs (loop0): unmounting filesystem.
[  451.764239][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2262'.
[  451.966995][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2262'.
[  452.165976][ T4272] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  452.189229][ T4272] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  452.208420][ T4272] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  452.223200][ T4272] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  452.232341][ T4272] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  452.241524][ T4272] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  452.300718][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2262'.
[  452.575296][ T4371] team0 (unregistering): Port device team_slave_1 removed
[  452.691437][ T4371] team0 (unregistering): Port device team_slave_0 removed
[  452.773821][ T4371] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  452.857159][ T4371] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.286939][ T4272] Bluetooth: hci4: command 0x041b tx timeout
[  453.754365][ T4371] bond0 (unregistering): Released all slaves
[  453.822327][T10854] Set syz1 is full, maxelem 65536 reached
[  453.900285][T10869] netlink: 'syz.1.2262': attribute type 27 has an invalid length.
[  453.924780][T10882] loop2: detected capacity change from 0 to 512
[  453.931946][T10882] EXT4-fs: Ignoring removed i_version option
[  453.956785][T10882] EXT4-fs (loop2): orphan cleanup on readonly fs
[  453.980703][T10882] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.2264: bg 0: block 131: padding at end of block bitmap is not set
[  453.995891][T10882] EXT4-fs (loop2): Remounting filesystem read-only
[  454.002853][T10882] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  454.012687][T10882] EXT4-fs (loop2): Remounting filesystem read-only
[  454.019555][T10882] EXT4-fs (loop2): 1 truncate cleaned up
[  454.025343][T10882] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  454.093805][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  454.158091][T10873] netlink: 'syz.0.2263': attribute type 10 has an invalid length.
[  454.165998][T10873] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2263'.
[  454.207525][T10873] device team0 entered promiscuous mode
[  454.215728][T10873] device team_slave_0 entered promiscuous mode
[  454.222664][T10873] device team_slave_1 entered promiscuous mode
[  454.230340][T10873] 8021q: adding VLAN 0 to HW filter on device team0
[  454.251337][T10873] bridge0: port 4(team0) entered blocking state
[  454.258959][T10873] bridge0: port 4(team0) entered disabled state
[  454.269881][T10875] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2263'.
[  454.316663][ T4259] Bluetooth: hci0: command 0x0409 tx timeout
[  454.374995][T10875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.426180][T10812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  454.455924][T10812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  454.586618][T10896] loop0: detected capacity change from 0 to 128
[  454.602882][T10812] team0: Port device team_slave_0 added
[  454.637809][   T27] kauditd_printk_skb: 36 callbacks suppressed
[  454.637824][   T27] audit: type=1800 audit(1750013726.926:3503): pid=10896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2269" name="bus" dev="loop0" ino=1048687 res=0 errno=0
[  454.647429][T10812] team0: Port device team_slave_1 added
[  454.744116][T10897] syz.0.2269: attempt to access beyond end of device
[  454.744116][T10897] loop0: rw=2049, sector=929, nr_sectors = 112 limit=128
[  454.758421][   T27] audit: type=1326 audit(1750013727.026:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  454.790050][   T27] audit: type=1326 audit(1750013727.076:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  454.901641][   T27] audit: type=1326 audit(1750013727.076:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  454.936057][T10812] batman_adv: batadv0: Adding interface: batadv_slave_0
[  454.944341][T10812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  454.986419][   T27] audit: type=1326 audit(1750013727.076:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.012127][T10812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.012541][   T27] audit: type=1326 audit(1750013727.076:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.047845][   T27] audit: type=1326 audit(1750013727.076:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.072597][T10812] batman_adv: batadv0: Adding interface: batadv_slave_1
[  455.081102][   T27] audit: type=1326 audit(1750013727.076:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.102485][T10812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.148214][   T27] audit: type=1326 audit(1750013727.076:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.210580][T10812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  455.233306][   T27] audit: type=1326 audit(1750013727.076:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10898 comm="syz.1.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fb67818e929 code=0x7ffc0000
[  455.324022][T10911] loop0: detected capacity change from 0 to 512
[  455.351978][T10911] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  455.362025][ T4259] Bluetooth: hci4: command 0x040f tx timeout
[  455.371749][T10812] device hsr_slave_0 entered promiscuous mode
[  455.393586][T10812] device hsr_slave_1 entered promiscuous mode
[  455.401838][T10911] EXT4-fs (loop0): 1 truncate cleaned up
[  455.411660][T10911] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  455.412010][T10812] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  455.433770][T10812] Cannot create hsr debugfs directory
[  455.457839][T10878] chnl_net:caif_netlink_parms(): no params data found
[  455.474096][ T4256] EXT4-fs error (device loop0): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /441/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  455.541048][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  455.554860][ T4256] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  455.609834][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  455.632914][ T4256] EXT4-fs error (device loop0): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /441/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  455.660537][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  455.682408][ T4256] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  455.730120][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  455.737936][ T4256] EXT4-fs error (device loop0): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /441/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  455.843201][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  455.896855][ T4256] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  455.987814][T10878] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.995062][T10878] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.007193][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  456.017371][ T4256] EXT4-fs error (device loop0): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /441/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  456.043374][T10878] device bridge_slave_0 entered promiscuous mode
[  456.087463][T10878] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.096791][T10878] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.102494][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  456.105282][T10878] device bridge_slave_1 entered promiscuous mode
[  456.132731][ T4256] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  456.204047][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  456.234492][ T4256] EXT4-fs error (device loop0): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /441/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  456.287571][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[  456.300578][ T4256] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  456.302474][T10878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.369622][T10878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.396573][ T4272] Bluetooth: hci0: command 0x041b tx timeout
[  456.459004][T10812] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  456.495049][T10812] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  456.534938][T10812] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  456.552358][T10878] team0: Port device team_slave_0 added
[  456.559668][T10812] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  456.572619][T10878] team0: Port device team_slave_1 added
[  456.677131][T10878] batman_adv: batadv0: Adding interface: batadv_slave_0
[  456.684747][T10878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.713805][T10878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  456.753058][T10878] batman_adv: batadv0: Adding interface: batadv_slave_1
[  456.761835][T10878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.792274][T10878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  456.926175][T10878] device hsr_slave_0 entered promiscuous mode
[  456.933889][T10878] device hsr_slave_1 entered promiscuous mode
[  456.941154][T10878] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  456.948892][T10878] Cannot create hsr debugfs directory
[  457.025937][T10941] program syz.2.2287 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  457.042275][T10812] 8021q: adding VLAN 0 to HW filter on device bond0
[  457.121923][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  457.160103][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  457.188698][T10812] 8021q: adding VLAN 0 to HW filter on device team0
[  457.243898][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  457.278683][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  457.298191][ T4334] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.305354][ T4334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  457.327470][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  457.350291][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  457.367400][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  457.388615][ T4334] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.395792][ T4334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  457.436579][ T4272] Bluetooth: hci4: command 0x0419 tx timeout
[  457.492438][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  457.503451][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  457.518307][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  457.528188][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  457.548851][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  457.570194][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  457.588429][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  457.644161][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  457.657932][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  457.677212][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  457.693139][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  457.718560][T10812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  457.943671][T10878] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  457.979793][T10878] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  458.009456][T10878] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  458.031227][T10878] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  458.282236][ T4259] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  458.298520][ T4259] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  458.312886][ T4263] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  458.322882][ T4263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  458.330759][ T4263] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  458.338567][ T4263] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  458.476618][ T4263] Bluetooth: hci0: command 0x040f tx timeout
[  458.518579][T10878] 8021q: adding VLAN 0 to HW filter on device bond0
[  458.567679][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  458.575868][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  458.604293][T10878] 8021q: adding VLAN 0 to HW filter on device team0
[  458.697661][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  458.713861][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  458.724358][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.733024][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  458.744512][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  458.752373][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  458.788837][T10812] 8021q: adding VLAN 0 to HW filter on device batadv0
[  458.813635][T10961] loop2: detected capacity change from 0 to 1024
[  458.828161][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  458.843142][T10961] EXT4-fs: Ignoring removed nomblk_io_submit option
[  458.852576][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  458.863551][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  458.875922][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.883288][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  458.900963][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  458.912165][T10961] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  458.913583][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  458.954523][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  458.964568][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  459.053885][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  459.094964][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  459.109020][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  459.128750][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  459.194117][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  459.221151][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  459.234580][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  459.261229][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  459.278684][T10878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  459.725991][T10990] program syz.2.2297 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  459.803176][T10949] chnl_net:caif_netlink_parms(): no params data found
[  460.425761][ T4263] Bluetooth: hci3: command 0x0409 tx timeout
[  460.558255][ T4263] Bluetooth: hci0: command 0x0419 tx timeout
[  460.951191][T10812] device veth0_vlan entered promiscuous mode
[  460.964714][T10812] device veth1_vlan entered promiscuous mode
[  460.991833][T10812] device veth0_macvtap entered promiscuous mode
[  461.142721][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  461.163604][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  461.193901][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  461.209261][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  461.229826][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  461.256227][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  461.281643][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  461.296060][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  461.338760][T10812] device veth1_macvtap entered promiscuous mode
[  461.363185][T10878] 8021q: adding VLAN 0 to HW filter on device batadv0
[  461.500670][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  461.510629][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  461.519173][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  461.537538][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  461.555975][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  461.572681][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  461.604154][T10949] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.617135][T10949] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.638305][T10949] device bridge_slave_0 entered promiscuous mode
[  461.656251][T10949] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.663562][T10949] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.693599][T10949] device bridge_slave_1 entered promiscuous mode
[  461.778813][T10812] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.786943][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  461.807218][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  461.854143][T10949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  461.972755][T11039] loop2: detected capacity change from 0 to 128
[  461.989455][T10812] batman_adv: batadv0: Interface activated: batadv_slave_1
[  462.008235][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  462.024475][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  462.033308][T11039] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  462.050628][T10949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  462.149952][T11041] IPv6: NLM_F_CREATE should be specified when creating new route
[  462.385319][T10949] team0: Port device team_slave_0 added
[  462.397878][T10812] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  462.409090][T10812] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  462.418177][T10812] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  462.427335][T10812] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  462.443078][T10949] team0: Port device team_slave_1 added
[  462.563175][ T4263] Bluetooth: hci3: command 0x041b tx timeout
[  462.636331][T10949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  462.653347][T10949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.687734][T10949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  462.802454][T10949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  462.810406][T10949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.840151][T10949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  462.862225][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  462.875674][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  462.929277][T10878] device veth0_vlan entered promiscuous mode
[  462.944509][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  462.953542][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  462.970888][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  462.983826][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  463.160167][ T4478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.184876][ T4478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.225984][T10878] device veth1_vlan entered promiscuous mode
[  463.245419][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  463.297802][T10949] device hsr_slave_0 entered promiscuous mode
[  463.305226][T10949] device hsr_slave_1 entered promiscuous mode
[  463.312779][T10949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  463.322849][T10949] Cannot create hsr debugfs directory
[  463.483291][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.498112][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  463.512320][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.568828][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  463.598132][T10878] device veth0_macvtap entered promiscuous mode
[  463.670184][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  463.709108][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  463.904824][T10878] device veth1_macvtap entered promiscuous mode
[  463.962404][ T4371] device hsr_slave_0 left promiscuous mode
[  464.003827][ T4371] device hsr_slave_1 left promiscuous mode
[  464.025639][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  464.044293][ T4371] bridge0: port 4(team0) entered disabled state
[  464.072107][ T4371] device dummy0 left promiscuous mode
[  464.087524][ T4371] bridge0: port 3(dummy0) entered disabled state
[  464.106539][ T4371] device bridge_slave_1 left promiscuous mode
[  464.112877][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.144475][ T4371] device bridge_slave_0 left promiscuous mode
[  464.154216][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.175965][ T4371] device hsr_slave_0 left promiscuous mode
[  464.194213][ T4371] batman_adv: batadv0: Removing interface: dummy0
[  464.207423][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  464.227137][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_1
[  464.235001][ T4371] device bridge_slave_1 left promiscuous mode
[  464.254684][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.273281][ T4371] device bridge_slave_0 left promiscuous mode
[  464.286910][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.332670][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  464.332685][   T27] audit: type=1326 audit(1750013736.626:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.408809][   T27] audit: type=1326 audit(1750013736.656:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.475521][   T27] audit: type=1326 audit(1750013736.656:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.517357][   T27] audit: type=1326 audit(1750013736.656:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.547888][   T27] audit: type=1326 audit(1750013736.656:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.593312][   T27] audit: type=1326 audit(1750013736.656:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  464.636602][ T4263] Bluetooth: hci3: command 0x040f tx timeout
[  464.669089][   T27] audit: type=1326 audit(1750013736.656:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11071 comm="syz.2.2325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  465.243346][ T4371] device team_slave_1 left promiscuous mode
[  465.253446][ T4371] team0 (unregistering): Port device team_slave_1 removed
[  465.310588][ T4371] device team_slave_0 left promiscuous mode
[  465.318262][ T4371] team0 (unregistering): Port device team_slave_0 removed
[  465.377280][ T4371] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  465.434829][ T4371] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.083396][ T4371] bond0 (unregistering): Released all slaves
[  466.517696][ T4371] team0 (unregistering): Port device team_slave_1 removed
[  466.576385][ T4371] team0 (unregistering): Port device team_slave_0 removed
[  466.629962][ T4371] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.684529][ T4371] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.719797][ T4263] Bluetooth: hci3: command 0x0419 tx timeout
[  467.281781][ T4371] bond0 (unregistering): Released all slaves
[  467.363755][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  467.542210][T10878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.553081][   T27] audit: type=1326 audit(1750013739.836:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.5.2333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  467.578712][   T27] audit: type=1326 audit(1750013739.836:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.5.2333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  467.603264][   T27] audit: type=1326 audit(1750013739.836:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.5.2333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  467.611180][T10878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.671732][T10878] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.696814][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  467.716066][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  467.749056][T10878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.765894][T10878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.788180][T10878] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.835656][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  467.849004][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  467.875924][T10878] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.891359][T10878] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.903020][T10878] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.918778][T10878] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.152991][T10949] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  468.186369][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.218697][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.232684][T10949] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  468.254566][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  468.270850][T10949] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  468.314362][T10949] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  468.364822][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.401734][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.442306][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  468.623121][T10949] 8021q: adding VLAN 0 to HW filter on device bond0
[  468.703214][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  468.717299][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  468.739452][T10949] 8021q: adding VLAN 0 to HW filter on device team0
[  468.786974][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  468.804480][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  468.824707][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.831946][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.893440][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  468.935144][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  468.960372][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  468.984017][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.991314][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.020641][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  469.072950][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  469.108190][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  469.130591][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  469.151774][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  469.167207][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  469.195776][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  469.212200][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  469.225858][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  469.239930][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  469.251329][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  469.265239][T10949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  469.282346][T11121] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  470.626376][T11145] hub 6-0:1.0: USB hub found
[  470.647170][T11145] hub 6-0:1.0: 1 port detected
[  470.723654][T11150] netlink: 'syz.1.2349': attribute type 10 has an invalid length.
[  470.750083][T11152] loop5: detected capacity change from 0 to 128
[  470.777398][T11152] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  470.778523][T11150] team0: Port device dummy0 added
[  470.821652][T11152] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  470.873007][T11153] netlink: 'syz.1.2349': attribute type 10 has an invalid length.
[  471.007918][T11153] team0: Port device dummy0 removed
[  471.014018][ T4320] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  471.030303][T11153] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  471.078152][T11163] loop6: detected capacity change from 0 to 256
[  471.088635][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  471.096412][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  471.134218][T10949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  471.155344][T11163] FAT-fs (loop6): Directory bread(block 64) failed
[  471.165292][T11163] FAT-fs (loop6): Directory bread(block 65) failed
[  471.178108][T11163] FAT-fs (loop6): Directory bread(block 66) failed
[  471.184727][T11163] FAT-fs (loop6): Directory bread(block 67) failed
[  471.194089][T11163] FAT-fs (loop6): Directory bread(block 68) failed
[  471.203476][T11163] FAT-fs (loop6): Directory bread(block 69) failed
[  471.246668][T11163] FAT-fs (loop6): Directory bread(block 70) failed
[  471.253312][T11163] FAT-fs (loop6): Directory bread(block 71) failed
[  471.267661][T11163] FAT-fs (loop6): Directory bread(block 72) failed
[  471.274282][T11163] FAT-fs (loop6): Directory bread(block 73) failed
[  471.389511][T11163] usb usb1: usbfs: process 11163 (syz.6.2353) did not claim interface 0 before use
[  471.537202][T11179] syz.1.2358[11179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.537308][T11179] syz.1.2358[11179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.662401][T11181] xt_TPROXY: Can be used only with -p tcp or -p udp
[  472.141967][T11200] loop5: detected capacity change from 0 to 512
[  472.172694][T11200] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  472.209591][T11200] EXT4-fs (loop5): 1 truncate cleaned up
[  472.230015][T11200] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  472.247793][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  472.263377][T11200] EXT4-fs (loop5): unmounting filesystem.
[  472.270899][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  472.354380][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  472.377569][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  472.419857][T10949] device veth0_vlan entered promiscuous mode
[  472.452770][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  472.464942][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  472.525222][T11210] usb usb1: usbfs: process 11210 (syz.5.2370) did not claim interface 0 before use
[  472.564462][T10949] device veth1_vlan entered promiscuous mode
[  472.621795][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  472.657377][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  472.678156][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  472.697534][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  472.709674][T10949] device veth0_macvtap entered promiscuous mode
[  472.732754][T10949] device veth1_macvtap entered promiscuous mode
[  472.778875][T10949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  472.797457][T10949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.797480][T10949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  472.797499][T10949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.799205][T10949] batman_adv: batadv0: Interface activated: batadv_slave_0
[  472.799341][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  472.800103][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  472.800708][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  472.801365][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  472.820494][T10949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  472.820517][T10949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.820529][T10949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  472.820542][T10949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.822589][T10949] batman_adv: batadv0: Interface activated: batadv_slave_1
[  472.822716][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  472.823459][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  472.834723][T10949] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  472.972395][T10949] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  472.972432][T10949] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  472.972460][T10949] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  473.161434][ T4371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.176135][ T4371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  473.209404][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  473.264713][ T4334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.264788][ T4334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  473.269254][ T4591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  473.462787][T11237] loop5: detected capacity change from 0 to 128
[  473.765954][T11247] 9pnet_fd: Insufficient options for proto=fd
[  474.147265][T11268] loop6: detected capacity change from 0 to 512
[  474.201027][T11268] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  474.208411][T11273] loop2: detected capacity change from 0 to 1024
[  474.216241][T11273] EXT4-fs: Ignoring removed nomblk_io_submit option
[  474.224521][T11268] EXT4-fs (loop6): orphan cleanup on readonly fs
[  474.257897][T11268] __quota_error: 15 callbacks suppressed
[  474.257917][T11268] Quota error (device loop6): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  474.293925][T11278] loop7: detected capacity change from 0 to 512
[  474.321068][T11273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  474.330088][T11278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  474.344100][T11268] EXT4-fs warning (device loop6): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  474.364072][T11284] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  474.364827][T11268] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  474.379885][T11268] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.2395: bg 0: block 40: padding at end of block bitmap is not set
[  474.404956][T11268] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  474.424123][T11278] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  474.425710][T11268] EXT4-fs (loop6): 1 truncate cleaned up
[  474.439084][T11268] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  474.451936][T11278] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  474.457402][T11268] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  474.476271][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  474.510196][T11278] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.2396: corrupted xattr block 19
[  474.603572][T10949] EXT4-fs (loop7): unmounting filesystem.
[  474.682593][T10878] EXT4-fs (loop6): unmounting filesystem.
[  474.806612][   T27] audit: type=1326 audit(1750013747.086:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  474.866638][   T27] audit: type=1326 audit(1750013747.086:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  474.889924][T11301] netlink: 'syz.6.2403': attribute type 10 has an invalid length.
[  474.967877][T11301] team0: Port device dummy0 added
[  474.973077][   T27] audit: type=1326 audit(1750013747.086:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.008977][T11302] netlink: 'syz.6.2403': attribute type 10 has an invalid length.
[  475.027873][   T27] audit: type=1326 audit(1750013747.086:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.126746][   T27] audit: type=1326 audit(1750013747.086:3544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.191783][T11302] team0: Port device dummy0 removed
[  475.210524][T11302] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  475.315995][   T27] audit: type=1326 audit(1750013747.596:3545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.403705][   T27] audit: type=1326 audit(1750013747.646:3546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.449622][   T27] audit: type=1326 audit(1750013747.646:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.585485][T11297] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  475.615699][T11297] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  475.655954][T11297] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  475.669639][   T27] audit: type=1326 audit(1750013747.646:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75258e929 code=0x7ffc0000
[  475.693515][T11297] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  475.699901][T11297] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  475.706890][T11297] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  475.714552][T11297] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  475.721253][T11297] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  475.728937][T11297] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  475.736405][T11297] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  475.742670][T11297] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  475.749068][T11297] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  475.767168][T11297] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  475.793596][T11297] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  475.811112][T11297] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  476.059020][T11342] loop7: detected capacity change from 0 to 1024
[  476.084932][T11342] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  476.143307][T11342] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  476.146095][T11348] netlink: 'syz.5.2422': attribute type 10 has an invalid length.
[  476.190858][T11342] netlink: 332 bytes leftover after parsing attributes in process `syz.7.2419'.
[  476.200298][T11342] netlink: 'syz.7.2419': attribute type 9 has an invalid length.
[  476.208640][T11342] netlink: 108 bytes leftover after parsing attributes in process `syz.7.2419'.
[  476.220238][T11342] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2419'.
[  476.248119][T11342] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2748: inode #13: comm syz.7.2419: corrupted in-inode xattr
[  476.248825][T11348] team0: Port device dummy0 added
[  476.267533][T11351] netlink: 'syz.5.2422': attribute type 10 has an invalid length.
[  476.363075][T11355] mmap: syz.7.2419 (11355) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  476.391240][T11342] EXT4-fs (loop7): Remounting filesystem read-only
[  476.467796][T11351] team0: Port device dummy0 removed
[  476.499221][T11351] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  476.519877][T10949] EXT4-fs (loop7): unmounting filesystem.
[  476.536044][T11358] IPVS: Error connecting to the multicast addr
[  476.714733][T11369] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  476.727102][T11370] loop5: detected capacity change from 0 to 1024
[  476.788097][T11370] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  476.941426][T10812] EXT4-fs (loop5): unmounting filesystem.
[  477.408431][ T4263] Bluetooth: hci1: command 0x0c1a tx timeout
[  477.780968][ T4272] Bluetooth: hci0: command 0x0c1a tx timeout
[  477.787153][ T4272] Bluetooth: hci4: command 0x0c1a tx timeout
[  477.793258][ T4272] Bluetooth: hci2: command 0x0c1a tx timeout
[  477.836689][ T4272] Bluetooth: hci3: command 0x0c1a tx timeout
[  477.878188][T11395] loop5: detected capacity change from 0 to 512
[  477.937988][T11397] netlink: 'syz.2.2441': attribute type 10 has an invalid length.
[  477.967340][T11400] syz.7.2442[11400] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.967456][T11400] syz.7.2442[11400] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.042263][T11402] netlink: 'syz.2.2441': attribute type 10 has an invalid length.
[  478.102338][T11395] EXT4-fs (loop5): 1 orphan inode deleted
[  478.116822][T11395] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  478.143762][ T4371] EXT4-fs error (device loop5): ext4_release_dquot:6850: comm kworker/u4:9: Failed to release dquot type 1
[  478.148949][T11402] team0: Port device dummy0 removed
[  478.156858][T11395] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.200736][T11395] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  478.202270][T11402] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  478.287348][T10812] EXT4-fs (loop5): unmounting filesystem.
[  478.347640][T11413] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2447'.
[  478.628868][T11426] loop2: detected capacity change from 0 to 1024
[  478.647348][T11426] EXT4-fs: Ignoring removed nomblk_io_submit option
[  478.843120][T11426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  479.438529][ T4272] Bluetooth: hci1: command 0x0406 tx timeout
[  479.646367][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  479.817450][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1
[  479.837007][ T4272] Bluetooth: hci2: command 0x0406 tx timeout
[  479.842105][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.843134][ T4272] Bluetooth: hci4: command 0x0406 tx timeout
[  479.858963][ T4259] Bluetooth: hci0: command 0x0406 tx timeout
[  479.863014][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863044][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863067][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863089][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863111][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x2
[  479.863132][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863154][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863176][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863197][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863219][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863241][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863262][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863284][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863306][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863328][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863350][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863371][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863393][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863414][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863442][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863464][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863486][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863507][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863529][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863551][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863572][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863594][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863616][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863637][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863658][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  479.863679][ T8090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1
[  479.866224][T11447] netlink: 'syz.7.2460': attribute type 10 has an invalid length.
[  479.883836][ T8090] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  479.903122][T11447] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  479.906332][T11451] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2462'.
[  479.926656][ T4272] Bluetooth: hci3: command 0x0406 tx timeout
[  479.965105][   T27] kauditd_printk_skb: 133 callbacks suppressed
[  479.965122][   T27] audit: type=1326 audit(1750013752.246:3681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="syz.5.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  479.971428][   T27] audit: type=1326 audit(1750013752.256:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="syz.5.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  479.971652][   T27] audit: type=1326 audit(1750013752.256:3683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  479.972072][   T27] audit: type=1326 audit(1750013752.256:3684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  479.973138][   T27] audit: type=1326 audit(1750013752.256:3685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  479.977794][   T27] audit: type=1326 audit(1750013752.266:3686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  480.026298][   T27] audit: type=1326 audit(1750013752.306:3687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  480.031895][   T27] audit: type=1326 audit(1750013752.316:3688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  480.046780][   T27] audit: type=1326 audit(1750013752.336:3689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  480.047084][   T27] audit: type=1326 audit(1750013752.336:3690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11442 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90978e929 code=0x7ffc0000
[  480.257727][T11460] loop2: detected capacity change from 0 to 1024
[  480.258580][T11460] EXT4-fs: Ignoring removed nobh option
[  480.258613][T11460] EXT4-fs: Ignoring removed bh option
[  480.264908][T11460] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  480.307448][T11460] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  480.698701][T11457] ==================================================================
[  480.698719][T11457] BUG: KASAN: use-after-free in ext4_find_extent+0xbcc/0xe00
[  480.698756][T11457] Read of size 4 at addr ffff888049905458 by task syz.2.2464/11457
[  480.698776][T11457] 
[  480.698790][T11457] CPU: 0 PID: 11457 Comm: syz.2.2464 Not tainted 6.1.141-syzkaller #0
[  480.698812][T11457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.698829][T11457] Call Trace:
[  480.698836][T11457]  <TASK>
[  480.698845][T11457]  dump_stack_lvl+0x168/0x22e
[  480.698876][T11457]  ? __lock_acquire+0x7c50/0x7c50
[  480.698906][T11457]  ? show_regs_print_info+0x12/0x12
[  480.698935][T11457]  ? load_image+0x3b0/0x3b0
[  480.698959][T11457]  ? __virt_addr_valid+0x465/0x540
[  480.698990][T11457]  ? ext4_find_extent+0xbcc/0xe00
[  480.699013][T11457]  print_report+0xa8/0x220
[  480.699036][T11457]  kasan_report+0x10b/0x140
[  480.699071][T11457]  ? ext4_find_extent+0xbcc/0xe00
[  480.699099][T11457]  ext4_find_extent+0xbcc/0xe00
[  480.699128][T11457]  ext4_ext_map_blocks+0x27d/0x66d0
[  480.699155][T11457]  ? __lock_acquire+0x12e5/0x7c50
[  480.699196][T11457]  ? ext4_ext_release+0x10/0x10
[  480.699225][T11457]  ? rwsem_write_trylock+0x12f/0x1b0
[  480.699253][T11457]  ? ext4_es_lookup_extent+0x443/0xb20
[  480.699285][T11457]  ext4_map_blocks+0x9d1/0x1b60
[  480.699312][T11457]  ? ext4_issue_zeroout+0x250/0x250
[  480.699353][T11457]  _ext4_get_block+0x1d7/0x4e0
[  480.699373][T11457]  ? alloc_buffer_head+0xd4/0x100
[  480.699405][T11457]  ? __lock_acquire+0x7c50/0x7c50
[  480.699433][T11457]  ? ext4_get_block+0x40/0x40
[  480.699452][T11457]  ? attach_page_private+0x110/0x300
[  480.699486][T11457]  ? create_empty_buffers+0x59e/0x7a0
[  480.699519][T11457]  ? do_raw_spin_unlock+0x11d/0x230
[  480.699555][T11457]  ext4_get_block_unwritten+0x2a/0x100
[  480.699578][T11457]  __block_write_begin_int+0x54b/0x1a70
[  480.699622][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.699646][T11457]  ? page_zero_new_buffers+0x650/0x650
[  480.699680][T11457]  ? ext4_journal_check_start+0x17e/0x240
[  480.699707][T11457]  block_page_mkwrite+0x2d8/0x5f0
[  480.699726][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.699747][T11457]  ext4_page_mkwrite+0x3b2/0x10c0
[  480.699770][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.699794][T11457]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  480.699818][T11457]  ? count_memcg_event_mm+0x8f/0x3b0
[  480.699840][T11457]  ? count_memcg_event_mm+0x358/0x3b0
[  480.699863][T11457]  ? vm_normal_page+0x95/0x1d0
[  480.699884][T11457]  do_page_mkwrite+0x16b/0x5c0
[  480.699910][T11457]  wp_page_shared+0x167/0x370
[  480.699937][T11457]  handle_mm_fault+0x1ca6/0x3e70
[  480.699960][T11457]  ? mt_find+0x145/0x810
[  480.699991][T11457]  ? numa_migrate_prep+0x250/0x250
[  480.700018][T11457]  ? lock_chain_count+0x20/0x20
[  480.700048][T11457]  ? lock_mm_and_find_vma+0xae/0x2f0
[  480.700072][T11457]  do_user_addr_fault+0x51f/0xb10
[  480.700106][T11457]  exc_page_fault+0x60/0x100
[  480.700126][T11457]  asm_exc_page_fault+0x22/0x30
[  480.700146][T11457] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  480.700177][T11457] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  480.700203][T11457] RSP: 0018:ffffc9000449fa88 EFLAGS: 00050246
[  480.700223][T11457] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  480.700239][T11457] RDX: 0000000000000040 RSI: ffffc9000449fb20 RDI: 0000200000059000
[  480.700254][T11457] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52000893f6c
[  480.700269][T11457] R10: fffff52000893f6c R11: 1ffff92000893f64 R12: 00007fffffffefc0
[  480.700285][T11457] R13: 000000007ffd9a80 R14: 0000200000059000 R15: ffffc9000449fb20
[  480.700304][T11457]  ? _copy_to_user+0xa1/0x130
[  480.700340][T11457]  _copy_to_user+0xea/0x130
[  480.700369][T11457]  rng_dev_read+0x3c5/0x710
[  480.700392][T11457]  ? hwrng_yield+0x20/0x20
[  480.700414][T11457]  ? common_file_perm+0x171/0x1c0
[  480.700437][T11457]  ? fsnotify_perm+0x39b/0x550
[  480.700467][T11457]  do_iter_read+0x49f/0xb10
[  480.700493][T11457]  ? vfs_iter_read+0xa0/0xa0
[  480.700511][T11457]  ? __import_iovec+0x315/0x500
[  480.700537][T11457]  ? import_iovec+0x6f/0xa0
[  480.700560][T11457]  do_preadv+0x1f6/0x330
[  480.700583][T11457]  ? do_writev+0x410/0x410
[  480.700612][T11457]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  480.700642][T11457]  ? lock_chain_count+0x20/0x20
[  480.700672][T11457]  ? lockdep_hardirqs_on+0x94/0x140
[  480.700694][T11457]  do_syscall_64+0x4c/0xa0
[  480.700720][T11457]  ? clear_bhb_loop+0x60/0xb0
[  480.700741][T11457]  ? clear_bhb_loop+0x60/0xb0
[  480.700762][T11457]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.700795][T11457] RIP: 0033:0x7fb75258e929
[  480.700819][T11457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.700836][T11457] RSP: 002b:00007fb753398038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  480.700857][T11457] RAX: ffffffffffffffda RBX: 00007fb7527b5fa0 RCX: 00007fb75258e929
[  480.700873][T11457] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000004
[  480.700887][T11457] RBP: 00007fb752610b39 R08: 0000000000000000 R09: 0000000000000000
[  480.700900][T11457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  480.700913][T11457] R13: 0000000000000000 R14: 00007fb7527b5fa0 R15: 00007ffe08daf938
[  480.700935][T11457]  </TASK>
[  480.700943][T11457] 
[  480.700947][T11457] The buggy address belongs to the physical page:
[  480.700960][T11457] page:ffffea0001264140 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x49905
[  480.700982][T11457] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  480.701013][T11457] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[  480.701032][T11457] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  480.701043][T11457] page dumped because: kasan: bad access detected
[  480.701053][T11457] page_owner tracks the page as freed
[  480.701059][T11457] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 11383, tgid 11382 (syz.1.2435), ts 477852475273, free_ts 478705522149
[  480.701094][T11457]  post_alloc_hook+0x173/0x1a0
[  480.701125][T11457]  get_page_from_freelist+0x1a26/0x1ac0
[  480.701143][T11457]  __alloc_pages+0x1df/0x4e0
[  480.701159][T11457]  __folio_alloc+0xe/0x30
[  480.701174][T11457]  vma_alloc_folio+0x4a3/0x900
[  480.701204][T11457]  shmem_alloc_and_acct_folio+0x42e/0xb60
[  480.701233][T11457]  shmem_get_folio_gfp+0x1361/0x3400
[  480.701262][T11457]  shmem_fault+0x1be/0x7b0
[  480.701290][T11457]  __do_fault+0x13b/0x4e0
[  480.701311][T11457]  handle_mm_fault+0x28ca/0x3e70
[  480.701337][T11457]  __get_user_pages+0x3ff/0xeb0
[  480.701365][T11457]  populate_vma_page_range+0x214/0x2b0
[  480.701393][T11457]  __mm_populate+0x248/0x370
[  480.701421][T11457]  vm_mmap_pgoff+0x203/0x2b0
[  480.701439][T11457]  do_syscall_64+0x4c/0xa0
[  480.701463][T11457]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.701495][T11457] page last free stack trace:
[  480.701501][T11457]  free_unref_page_prepare+0x8b4/0x9a0
[  480.701532][T11457]  free_unref_page_list+0xbb/0x8e0
[  480.701562][T11457]  release_pages+0x1f92/0x2200
[  480.701591][T11457]  __pagevec_release+0x6d/0xe0
[  480.701619][T11457]  shmem_undo_range+0x75b/0x2050
[  480.701646][T11457]  shmem_evict_inode+0x248/0xa40
[  480.701676][T11457]  evict+0x485/0x870
[  480.701701][T11457]  __dentry_kill+0x431/0x650
[  480.701719][T11457]  dentry_kill+0xb8/0x290
[  480.701735][T11457]  dput+0xfa/0x1d0
[  480.701751][T11457]  __fput+0x5e0/0x920
[  480.701770][T11457]  task_work_run+0x1ca/0x250
[  480.701793][T11457]  do_exit+0x936/0x2400
[  480.701819][T11457]  do_group_exit+0x217/0x2d0
[  480.701846][T11457]  __x64_sys_exit_group+0x3b/0x40
[  480.701874][T11457]  do_syscall_64+0x4c/0xa0
[  480.701899][T11457] 
[  480.701903][T11457] Memory state around the buggy address:
[  480.701914][T11457]  ffff888049905300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  480.701928][T11457]  ffff888049905380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  480.701942][T11457] >ffff888049905400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  480.701952][T11457]                                                     ^
[  480.701964][T11457]  ffff888049905480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  480.701978][T11457]  ffff888049905500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  480.701989][T11457] ==================================================================
[  480.705488][T11457] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  480.705502][T11457] CPU: 0 PID: 11457 Comm: syz.2.2464 Not tainted 6.1.141-syzkaller #0
[  480.705527][T11457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.705539][T11457] Call Trace:
[  480.705546][T11457]  <TASK>
[  480.705554][T11457]  dump_stack_lvl+0x168/0x22e
[  480.705587][T11457]  ? memcpy+0x3c/0x60
[  480.705610][T11457]  ? show_regs_print_info+0x12/0x12
[  480.705637][T11457]  ? load_image+0x3b0/0x3b0
[  480.705664][T11457]  panic+0x2c9/0x710
[  480.705684][T11457]  ? bpf_jit_dump+0xd0/0xd0
[  480.705704][T11457]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  480.705735][T11457]  ? _raw_spin_unlock+0x40/0x40
[  480.705763][T11457]  ? print_memory_metadata+0x314/0x400
[  480.705789][T11457]  check_panic_on_warn+0x80/0xa0
[  480.705813][T11457]  ? ext4_find_extent+0xbcc/0xe00
[  480.705836][T11457]  end_report+0x66/0x110
[  480.705893][T11457]  kasan_report+0x118/0x140
[  480.705926][T11457]  ? ext4_find_extent+0xbcc/0xe00
[  480.705953][T11457]  ext4_find_extent+0xbcc/0xe00
[  480.705982][T11457]  ext4_ext_map_blocks+0x27d/0x66d0
[  480.706009][T11457]  ? __lock_acquire+0x12e5/0x7c50
[  480.706050][T11457]  ? ext4_ext_release+0x10/0x10
[  480.706078][T11457]  ? rwsem_write_trylock+0x12f/0x1b0
[  480.706106][T11457]  ? ext4_es_lookup_extent+0x443/0xb20
[  480.706137][T11457]  ext4_map_blocks+0x9d1/0x1b60
[  480.706164][T11457]  ? ext4_issue_zeroout+0x250/0x250
[  480.706192][T11457]  _ext4_get_block+0x1d7/0x4e0
[  480.706211][T11457]  ? alloc_buffer_head+0xd4/0x100
[  480.706242][T11457]  ? __lock_acquire+0x7c50/0x7c50
[  480.706270][T11457]  ? ext4_get_block+0x40/0x40
[  480.706287][T11457]  ? attach_page_private+0x110/0x300
[  480.706320][T11457]  ? create_empty_buffers+0x59e/0x7a0
[  480.706361][T11457]  ? do_raw_spin_unlock+0x11d/0x230
[  480.706396][T11457]  ext4_get_block_unwritten+0x2a/0x100
[  480.706418][T11457]  __block_write_begin_int+0x54b/0x1a70
[  480.706461][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.706481][T11457]  ? page_zero_new_buffers+0x650/0x650
[  480.706513][T11457]  ? ext4_journal_check_start+0x17e/0x240
[  480.706539][T11457]  block_page_mkwrite+0x2d8/0x5f0
[  480.706556][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.706577][T11457]  ext4_page_mkwrite+0x3b2/0x10c0
[  480.706600][T11457]  ? _ext4_get_block+0x4e0/0x4e0
[  480.706623][T11457]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  480.706648][T11457]  ? count_memcg_event_mm+0x8f/0x3b0
[  480.706670][T11457]  ? count_memcg_event_mm+0x358/0x3b0
[  480.706691][T11457]  ? vm_normal_page+0x95/0x1d0
[  480.706710][T11457]  do_page_mkwrite+0x16b/0x5c0
[  480.706735][T11457]  wp_page_shared+0x167/0x370
[  480.706761][T11457]  handle_mm_fault+0x1ca6/0x3e70
[  480.706784][T11457]  ? mt_find+0x145/0x810
[  480.706814][T11457]  ? numa_migrate_prep+0x250/0x250
[  480.706840][T11457]  ? lock_chain_count+0x20/0x20
[  480.706869][T11457]  ? lock_mm_and_find_vma+0xae/0x2f0
[  480.706893][T11457]  do_user_addr_fault+0x51f/0xb10
[  480.706925][T11457]  exc_page_fault+0x60/0x100
[  480.706945][T11457]  asm_exc_page_fault+0x22/0x30
[  480.706964][T11457] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  480.706995][T11457] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  480.707012][T11457] RSP: 0018:ffffc9000449fa88 EFLAGS: 00050246
[  480.707031][T11457] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  480.707045][T11457] RDX: 0000000000000040 RSI: ffffc9000449fb20 RDI: 0000200000059000
[  480.707060][T11457] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52000893f6c
[  480.707075][T11457] R10: fffff52000893f6c R11: 1ffff92000893f64 R12: 00007fffffffefc0
[  480.707091][T11457] R13: 000000007ffd9a80 R14: 0000200000059000 R15: ffffc9000449fb20
[  480.707110][T11457]  ? _copy_to_user+0xa1/0x130
[  480.707143][T11457]  _copy_to_user+0xea/0x130
[  480.707173][T11457]  rng_dev_read+0x3c5/0x710
[  480.707195][T11457]  ? hwrng_yield+0x20/0x20
[  480.707216][T11457]  ? common_file_perm+0x171/0x1c0
[  480.707239][T11457]  ? fsnotify_perm+0x39b/0x550
[  480.707268][T11457]  do_iter_read+0x49f/0xb10
[  480.707293][T11457]  ? vfs_iter_read+0xa0/0xa0
[  480.707312][T11457]  ? __import_iovec+0x315/0x500
[  480.707346][T11457]  ? import_iovec+0x6f/0xa0
[  480.707370][T11457]  do_preadv+0x1f6/0x330
[  480.707393][T11457]  ? do_writev+0x410/0x410
[  480.707422][T11457]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  480.707453][T11457]  ? lock_chain_count+0x20/0x20
[  480.707483][T11457]  ? lockdep_hardirqs_on+0x94/0x140
[  480.707505][T11457]  do_syscall_64+0x4c/0xa0
[  480.707533][T11457]  ? clear_bhb_loop+0x60/0xb0
[  480.707553][T11457]  ? clear_bhb_loop+0x60/0xb0
[  480.707575][T11457]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.707608][T11457] RIP: 0033:0x7fb75258e929
[  480.707624][T11457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.707642][T11457] RSP: 002b:00007fb753398038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  480.707664][T11457] RAX: ffffffffffffffda RBX: 00007fb7527b5fa0 RCX: 00007fb75258e929
[  480.707679][T11457] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000004
[  480.707693][T11457] RBP: 00007fb752610b39 R08: 0000000000000000 R09: 0000000000000000
[  480.707706][T11457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  480.707719][T11457] R13: 0000000000000000 R14: 00007fb7527b5fa0 R15: 00007ffe08daf938
[  480.707741][T11457]  </TASK>
[  480.708035][T11457] Kernel Offset: disabled
[  482.248197][T11457] Rebooting in 86400 seconds..