last executing test programs:

3m11.770692886s ago: executing program 1 (id=7):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x71, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

3m11.583241596s ago: executing program 1 (id=9):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'ip6gre0\x00', 0x1}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'dummy0\x00'}, 0x18)

3m10.260869354s ago: executing program 1 (id=13):
socket$inet(0x2, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth1_macvtap\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000015c0)=@deltfilter={0x60, 0x2d, 0x4, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xaeaad191fab26359, 0xb}, {0xffff, 0xd}, {0xb, 0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}, @filter_kind_options=@f_basic={{0xa}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x80000001}, @TCA_CHAIN={0x8, 0xb, 0x5}, @TCA_CHAIN={0x8, 0xb, 0x7f}, @TCA_RATE={0x6, 0x5, {0x81, 0x7}}]}, 0x60}}, 0x8000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000780)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900040004e0144000000007fd17e5ffff0800040000000000", 0x39}], 0x1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)

3m9.785449316s ago: executing program 1 (id=16):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000000c0)={[{@data_err_abort}, {@minixdf}, {@minixdf}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)

3m9.22757726s ago: executing program 1 (id=19):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

3m8.273244335s ago: executing program 1 (id=25):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
epoll_create(0xa)

3m7.755968298s ago: executing program 32 (id=25):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
epoll_create(0xa)

2m32.512567504s ago: executing program 0 (id=182):
r0 = socket$inet(0x2, 0x3, 0xff)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0xc004, &(0x7f0000000800)={0x2, 0x0, @broadcast}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES16=r2], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x2404085c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000c700000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x565)
ioctl$BTRFS_IOC_START_SYNC(r5, 0x80089418, &(0x7f0000000280)=<r8=>0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r4, 0xc0c89425, &(0x7f00000002c0)={"074243bf7121645c48fc916ac0bb261b", r8, 0x0, {0x6, 0x7a8e8875}, {0x9, 0x8}, 0x6, [0x800, 0x8, 0x3742, 0xea, 0x7, 0x5, 0xfffffffffffffff8, 0x9, 0x2, 0x3, 0x9, 0x0, 0x9, 0x8, 0xfffffffffffffffd, 0x3]})

2m27.927846599s ago: executing program 0 (id=201):
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
write$cgroup_int(r0, &(0x7f0000000000)=0x700, 0x12)

2m27.497183711s ago: executing program 0 (id=205):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000048000000000000000000850000000e0000008500000005"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="36400000260091"], 0xfe33)

2m27.099859773s ago: executing program 0 (id=207):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc0042, 0x1fe)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000040, &(0x7f0000000180)={[{@max_batch_time={'max_batch_time', 0x3d, 0xe}}, {@usrquota}, {@nodelalloc}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0xee}}, {@nodiscard}]}, 0xfd, 0x461, &(0x7f0000001840)="$eJzs3M1vG0UbAPDHmzj9fuO3lI+WFgIFUQlImvSDHrgUgcQBJCQ4tOJk0rQqdRvUBIlWFQQO5YgqcUfc+Qu4UC4IOCFxhTtCqlAvFE5Ga+8mTmI7cewkbfz7SdvOeMeZeXZ37PHM2gH0rZH0n0LE7oj4LSKG69nFBUbq/927e2Pyn7s3JgtRrb79V6FW7u+7NybzovnzdtUz1YE29d58N6JcqUxdzfJjs5c/GJu5dv3Fi5fLF6YuTF2ZOHXq+LFDQycnTnQdYxIRe9K2Hvh4+uD+18/eenPyzK33fvombe/urExjHL0yUj+6TT3b68o22Z7GzNzmtYPOpH10MCKKtf4/HAOxY37fcLz22aY2DlhX1WpS3dZ691wV2MLS0TzQj/I3+vTzb75t0NDjvnDndMzPY9zLtvqewdq8QWSfjdbLSEScmfv3q3SLdZqHAABodPt0RLzQbPyXxCMN5f6XrQ2VIuL/EbE3Ih6KiH0R8XBEreyjEfFYh/UvXSFZPv6pDq8psFVKx38vZ2tbi8d/+egvSgMNa0ilKBbOX6xMHc2OyZEobkvz423q+P7VX79ota9x/Jduaf35WDBrx5+DSybozpWL5W5ibnTn03orlsdfqK0LRLautz8iDnT4t7M1oaRdmZXjb2OwwwY1Uf064rn6+Z+LJfHnCi3XJ8dfOjlxYmx7VKaOjuVXxXI//3LzrVb1dxV/D9y5XY2dTa//+fhLhe0RM9euX6qt1850XsfN3z9v+Zlmbdf/bHmo8E4tPZQ99lF5dvbqeMRQ4Y3lj08sPDfP5+XT6//I4eb9f28sHInHI+JgRByKiCci4sms7U9FxNMRcbhN/D++8sz7ncffZla+h9L4z7U4/9kCfimNf+H8d54YuPTDt53Hn0vP//Fa6kj2SHr+V4prtQ3s8vABAADAAyGp3QNfSEbn00kyOlq/h39f7Ewq0zOzz5+f/vDKufq98qUoJvlM13DDfOh4Njec5yeW5I9l88ZfDuyo5UcnpyudzhUDvbWrRf9P/dHuCzzA1tCDdTTgAaX/Q//S/6F/6f/Qv/R/6F/N+v8nLUtvzI3JwMZY4f1/x0a1A9h4xv/Qv/R/6F/6P/Sllt+NT7r6yr/EJiW+G+rutxrSRGlVhSO5T0LeMoliNN01uOofs1hjYtvZ7MVg0a5NfmECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokf8CAAD//9OM3iE=")

2m25.95048401s ago: executing program 0 (id=212):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r0, &(0x7f00000000c0)={@val={0x6f01, 0x800}, @val={0x1, 0x4, 0x0, 0x4, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xd, 0x4, 0x0, 0x0, 0x4000, {[@window={0x9, 0x3}, @sack={0x5, 0x1a, [0x8d6, 0x61, 0xfffffffc, 0xffff, 0x0, 0x8]}]}}, {"c4f6ad54bd"}}}}}, 0x5b)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file1\x00', 0x18000, &(0x7f0000001940)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESOCT, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYRES32, @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000060000000100000000"], 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0xa)
set_mempolicy(0x3, 0x0, 0x6)
pwritev2(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5406, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r5}, 0x10)
sendfile(r3, r3, 0x0, 0x4623)

2m24.283209229s ago: executing program 0 (id=219):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0xf, {0xf, 0x1, "a7ea3163fd3bc518194b120c1e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

2m9.199034873s ago: executing program 33 (id=219):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0xf, {0xf, 0x1, "a7ea3163fd3bc518194b120c1e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

1m55.677078968s ago: executing program 2 (id=335):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000000), 0xc)
bind$qrtr(r1, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)

1m55.201960671s ago: executing program 2 (id=339):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0xe8c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe78, 0x1, [@m_pedit={0xe74, 0x1, 0x0, 0x0, {{0xa}, {0xe48, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2c6}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x8001}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x24, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe8c}}, 0x0)

1m54.779395123s ago: executing program 2 (id=341):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc0042, 0x1fe)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000040, &(0x7f0000000180)={[{@max_batch_time={'max_batch_time', 0x3d, 0xe}}, {@usrquota}, {@nodelalloc}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0xee}}, {@nodiscard}]}, 0xfd, 0x461, &(0x7f0000001840)="$eJzs3M1vG0UbAPDHmzj9fuO3lI+WFgIFUQlImvSDHrgUgcQBJCQ4tOJk0rQqdRvUBIlWFQQO5YgqcUfc+Qu4UC4IOCFxhTtCqlAvFE5Ga+8mTmI7cewkbfz7SdvOeMeZeXZ37PHM2gH0rZH0n0LE7oj4LSKG69nFBUbq/927e2Pyn7s3JgtRrb79V6FW7u+7NybzovnzdtUz1YE29d58N6JcqUxdzfJjs5c/GJu5dv3Fi5fLF6YuTF2ZOHXq+LFDQycnTnQdYxIRe9K2Hvh4+uD+18/eenPyzK33fvombe/urExjHL0yUj+6TT3b68o22Z7GzNzmtYPOpH10MCKKtf4/HAOxY37fcLz22aY2DlhX1WpS3dZ691wV2MLS0TzQj/I3+vTzb75t0NDjvnDndMzPY9zLtvqewdq8QWSfjdbLSEScmfv3q3SLdZqHAABodPt0RLzQbPyXxCMN5f6XrQ2VIuL/EbE3Ih6KiH0R8XBEreyjEfFYh/UvXSFZPv6pDq8psFVKx38vZ2tbi8d/+egvSgMNa0ilKBbOX6xMHc2OyZEobkvz423q+P7VX79ota9x/Jduaf35WDBrx5+DSybozpWL5W5ibnTn03orlsdfqK0LRLautz8iDnT4t7M1oaRdmZXjb2OwwwY1Uf064rn6+Z+LJfHnCi3XJ8dfOjlxYmx7VKaOjuVXxXI//3LzrVb1dxV/D9y5XY2dTa//+fhLhe0RM9euX6qt1850XsfN3z9v+Zlmbdf/bHmo8E4tPZQ99lF5dvbqeMRQ4Y3lj08sPDfP5+XT6//I4eb9f28sHInHI+JgRByKiCci4sms7U9FxNMRcbhN/D++8sz7ncffZla+h9L4z7U4/9kCfimNf+H8d54YuPTDt53Hn0vP//Fa6kj2SHr+V4prtQ3s8vABAADAAyGp3QNfSEbn00kyOlq/h39f7Ewq0zOzz5+f/vDKufq98qUoJvlM13DDfOh4Njec5yeW5I9l88ZfDuyo5UcnpyudzhUDvbWrRf9P/dHuCzzA1tCDdTTgAaX/Q//S/6F/6f/Qv/R/6F/N+v8nLUtvzI3JwMZY4f1/x0a1A9h4xv/Qv/R/6F/6P/Sllt+NT7r6yr/EJiW+G+rutxrSRGlVhSO5T0LeMoliNN01uOofs1hjYtvZ7MVg0a5NfmECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokf8CAAD//9OM3iE=")

1m53.376672041s ago: executing program 2 (id=345):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x4000840)

1m52.035172218s ago: executing program 2 (id=348):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000000), 0xc)
bind$qrtr(r1, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)

1m51.74235909s ago: executing program 2 (id=350):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9001)
syz_usb_connect(0x3, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0xc07}}]})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4)

1m35.57362721s ago: executing program 34 (id=350):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9001)
syz_usb_connect(0x3, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0xc07}}]})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4)

6.859272522s ago: executing program 6 (id=912):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/80, 0x50}], 0x1}, 0x2000)

6.586858993s ago: executing program 6 (id=916):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
readv(r3, &(0x7f0000000200)=[{&(0x7f0000000140)=""/138, 0x8a}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)

6.357002755s ago: executing program 4 (id=918):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32, @ANYRES64], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)

5.690970628s ago: executing program 4 (id=922):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="34000000020000010000000000000000d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a560254ea0043"], 0x34}, {&(0x7f00000005c0)=ANY=[], 0x100}], 0x2}, 0x0)

5.52603617s ago: executing program 7 (id=924):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x154)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
recvfrom$unix(r1, &(0x7f0000000180)=""/235, 0xeb, 0x100, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.49326273s ago: executing program 6 (id=925):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000023ed0000180100002820702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

5.42111043s ago: executing program 4 (id=926):
socket$netlink(0x10, 0x3, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x1e, 0x4, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
setns(r1, 0x24020000)
syz_clone(0x72b80180, 0x0, 0x0, 0x0, 0x0, 0x0)

5.025013172s ago: executing program 6 (id=930):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74a", 0xc6}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63e", 0x82}, {&(0x7f0000000700)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc334fba45667941bdeaebee3915c7685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551007ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0ef8f2d4a071d516ed09b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646", 0xde}], 0x3}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000014c0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeac", 0x27}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1dd1f157fe36b0897bc2d8269", 0x1ea}], 0x1}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
socket$packet(0x11, 0x3, 0x300)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

4.991634672s ago: executing program 7 (id=931):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r3, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8)
dup2(r3, r4)
fcntl$setown(r3, 0x8, r0)
tkill(r0, 0x13)

4.920559183s ago: executing program 5 (id=932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='netlink_extack\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@bridge_dellink={0x20, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x1000, 0x61087}}, 0x20}}, 0x0)

4.774981624s ago: executing program 6 (id=934):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)

4.634904864s ago: executing program 4 (id=935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000000), 0xc)
bind$qrtr(r2, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)

4.634622634s ago: executing program 5 (id=936):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)

3.755716209s ago: executing program 6 (id=937):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000480)={0x1f, 0x0, @any, 0xf5, 0x1}, 0xfe2a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x5411, &(0x7f0000000280)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0xd, 'veth1_to_batadv\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
lseek(0xffffffffffffffff, 0xffffffffffffeffa, 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$P9_RLERRORu(r5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="3800000003147df800000000fedbdf250900020073797b300000000008004100736977001400330076657468305f6d616376746170"], 0x38}}, 0x0)

3.72969248s ago: executing program 3 (id=938):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x71, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

3.69692124s ago: executing program 7 (id=939):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x0, 0x0, 0x0)

3.679522889s ago: executing program 5 (id=940):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32, @ANYRES64], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)

3.60904651s ago: executing program 4 (id=941):
sched_setscheduler(0x0, 0x2, 0x0)
unshare(0x62040200)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0x2, @empty}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x5})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r0, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})

3.473045351s ago: executing program 3 (id=942):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f0000000300)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

3.401307391s ago: executing program 5 (id=943):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x400)
mq_notify(0xffffffffffffffff, 0x0)

3.338752581s ago: executing program 7 (id=944):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x154)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
recvfrom$unix(r1, &(0x7f0000000180)=""/235, 0xeb, 0x100, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.302222392s ago: executing program 3 (id=945):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="13146000000370", 0x7}], 0x7)

3.029078473s ago: executing program 5 (id=946):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000240)={'wg2\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x503, 0x70bd2b, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8, 0x2, r3}]}}}]}, 0x40}}, 0x0)

3.027240263s ago: executing program 3 (id=947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)

2.864757694s ago: executing program 7 (id=948):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc0042, 0x1fe)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000040, &(0x7f0000000180)={[{@max_batch_time={'max_batch_time', 0x3d, 0xe}}, {@usrquota}, {@nodelalloc}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0xee}}, {@nodiscard}]}, 0xfd, 0x461, &(0x7f0000001840)="$eJzs3M1vG0UbAPDHmzj9fuO3lI+WFgIFUQlImvSDHrgUgcQBJCQ4tOJk0rQqdRvUBIlWFQQO5YgqcUfc+Qu4UC4IOCFxhTtCqlAvFE5Ga+8mTmI7cewkbfz7SdvOeMeZeXZ37PHM2gH0rZH0n0LE7oj4LSKG69nFBUbq/927e2Pyn7s3JgtRrb79V6FW7u+7NybzovnzdtUz1YE29d58N6JcqUxdzfJjs5c/GJu5dv3Fi5fLF6YuTF2ZOHXq+LFDQycnTnQdYxIRe9K2Hvh4+uD+18/eenPyzK33fvombe/urExjHL0yUj+6TT3b68o22Z7GzNzmtYPOpH10MCKKtf4/HAOxY37fcLz22aY2DlhX1WpS3dZ691wV2MLS0TzQj/I3+vTzb75t0NDjvnDndMzPY9zLtvqewdq8QWSfjdbLSEScmfv3q3SLdZqHAABodPt0RLzQbPyXxCMN5f6XrQ2VIuL/EbE3Ih6KiH0R8XBEreyjEfFYh/UvXSFZPv6pDq8psFVKx38vZ2tbi8d/+egvSgMNa0ilKBbOX6xMHc2OyZEobkvz423q+P7VX79ota9x/Jduaf35WDBrx5+DSybozpWL5W5ibnTn03orlsdfqK0LRLautz8iDnT4t7M1oaRdmZXjb2OwwwY1Uf064rn6+Z+LJfHnCi3XJ8dfOjlxYmx7VKaOjuVXxXI//3LzrVb1dxV/D9y5XY2dTa//+fhLhe0RM9euX6qt1850XsfN3z9v+Zlmbdf/bHmo8E4tPZQ99lF5dvbqeMRQ4Y3lj08sPDfP5+XT6//I4eb9f28sHInHI+JgRByKiCci4sms7U9FxNMRcbhN/D++8sz7ncffZla+h9L4z7U4/9kCfimNf+H8d54YuPTDt53Hn0vP//Fa6kj2SHr+V4prtQ3s8vABAADAAyGp3QNfSEbn00kyOlq/h39f7Ewq0zOzz5+f/vDKufq98qUoJvlM13DDfOh4Njec5yeW5I9l88ZfDuyo5UcnpyudzhUDvbWrRf9P/dHuCzzA1tCDdTTgAaX/Q//S/6F/6f/Qv/R/6F/N+v8nLUtvzI3JwMZY4f1/x0a1A9h4xv/Qv/R/6F/6P/Sllt+NT7r6yr/EJiW+G+rutxrSRGlVhSO5T0LeMoliNN01uOofs1hjYtvZ7MVg0a5NfmECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokf8CAAD//9OM3iE=")

2.719729215s ago: executing program 3 (id=949):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='tegra_dma_complete_cb\x00', r0}, 0x18)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f00000004c0)={0x9, 0x3ff, 0x200008})
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x0, 0x12, 0x10000, 0x1210, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x0, 0xa, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
ioctl$RTC_UIE_ON(r4, 0x7003)
ioctl$RTC_SET_TIME(r4, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4, 0x2, 0xc000})

2.625688516s ago: executing program 5 (id=950):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)

2.439218086s ago: executing program 4 (id=951):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000000), 0xc)
bind$qrtr(r2, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)

83.13174ms ago: executing program 3 (id=952):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x71, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

0s ago: executing program 7 (id=953):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmmsg$sock(r1, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)

kernel console output (not intermixed with test programs):

780][ T5165] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.243: couldn't read orphan inode 15 (err -117)
[  138.861560][ T5165] EXT4-fs (loop2): Remounting filesystem read-only
[  138.882062][ T5165] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  139.081724][ T5178] device batadv1 entered promiscuous mode
[  139.109106][ T5178] 8021q: adding VLAN 0 to HW filter on device batadv1
[  139.189466][    T7] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  139.214491][ T5182] netlink: 8 bytes leftover after parsing attributes in process `syz.4.246'.
[  139.372889][ T5188] loop3: detected capacity change from 0 to 128
[  139.388525][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.417141][    T7] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  139.453825][    T7] usb 3-1: New USB device found, idVendor=1949, idProduct=85a5, bcdDevice=a3.3a
[  139.506234][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.546661][    T7] usb 3-1: Product: syz
[  139.550888][    T7] usb 3-1: Manufacturer: syz
[  139.555735][ T5190] syz.5.249[5190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.555882][ T5190] syz.5.249[5190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.606650][    T7] usb 3-1: SerialNumber: syz
[  139.671885][   T26] audit: type=1800 audit(1733419895.296:150): pid=5191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.248" name="file0" dev="loop3" ino=1048641 res=0 errno=0
[  139.694106][ T5191] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  139.704343][ T5191] FAT-fs (loop3): Filesystem has been set read-only
[  139.711271][ T5191] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  139.721059][    T7] usb 3-1: config 0 descriptor??
[  139.721599][ T5191] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  139.739467][ T5191] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  139.764547][   T26] audit: type=1800 audit(1733419895.366:151): pid=5191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.248" name="file1" dev="loop3" ino=1048642 res=0 errno=0
[  139.863995][ T5193] loop4: detected capacity change from 0 to 512
[  139.930723][ T5193] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  139.949661][   T26] audit: type=1326 audit(1733419895.576:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  139.980483][ T5165] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  140.010219][ T5193] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.040398][ T5165] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  140.070031][   T26] audit: type=1326 audit(1733419895.576:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  140.127260][ T5165] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.243: Corrupt directory, running e2fsck is recommended
[  140.171168][   T26] audit: type=1326 audit(1733419895.576:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  140.372958][ T4295] usb 3-1: USB disconnect, device number 3
[  140.511803][ T5202] loop5: detected capacity change from 0 to 1024
[  140.522368][ T5202] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.744247][ T5202] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  141.069235][   T26] audit: type=1326 audit(1733419895.596:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  141.193404][ T5208] netlink: 8 bytes leftover after parsing attributes in process `syz.3.252'.
[  141.207378][   T26] audit: type=1326 audit(1733419895.596:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  141.229847][   T26] audit: type=1326 audit(1733419895.596:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd1c3781e37 code=0x7ffc0000
[  141.232801][ T4426] EXT4-fs (loop5): unmounting filesystem.
[  141.253384][   T26] audit: type=1326 audit(1733419895.596:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  141.277853][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  141.281094][   T26] audit: type=1326 audit(1733419895.596:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.2.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1c377ff19 code=0x7ffc0000
[  141.311504][ T5208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'.
[  141.322821][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  141.415973][ T5208] device wireguard2 entered promiscuous mode
[  141.631734][ T5220] netlink: 8 bytes leftover after parsing attributes in process `syz.5.255'.
[  141.656287][ T5220] netlink: 4 bytes leftover after parsing attributes in process `syz.5.255'.
[  141.734930][ T5220] device wireguard1 entered promiscuous mode
[  142.816118][ T5213] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  143.317872][ T5243] device batadv1 entered promiscuous mode
[  143.324548][ T5243] 8021q: adding VLAN 0 to HW filter on device batadv1
[  143.572958][ T5249] loop3: detected capacity change from 0 to 128
[  143.652279][ T5253] netlink: 3 bytes leftover after parsing attributes in process `syz.4.264'.
[  143.726800][ T5253] 0ªX¹¦À: renamed from caif0
[  143.835148][ T5253] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  143.927866][ T5255] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  143.938073][ T5255] FAT-fs (loop3): Filesystem has been set read-only
[  143.944869][ T5255] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  143.955111][ T5255] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  143.968185][ T5255] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  144.466318][ T5266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'.
[  144.475150][ T5266] netlink: 4 bytes leftover after parsing attributes in process `syz.2.268'.
[  144.655851][ T5266] device wireguard4 entered promiscuous mode
[  144.763480][ T5279] siw: device registration error -23
[  144.863085][ T5277] loop5: detected capacity change from 0 to 128
[  146.018285][ T5291] netlink: 132 bytes leftover after parsing attributes in process `syz.4.274'.
[  146.099949][ T5293] syz.5.275[5293] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.100073][ T5293] syz.5.275[5293] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.176689][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  146.176705][   T26] audit: type=1326 audit(1733419901.806:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.5.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  146.357086][ T5299] capability: warning: `syz.2.277' uses deprecated v2 capabilities in a way that may be insecure
[  146.386278][   T26] audit: type=1326 audit(1733419901.856:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.5.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  146.390043][ T5298] device batadv1 entered promiscuous mode
[  146.455829][ T5302] loop3: detected capacity change from 0 to 512
[  146.487864][   T26] audit: type=1326 audit(1733419901.856:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.5.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  146.542049][ T5298] 8021q: adding VLAN 0 to HW filter on device batadv1
[  146.617524][   T26] audit: type=1326 audit(1733419901.856:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.5.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  146.673719][ T5307] loop5: detected capacity change from 0 to 128
[  146.751453][ T5302] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  146.794280][   T26] audit: type=1326 audit(1733419901.856:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.5.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  146.892940][ T5302] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.110722][   T26] audit: type=1800 audit(1733419902.736:188): pid=5314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.279" name="file0" dev="loop5" ino=1048646 res=0 errno=0
[  147.132654][ T5314] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  147.143691][ T5314] FAT-fs (loop5): Filesystem has been set read-only
[  147.150645][ T5314] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  147.161506][ T5314] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  147.177297][ T5314] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  147.227399][   T26] audit: type=1800 audit(1733419902.796:189): pid=5314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.279" name="file1" dev="loop5" ino=1048647 res=0 errno=0
[  147.357237][ T5320] serio: Serial port pts0
[  147.402705][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  147.794137][ T5327] siw: device registration error -23
[  148.787066][ T5340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.288'.
[  148.826316][ T5340] netlink: 4 bytes leftover after parsing attributes in process `syz.5.288'.
[  148.909044][ T5342] loop4: detected capacity change from 0 to 1024
[  148.926378][ T5340] device wireguard2 entered promiscuous mode
[  148.967038][ T5342] EXT4-fs: Ignoring removed nobh option
[  148.972717][ T5342] EXT4-fs: Ignoring removed orlov option
[  149.145041][ T5342] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  149.343821][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  149.587985][ T4266] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  149.599826][ T4266] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  149.616554][ T4266] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  149.625695][ T4266] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  149.634344][ T4266] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  149.641876][ T4266] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  150.048049][ T5369] loop5: detected capacity change from 0 to 128
[  150.446743][ T5375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.296'.
[  150.552666][ T5375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.296'.
[  150.587637][ T5382] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  150.598146][ T5382] FAT-fs (loop5): Filesystem has been set read-only
[  150.605443][ T5382] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  150.615802][ T5382] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  150.635211][ T5382] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  150.976317][   T26] audit: type=1800 audit(1733419906.206:190): pid=5382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.295" name="file0" dev="loop5" ino=1048648 res=0 errno=0
[  151.048715][   T26] audit: type=1800 audit(1733419906.256:191): pid=5382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.295" name="file1" dev="loop5" ino=1048649 res=0 errno=0
[  151.500125][ T5363] chnl_net:caif_netlink_parms(): no params data found
[  151.726433][ T4257] Bluetooth: hci5: command 0x0409 tx timeout
[  151.851250][ T5404] xt_CT: You must specify a L4 protocol and not use inversions on it
[  152.001055][ T5363] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.026297][ T5363] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.034630][ T5363] device bridge_slave_0 entered promiscuous mode
[  152.130037][ T5363] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.186490][ T5363] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.190681][ T5409] loop3: detected capacity change from 0 to 1024
[  152.194899][ T5363] device bridge_slave_1 entered promiscuous mode
[  152.340232][ T5409] EXT4-fs (loop3): invalid first ino: 0
[  152.430821][ T5363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.487808][ T5363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.648342][ T5363] team0: Port device team_slave_0 added
[  152.704434][ T5418] netlink: 8 bytes leftover after parsing attributes in process `syz.2.306'.
[  152.759555][ T5418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.306'.
[  152.871398][ T5418] device wireguard5 entered promiscuous mode
[  152.908467][ T5363] team0: Port device team_slave_1 added
[  152.938738][ T5425] loop3: detected capacity change from 0 to 128
[  153.295022][ T5363] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.304259][ T5363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.375065][ T5430] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  153.386013][ T5430] FAT-fs (loop3): Filesystem has been set read-only
[  153.393631][ T5430] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  153.403998][ T5430] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  153.423076][ T5430] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  153.517061][   T26] audit: type=1800 audit(1733419908.996:192): pid=5430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.308" name="file0" dev="loop3" ino=1048650 res=0 errno=0
[  153.828837][ T4257] Bluetooth: hci5: command 0x041b tx timeout
[  153.916228][   T26] audit: type=1800 audit(1733419909.036:193): pid=5430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.308" name="file1" dev="loop3" ino=1048651 res=0 errno=0
[  153.981167][ T5363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.054215][ T5363] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.096220][ T5363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.255927][ T5363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.430827][ T5437] netlink: 8 bytes leftover after parsing attributes in process `syz.5.310'.
[  154.523621][ T5437] netlink: 4 bytes leftover after parsing attributes in process `syz.5.310'.
[  154.624955][ T5437] device wireguard3 entered promiscuous mode
[  154.828758][ T5363] device hsr_slave_0 entered promiscuous mode
[  154.859387][ T5363] device hsr_slave_1 entered promiscuous mode
[  154.891924][ T5363] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.914562][ T5363] Cannot create hsr debugfs directory
[  155.314320][ T5462] loop4: detected capacity change from 0 to 1024
[  155.324213][ T5462] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.966283][ T4257] Bluetooth: hci5: command 0x040f tx timeout
[  155.997164][ T5462] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  156.040722][ T5468] serio: Serial port pts0
[  156.311032][ T5472] loop3: detected capacity change from 0 to 128
[  156.317525][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  156.749876][ T5481] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  156.760117][ T5481] FAT-fs (loop3): Filesystem has been set read-only
[  156.767665][ T5481] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  156.778186][ T5481] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  156.797499][ T5481] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  156.858247][   T26] audit: type=1800 audit(1733419912.366:194): pid=5481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.319" name="file0" dev="loop3" ino=1048652 res=0 errno=0
[  157.265168][   T26] audit: type=1800 audit(1733419912.416:195): pid=5481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.319" name="file1" dev="loop3" ino=1048653 res=0 errno=0
[  157.798070][ T5363] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  157.867343][ T5363] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  157.910009][ T5363] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  157.970349][ T5363] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  158.043382][ T4257] Bluetooth: hci5: command 0x0419 tx timeout
[  158.641962][ T5505] netlink: 8 bytes leftover after parsing attributes in process `syz.5.326'.
[  158.650990][ T5505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.326'.
[  158.749081][ T5505] device wireguard4 entered promiscuous mode
[  158.771410][ T5363] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.787343][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.799428][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.962778][ T5363] 8021q: adding VLAN 0 to HW filter on device team0
[  159.032892][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  159.077034][ T5519] loop4: detected capacity change from 0 to 128
[  159.082301][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  159.311670][ T5523] loop2: detected capacity change from 0 to 1024
[  159.318992][ T5523] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.513752][ T5525] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  159.524112][ T5525] FAT-fs (loop4): Filesystem has been set read-only
[  159.531674][ T5525] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  159.542036][ T5525] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  159.561732][ T5525] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  160.025252][   T26] audit: type=1800 audit(1733419915.136:196): pid=5525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.330" name="file0" dev="loop4" ino=1048654 res=0 errno=0
[  160.406023][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.413232][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.550378][ T5521] serio: Serial port pts0
[  160.678591][   T26] audit: type=1800 audit(1733419915.176:197): pid=5525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.330" name="file1" dev="loop4" ino=1048655 res=0 errno=0
[  160.705232][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  160.714997][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  160.731105][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  160.767105][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.774427][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.815654][ T5523] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  160.825604][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  160.841551][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  160.909787][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  160.980246][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  161.038225][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  161.127524][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  161.142490][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  161.189368][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  161.200889][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  161.245898][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  161.301590][ T5363] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  161.368182][ T5363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  161.423880][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  161.438432][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  161.687106][   T26] audit: type=1326 audit(1733419917.316:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  161.814324][   T26] audit: type=1326 audit(1733419917.316:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  161.916390][   T26] audit: type=1326 audit(1733419917.316:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  162.012714][   T26] audit: type=1326 audit(1733419917.316:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  162.148450][   T26] audit: type=1326 audit(1733419917.316:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  162.279505][ T5568] loop2: detected capacity change from 0 to 128
[  162.306752][ T5567] serio: Serial port pts0
[  162.385983][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  162.784959][ T5576] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  162.795166][ T5576] FAT-fs (loop2): Filesystem has been set read-only
[  162.802208][ T5576] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  162.813284][ T5576] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  162.825034][ T5576] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  162.894180][   T26] audit: type=1800 audit(1733419918.406:203): pid=5576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.341" name="file0" dev="loop2" ino=1048656 res=0 errno=0
[  163.140608][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  163.266225][   T26] audit: type=1800 audit(1733419918.446:204): pid=5576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.341" name="file1" dev="loop2" ino=1048657 res=0 errno=0
[  163.543024][ T5363] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.978102][ T5586] loop3: detected capacity change from 0 to 1024
[  163.987977][ T5586] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.353628][ T5586] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  164.809396][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  165.048815][ T5571] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  165.403662][ T5613] loop4: detected capacity change from 0 to 764
[  165.524170][ T4243] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  165.736815][ T5618] serio: Serial port pts0
[  165.859950][ T5622] loop4: detected capacity change from 0 to 128
[  165.934701][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  165.944674][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  166.020297][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  166.043301][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  166.068503][ T5363] device veth0_vlan entered promiscuous mode
[  166.100361][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  166.140925][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  166.205521][ T5363] device veth1_vlan entered promiscuous mode
[  166.285014][ T5630] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  166.296066][ T5630] FAT-fs (loop4): Filesystem has been set read-only
[  166.303725][ T5630] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  166.314145][ T5630] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  166.334259][ T5630] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  166.393042][   T26] audit: type=1800 audit(1733419921.906:205): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.354" name="file0" dev="loop4" ino=1048658 res=0 errno=0
[  166.903091][   T26] audit: type=1800 audit(1733419921.946:206): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.354" name="file1" dev="loop4" ino=1048659 res=0 errno=0
[  166.966499][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  167.029453][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  167.081778][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  167.123244][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  167.178037][ T5363] device veth0_macvtap entered promiscuous mode
[  167.397097][ T5363] device veth1_macvtap entered promiscuous mode
[  167.404741][ T5646] loop3: detected capacity change from 0 to 128
[  167.439752][ T5641] netlink: 8 bytes leftover after parsing attributes in process `syz.5.357'.
[  167.656479][ T5647] loop4: detected capacity change from 0 to 1024
[  167.663728][ T5647] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.766489][ T5649] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  167.776728][ T5649] FAT-fs (loop3): Filesystem has been set read-only
[  167.784211][ T5649] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  167.794531][ T5649] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  167.813801][ T5649] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  168.461946][   T26] audit: type=1800 audit(1733419923.386:207): pid=5649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.359" name="file0" dev="loop3" ino=1048660 res=0 errno=0
[  168.595304][ T5641] netlink: 4 bytes leftover after parsing attributes in process `syz.5.357'.
[  168.884740][ T5647] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  169.016145][    C0] sched: RT throttling activated
[  169.017016][   T26] audit: type=1800 audit(1733419923.426:208): pid=5649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.359" name="file1" dev="loop3" ino=1048661 res=0 errno=0
[  169.163066][ T5641] device wireguard5 entered promiscuous mode
[  169.224628][ T5656] mmap: syz.3.360 (5656) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  169.337082][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  169.487856][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  169.558227][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.596221][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.606084][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.646214][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.656077][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.692704][   T26] audit: type=1326 audit(1733419925.316:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  169.738663][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.766202][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.778604][   T26] audit: type=1326 audit(1733419925.346:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  169.816196][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.826072][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.845845][   T26] audit: type=1326 audit(1733419925.346:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  169.888290][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.907987][ T5363] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.936642][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  169.952260][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  169.960856][   T26] audit: type=1326 audit(1733419925.346:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  169.999906][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.029759][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.041297][   T26] audit: type=1326 audit(1733419925.346:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  170.074032][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.101928][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.117095][   T26] audit: type=1326 audit(1733419925.346:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5660 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  170.146207][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.166232][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.191557][ T5668] netlink: 32 bytes leftover after parsing attributes in process `syz.3.364'.
[  170.196479][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.231338][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.266277][ T5363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.289861][ T5363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.321823][ T5363] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.351453][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  170.360329][ T5668] loop3: detected capacity change from 0 to 512
[  170.364341][ T5670] loop4: detected capacity change from 0 to 128
[  170.377369][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.409256][ T5668] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  170.431721][ T5668] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.457063][ T5363] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.554462][ T5363] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.584805][ T5363] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.647251][ T5363] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.693891][ T5668] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.364: corrupted inode contents
[  170.799600][ T5675] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  170.809903][ T5675] FAT-fs (loop4): Filesystem has been set read-only
[  170.817593][ T5675] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  170.828000][ T5675] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  170.848778][ T5675] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  171.053378][ T5668] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.364: mark_inode_dirty error
[  171.317947][ T5668] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.364: corrupted inode contents
[  171.381527][ T5668] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.364: mark_inode_dirty error
[  171.608695][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  171.809194][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.839185][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.907989][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  171.994652][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.017103][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.071494][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  172.667241][ T5693] loop4: detected capacity change from 0 to 1024
[  172.676963][ T5693] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.227134][ T5691] loop6: detected capacity change from 0 to 128
[  173.358244][ T5693] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  173.454390][ T5699] syz.3.373 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  173.627520][ T5701] loop3: detected capacity change from 0 to 128
[  173.640587][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  173.974030][ T5706] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  173.985040][ T5706] FAT-fs (loop3): Filesystem has been set read-only
[  173.992755][ T5706] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  174.003148][ T5706] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  174.023697][ T5706] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  174.067876][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  174.067982][   T26] audit: type=1800 audit(1733419929.596:225): pid=5706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.376" name="file0" dev="loop3" ino=1048668 res=0 errno=0
[  174.410179][   T26] audit: type=1800 audit(1733419929.636:226): pid=5706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.376" name="file1" dev="loop3" ino=1048669 res=0 errno=0
[  175.224865][ T5726] loop3: detected capacity change from 0 to 128
[  175.626344][ T5732] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  175.636605][ T5732] FAT-fs (loop3): Filesystem has been set read-only
[  175.644106][ T5732] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  175.654475][ T5732] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  175.679867][ T5732] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  175.742014][   T26] audit: type=1800 audit(1733419931.246:227): pid=5732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.383" name="file0" dev="loop3" ino=1048670 res=0 errno=0
[  176.156283][   T26] audit: type=1800 audit(1733419931.296:228): pid=5732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.383" name="file1" dev="loop3" ino=1048671 res=0 errno=0
[  176.603782][ T5741] loop5: detected capacity change from 0 to 1024
[  176.613542][ T5741] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.936069][ T5741] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  177.204499][ T5746] loop3: detected capacity change from 0 to 128
[  177.259062][ T5749] loop6: detected capacity change from 0 to 128
[  177.351637][ T4426] EXT4-fs (loop5): unmounting filesystem.
[  177.795830][ T5753] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  177.806194][ T5753] FAT-fs (loop6): Filesystem has been set read-only
[  177.813935][ T5753] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  177.824425][ T5753] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  177.843488][ T5753] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  177.946580][   T26] audit: type=1800 audit(1733419933.416:229): pid=5753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.388" name="file0" dev="loop6" ino=1048673 res=0 errno=0
[  178.216315][   T26] audit: type=1800 audit(1733419933.466:230): pid=5753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.388" name="file1" dev="loop6" ino=1048674 res=0 errno=0
[  178.694174][ T5767] loop3: detected capacity change from 0 to 512
[  178.737476][ T5767] EXT4-fs: Ignoring removed bh option
[  178.773056][ T5767] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  178.870780][ T5767] EXT4-fs (loop3): 1 truncate cleaned up
[  178.886943][ T5772] loop4: detected capacity change from 0 to 128
[  178.913246][ T5767] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  179.089199][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  179.330642][ T5778] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  179.340932][ T5778] FAT-fs (loop4): Filesystem has been set read-only
[  179.348898][ T5778] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  179.359515][ T5778] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  179.378550][ T5778] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  179.441354][   T26] audit: type=1800 audit(1733419934.946:231): pid=5778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.397" name="file0" dev="loop4" ino=1048675 res=0 errno=0
[  179.856334][   T26] audit: type=1800 audit(1733419934.996:232): pid=5778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.397" name="file1" dev="loop4" ino=1048676 res=0 errno=0
[  179.985679][ T5781] loop6: detected capacity change from 0 to 128
[  180.392314][ T5789] loop3: detected capacity change from 0 to 1024
[  180.402664][ T5789] EXT4-fs: Ignoring removed mblk_io_submit option
[  181.279598][ T5789] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  181.564555][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  181.970855][ T5806] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  182.491531][ T5821] loop3: detected capacity change from 0 to 128
[  182.697286][ T4266] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  182.711938][ T4266] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  182.720506][ T4266] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  182.818197][ T4266] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  182.827409][ T4266] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  182.834840][ T4266] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  183.093082][ T5830] loop5: detected capacity change from 0 to 1024
[  183.103044][ T5830] EXT4-fs: Ignoring removed mblk_io_submit option
[  183.352051][ T5830] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  183.791486][ T4426] EXT4-fs (loop5): unmounting filesystem.
[  183.957668][ T5840] loop6: detected capacity change from 0 to 164
[  184.487772][ T5823] chnl_net:caif_netlink_parms(): no params data found
[  184.549731][ T5857] loop4: detected capacity change from 0 to 128
[  184.916534][ T4266] Bluetooth: hci6: command 0x0409 tx timeout
[  185.022089][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.091879][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.158532][ T5823] device bridge_slave_0 entered promiscuous mode
[  185.229632][ T5871] loop3: detected capacity change from 0 to 1024
[  185.239378][ T5871] EXT4-fs: Ignoring removed mblk_io_submit option
[  185.512576][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.560525][ T5871] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  185.836327][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.855596][ T5823] device bridge_slave_1 entered promiscuous mode
[  186.025347][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  186.111725][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.175973][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.339970][ T5823] team0: Port device team_slave_0 added
[  186.379982][ T5823] team0: Port device team_slave_1 added
[  186.548946][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.586640][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.653867][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.693578][ T5890] netlink: 'syz.6.440': attribute type 1 has an invalid length.
[  186.752065][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.759735][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.893993][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.005489][ T4266] Bluetooth: hci6: command 0x041b tx timeout
[  187.080329][ T5896] loop3: detected capacity change from 0 to 128
[  187.119862][ T5823] device hsr_slave_0 entered promiscuous mode
[  187.342231][ T5823] device hsr_slave_1 entered promiscuous mode
[  187.379910][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.512661][ T5904] loop4: detected capacity change from 0 to 1024
[  187.522236][ T5904] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.554743][ T5823] Cannot create hsr debugfs directory
[  187.874860][ T5904] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  188.231026][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  188.476685][ T5915] bridge0: port 4(vlan2) entered blocking state
[  188.483165][ T5915] bridge0: port 4(vlan2) entered disabled state
[  188.835978][ T5926] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  188.902399][ T5823] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  188.957630][ T5823] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  188.988914][ T5927] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  189.067119][ T5823] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  189.078190][ T4266] Bluetooth: hci6: command 0x040f tx timeout
[  189.096579][ T5823] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  189.318266][ T5929] device batadv1 entered promiscuous mode
[  189.328400][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv1
[  189.484612][ T5936] loop5: detected capacity change from 0 to 1024
[  189.494595][ T5936] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.702130][ T5936] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  190.133118][ T5161] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  190.188099][ T5940] netlink: 8 bytes leftover after parsing attributes in process `syz.3.459'.
[  190.220917][ T5944] loop4: detected capacity change from 0 to 128
[  190.235032][ T5940] netlink: 4 bytes leftover after parsing attributes in process `syz.3.459'.
[  190.273881][ T4426] EXT4-fs (loop5): unmounting filesystem.
[  190.357729][ T5940] device wireguard3 entered promiscuous mode
[  190.767066][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.830609][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  190.859573][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  190.928161][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[  190.986552][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  190.997732][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.027068][ T4362] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.034229][ T4362] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.104708][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  191.154783][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  191.164011][ T4266] Bluetooth: hci6: command 0x0419 tx timeout
[  191.182290][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  191.206824][ T4362] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.214037][ T4362] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.243649][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  191.290558][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  191.329680][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  191.369202][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  191.437297][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  191.459698][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  191.502394][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  191.531978][ T5964] serio: Serial port pts0
[  191.540205][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  191.586692][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  191.627937][ T5823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  191.703502][ T5823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  191.748697][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  191.767160][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  192.160266][ T5975] device batadv1 entered promiscuous mode
[  192.241384][ T5975] 8021q: adding VLAN 0 to HW filter on device batadv1
[  192.387875][ T5981] loop5: detected capacity change from 0 to 128
[  192.634082][ T4539] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  192.643990][ T4539] batman_adv: batadv1: adding TT local entry 01:00:5e:00:00:01 to non-existent VLAN -1
[  193.042679][ T5988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.476'.
[  193.083371][ T5988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.476'.
[  193.217150][ T5988] device wireguard1 entered promiscuous mode
[  193.434422][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  193.466576][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  193.516453][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.626082][ T6001] syz.6.480[6001] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.626274][ T6001] syz.6.480[6001] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.200712][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.218870][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.411499][ T6023] loop5: detected capacity change from 0 to 128
[  194.533303][ T6022] syz.5.487: attempt to access beyond end of device
[  194.533303][ T6022] loop5: rw=2049, sector=145, nr_sectors = 3 limit=128
[  194.828001][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  194.859023][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  194.916579][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  194.935030][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  194.997409][ T5823] device veth0_vlan entered promiscuous mode
[  195.032972][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  195.048980][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  195.099711][ T5823] device veth1_vlan entered promiscuous mode
[  195.217795][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  195.233285][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  195.282615][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  195.301371][ T6037] loop3: detected capacity change from 0 to 1024
[  195.337167][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  195.378183][ T5823] device veth0_macvtap entered promiscuous mode
[  195.399312][ T5823] device veth1_macvtap entered promiscuous mode
[  195.518220][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.585847][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.626514][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.683311][ T6037] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  195.715129][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.781734][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.815613][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.854189][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.901873][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.948645][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.979374][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.014479][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.055645][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.094186][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.126060][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  196.152220][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.213171][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.276562][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.316237][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.360894][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.399811][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.430922][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.465427][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.499351][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.624990][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.684326][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.715078][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.727145][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.749603][ T5823] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.758710][ T5823] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.767904][ T5823] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.856636][ T5823] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.874703][ T6059] netlink: 8 bytes leftover after parsing attributes in process `syz.3.499'.
[  197.436417][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  197.527865][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  197.575944][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  197.665833][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  197.707022][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  197.739789][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  198.025105][ T4275] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.055428][ T4275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.114322][ T4362] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.121534][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  198.155190][ T4362] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.189521][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  198.544951][ T6076] loop7: detected capacity change from 0 to 512
[  198.690821][ T6076] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  198.721413][ T6076] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.110267][ T5823] EXT4-fs (loop7): unmounting filesystem.
[  199.488370][ T6099] siw: device registration error -23
[  200.327712][ T6103] loop6: detected capacity change from 0 to 256
[  200.389165][ T6103] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  200.449856][ T6103] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  200.526643][ T6103] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  200.568136][   T26] audit: type=1800 audit(1733419956.196:233): pid=6103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.516" name="file1" dev="loop6" ino=1048687 res=0 errno=0
[  200.747263][   T26] audit: type=1326 audit(1733419956.376:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  200.856257][   T26] audit: type=1326 audit(1733419956.426:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  200.976313][   T26] audit: type=1326 audit(1733419956.426:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  201.100347][   T26] audit: type=1326 audit(1733419956.426:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  201.208628][   T26] audit: type=1326 audit(1733419956.426:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  201.325501][   T26] audit: type=1326 audit(1733419956.426:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  201.406343][   T48] Bluetooth: hci2: command 0x0406 tx timeout
[  201.413461][   T48] Bluetooth: hci0: command 0x0406 tx timeout
[  201.421403][   T48] Bluetooth: hci3: command 0x0406 tx timeout
[  201.425663][ T4266] Bluetooth: hci4: command 0x0406 tx timeout
[  201.567714][   T26] audit: type=1326 audit(1733419956.426:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  201.641694][ T6133] siw: device registration error -23
[  202.319820][   T26] audit: type=1326 audit(1733419956.426:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  202.344254][   T26] audit: type=1326 audit(1733419956.426:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.7.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90cb7ff19 code=0x7ffc0000
[  202.618451][ T6139] loop7: detected capacity change from 0 to 764
[  203.052785][ T6152] delete_channel: no stack
[  203.126897][ T6152] delete_channel: no stack
[  203.765216][ T6164] device geneve2 entered promiscuous mode
[  203.951395][ T6172] siw: device registration error -23
[  206.307409][ T6186] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  206.401306][ T6186] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  206.416482][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.551'.
[  206.504844][ T6197] loop5: detected capacity change from 0 to 128
[  206.598865][ T6197] syz.5.554: attempt to access beyond end of device
[  206.598865][ T6197] loop5: rw=2049, sector=145, nr_sectors = 3 limit=128
[  208.263523][ T6220] syz.4.563[6220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.263639][ T6220] syz.4.563[6220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.703870][ T6205] loop3: detected capacity change from 0 to 1024
[  208.776823][ T6205] EXT4-fs: Ignoring removed oldalloc option
[  208.918184][ T6205] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  208.957890][ T6205] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  209.125274][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  209.125292][   T26] audit: type=1800 audit(1733419964.746:249): pid=6205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.558" name="bus" dev="loop3" ino=18 res=0 errno=0
[  209.972719][ T6243] device batadv1 entered promiscuous mode
[  210.076808][ T6243] 8021q: adding VLAN 0 to HW filter on device batadv1
[  210.315640][ T6251] netlink: 8 bytes leftover after parsing attributes in process `syz.7.572'.
[  210.406382][ T6251] netlink: 4 bytes leftover after parsing attributes in process `syz.7.572'.
[  210.425335][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  210.649796][ T6251] device wireguard0 entered promiscuous mode
[  211.468040][ T6264] netlink: 96 bytes leftover after parsing attributes in process `syz.4.578'.
[  211.514596][ T6264] netlink: 8 bytes leftover after parsing attributes in process `syz.4.578'.
[  211.565362][ T6264] netlink: 32 bytes leftover after parsing attributes in process `syz.4.578'.
[  211.599222][ T6264] netlink: 32 bytes leftover after parsing attributes in process `syz.4.578'.
[  211.932278][ T6274] netlink: 260 bytes leftover after parsing attributes in process `syz.3.581'.
[  211.977826][ T6279] syz.4.584[6279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  211.977936][ T6279] syz.4.584[6279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  211.995645][   T26] audit: type=1326 audit(1733419967.616:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  212.774911][   T26] audit: type=1326 audit(1733419967.676:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  213.046237][   T26] audit: type=1326 audit(1733419967.686:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6277 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  214.258172][ T6297] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.266835][ T6297] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.289649][ T6299] loop4: detected capacity change from 0 to 128
[  214.597624][ T6301] device batadv1 entered promiscuous mode
[  214.640852][ T6301] 8021q: adding VLAN 0 to HW filter on device batadv1
[  214.707611][ T6310] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.717964][ T6310] FAT-fs (loop4): Filesystem has been set read-only
[  214.726632][ T6310] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.736963][ T6310] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.756294][ T6310] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  214.822943][   T26] audit: type=1800 audit(1733419970.326:253): pid=6310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.591" name="file0" dev="loop4" ino=1048689 res=0 errno=0
[  215.269843][ T4539] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  215.336237][   T26] audit: type=1800 audit(1733419970.376:254): pid=6310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.591" name="file1" dev="loop4" ino=1048690 res=0 errno=0
[  215.645481][ T6314] IPv6: Can't replace route, no match found
[  216.894833][ T6331] siw: device registration error -23
[  216.916619][ T4266] Bluetooth: hci1: command 0x0406 tx timeout
[  216.944628][ T6334] netlink: 8 bytes leftover after parsing attributes in process `syz.5.604'.
[  217.026259][ T6334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.604'.
[  217.076664][ T6334] device wireguard6 entered promiscuous mode
[  217.093947][ T6335] IPv6: NLM_F_CREATE should be specified when creating new route
[  217.196042][ T6339] loop4: detected capacity change from 0 to 128
[  217.604420][ T6345] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  217.614676][ T6345] FAT-fs (loop4): Filesystem has been set read-only
[  217.623243][ T6345] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  217.633730][ T6345] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  217.665695][ T6345] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  217.781502][   T26] audit: type=1800 audit(1733419973.216:255): pid=6345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.605" name="file0" dev="loop4" ino=1048691 res=0 errno=0
[  218.239786][   T26] audit: type=1800 audit(1733419973.266:256): pid=6345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.605" name="file1" dev="loop4" ino=1048692 res=0 errno=0
[  218.593812][   T26] audit: type=1326 audit(1733419974.216:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  218.644734][ T6353] device batadv1 entered promiscuous mode
[  218.683030][ T6353] 8021q: adding VLAN 0 to HW filter on device batadv1
[  218.692128][   T26] audit: type=1326 audit(1733419974.216:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  218.751914][   T26] audit: type=1326 audit(1733419974.216:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  218.858261][   T26] audit: type=1326 audit(1733419974.216:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  218.933878][   T26] audit: type=1326 audit(1733419974.216:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  219.033842][   T26] audit: type=1326 audit(1733419974.216:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.3.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  220.185952][ T6375] loop4: detected capacity change from 0 to 128
[  220.421669][ T6379] siw: device registration error -23
[  220.605410][ T6384] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  220.615680][ T6384] FAT-fs (loop4): Filesystem has been set read-only
[  220.624394][ T6384] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  220.634903][ T6384] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  220.667417][ T6384] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  220.807151][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  220.813722][   T26] audit: type=1800 audit(1733419976.216:273): pid=6384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.619" name="file0" dev="loop4" ino=1048693 res=0 errno=0
[  221.337654][ T6383] loop5: detected capacity change from 0 to 128
[  221.415455][   T26] audit: type=1800 audit(1733419976.266:274): pid=6384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.619" name="file1" dev="loop4" ino=1048694 res=0 errno=0
[  221.717273][ T6394] netlink: 8 bytes leftover after parsing attributes in process `syz.6.624'.
[  221.749824][ T6394] netlink: 4 bytes leftover after parsing attributes in process `syz.6.624'.
[  221.878996][ T6394] device wireguard0 entered promiscuous mode
[  223.093025][   T26] audit: type=1326 audit(1733419978.716:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.4.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  223.485826][   T26] audit: type=1326 audit(1733419978.716:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.4.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  223.714895][   T26] audit: type=1326 audit(1733419978.716:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.4.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  223.761054][   T26] audit: type=1326 audit(1733419978.716:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.4.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  223.864888][   T26] audit: type=1326 audit(1733419978.716:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.4.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b75d7ff19 code=0x7ffc0000
[  224.259033][ T6435] netlink: 8 bytes leftover after parsing attributes in process `syz.6.638'.
[  224.278953][ T6435] netlink: 4 bytes leftover after parsing attributes in process `syz.6.638'.
[  224.320065][ T6435] device wireguard1 entered promiscuous mode
[  224.644444][ T6441] loop3: detected capacity change from 0 to 512
[  224.697149][ T6441] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  224.796485][ T6441] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  224.851530][ T6443] loop5: detected capacity change from 0 to 128
[  224.893617][ T6441] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  225.006783][ T6441] EXT4-fs (loop3): 1 truncate cleaned up
[  225.012764][ T6441] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  225.025621][ T6446] device batadv1 entered promiscuous mode
[  225.062648][ T6446] 8021q: adding VLAN 0 to HW filter on device batadv1
[  225.138874][ T6443] syz.5.640: attempt to access beyond end of device
[  225.138874][ T6443] loop5: rw=2049, sector=145, nr_sectors = 3 limit=128
[  225.179571][ T6451] loop7: detected capacity change from 0 to 1024
[  225.242642][ T6451] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  225.381301][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  225.786356][ T5823] EXT4-fs (loop7): unmounting filesystem.
[  226.872899][ T6468] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  227.026476][ T6474] siw: device registration error -23
[  227.440533][ T6482] loop6: detected capacity change from 0 to 512
[  227.500665][ T6482] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  227.620269][ T6482] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  227.720915][ T6482] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.889897][ T6499] loop4: detected capacity change from 0 to 128
[  228.264086][ T6482] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  228.312018][ T6503] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  228.322326][ T6503] FAT-fs (loop4): Filesystem has been set read-only
[  228.329933][ T6503] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  228.340253][ T6503] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  228.360396][ T6503] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  228.816374][   T26] audit: type=1800 audit(1733419983.926:280): pid=6503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.659" name="file0" dev="loop4" ino=1048697 res=0 errno=0
[  228.888317][   T26] audit: type=1800 audit(1733419983.976:281): pid=6503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.659" name="file1" dev="loop4" ino=1048698 res=0 errno=0
[  229.074823][ T6509] loop7: detected capacity change from 0 to 128
[  229.113870][ T6512] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  229.134300][ T6509] syz.7.661: attempt to access beyond end of device
[  229.134300][ T6509] loop7: rw=2049, sector=145, nr_sectors = 3 limit=128
[  229.218595][ T5363] EXT4-fs (loop6): unmounting filesystem.
[  229.728566][ T6526] netlink: 24 bytes leftover after parsing attributes in process `syz.3.668'.
[  230.451049][ T6531] ebtables: ebtables: counters copy to user failed while replacing table
[  231.039136][ T6551] loop6: detected capacity change from 0 to 2048
[  231.228937][   T26] audit: type=1326 audit(1733419986.856:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  231.352649][   T26] audit: type=1326 audit(1733419986.856:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  231.380532][ T6551]  loop6: p1 < > p4
[  231.491553][   T26] audit: type=1326 audit(1733419986.886:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  231.560758][ T6551] loop6: p4 size 8388608 extends beyond EOD, truncated
[  231.669946][ T6570] device batadv1 entered promiscuous mode
[  231.676619][   T26] audit: type=1326 audit(1733419986.886:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  231.719414][ T6570] 8021q: adding VLAN 0 to HW filter on device batadv1
[  231.832448][ T3622]  loop6: p1 < > p4
[  231.838856][ T3622] loop6: p4 size 8388608 extends beyond EOD, truncated
[  231.848924][   T26] audit: type=1326 audit(1733419986.886:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  231.996208][   T26] audit: type=1326 audit(1733419986.886:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  232.146032][   T26] audit: type=1326 audit(1733419986.946:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  232.295643][   T26] audit: type=1326 audit(1733419986.946:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.5.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  232.751575][ T6590] loop6: detected capacity change from 0 to 512
[  232.896677][ T6590] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  232.955894][ T6585] loop4: detected capacity change from 0 to 8192
[  233.187901][ T6590] EXT4-fs (loop6): 1 truncate cleaned up
[  233.193613][ T6590] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  233.339826][ T6603] loop3: detected capacity change from 0 to 128
[  233.723009][ T6611] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  233.733257][ T6611] FAT-fs (loop3): Filesystem has been set read-only
[  233.740699][ T6611] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  233.751068][ T6611] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  233.769938][ T6611] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  234.397491][ T6615] loop5: detected capacity change from 0 to 2048
[  234.582699][ T6615]  loop5: p1 < > p4
[  234.635148][ T6615] loop5: p4 size 8388608 extends beyond EOD, truncated
[  234.642660][ T5363] EXT4-fs (loop6): unmounting filesystem.
[  234.649376][ T6623] loop3: detected capacity change from 0 to 128
[  235.055625][ T6633] syz.3.697: attempt to access beyond end of device
[  235.055625][ T6633] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  235.068838][ T6623] syz.3.697: attempt to access beyond end of device
[  235.068838][ T6623] loop3: rw=2049, sector=129, nr_sectors = 912 limit=128
[  235.119936][ T6633] syz.3.697: attempt to access beyond end of device
[  235.119936][ T6633] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  235.220749][   T26] kauditd_printk_skb: 39 callbacks suppressed
[  235.220767][   T26] audit: type=1326 audit(1733419990.846:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  235.305729][   T26] audit: type=1326 audit(1733419990.896:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  235.367551][ T6643] device batadv1 entered promiscuous mode
[  235.416572][ T6643] 8021q: adding VLAN 0 to HW filter on device batadv1
[  235.446388][   T26] audit: type=1326 audit(1733419990.906:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  235.589676][   T26] audit: type=1326 audit(1733419990.906:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  235.682450][   T26] audit: type=1326 audit(1733419990.966:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  235.806496][   T26] audit: type=1326 audit(1733419990.966:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.5.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  236.286086][ T6670] serio: Serial port pts0
[  237.876738][   T26] audit: type=1326 audit(1733419993.506:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.6.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  237.976361][   T26] audit: type=1326 audit(1733419993.526:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.6.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  238.067536][ T6713] loop5: detected capacity change from 0 to 512
[  238.080355][   T26] audit: type=1326 audit(1733419993.526:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.6.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  238.146947][ T6713] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  238.199005][   T26] audit: type=1326 audit(1733419993.526:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.6.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  238.207502][ T6713] EXT4-fs (loop5): too many log groups per flexible block group
[  238.246511][ T6713] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  238.271823][ T6713] EXT4-fs (loop5): mount failed
[  238.659266][ T6733] serio: Serial port pts0
[  240.292157][ T6786] syz.5.751[6786] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.293435][ T6786] syz.5.751[6786] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.389767][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  240.389784][   T26] audit: type=1326 audit(1733419996.016:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  240.559819][   T26] audit: type=1326 audit(1733419996.016:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  240.607808][ T6759] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  240.686287][   T26] audit: type=1326 audit(1733419996.016:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  240.793663][ T6800] serio: Serial port pts0
[  240.798213][   T26] audit: type=1326 audit(1733419996.016:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  240.826472][ T6797] loop7: detected capacity change from 0 to 2048
[  240.886917][ T6797]  loop7: p1 < > p4
[  240.896463][ T6797] loop7: p4 size 8388608 extends beyond EOD, truncated
[  240.902140][   T26] audit: type=1326 audit(1733419996.016:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.011570][   T26] audit: type=1326 audit(1733419996.016:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.135436][   T26] audit: type=1326 audit(1733419996.016:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.273050][   T26] audit: type=1326 audit(1733419996.016:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.369316][ T6811] loop7: detected capacity change from 0 to 128
[  241.376244][   T26] audit: type=1326 audit(1733419996.016:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.414424][ T6813] loop6: detected capacity change from 0 to 128
[  241.448452][ T6813] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  241.534792][ T6813] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  241.595022][   T26] audit: type=1326 audit(1733419996.016:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6787 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  241.758753][ T6820] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  241.769076][ T6820] FAT-fs (loop7): Filesystem has been set read-only
[  241.776329][ T6820] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  241.786667][ T6820] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  241.806014][ T6820] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  242.583730][ T6829] loop7: detected capacity change from 0 to 128
[  242.703343][ T6829] syz.7.766: attempt to access beyond end of device
[  242.703343][ T6829] loop7: rw=2049, sector=145, nr_sectors = 3 limit=128
[  243.048110][ T6836] loop3: detected capacity change from 0 to 8192
[  243.126554][ T4316] kworker/u4:6: attempt to access beyond end of device
[  243.126554][ T4316] loop7: rw=1, sector=148, nr_sectors = 1 limit=128
[  243.155725][ T6836]  loop3: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 
[  243.164924][ T4316] Buffer I/O error on dev loop7, logical block 148, lost async page write
[  243.165094][ T6836] loop3: p2 size 591360 extends beyond EOD, truncated
[  243.567684][ T4316] kworker/u4:6: attempt to access beyond end of device
[  243.567684][ T4316] loop7: rw=1, sector=149, nr_sectors = 1 limit=128
[  243.573739][ T6836] loop3: p4 size 81920 extends beyond EOD, 
[  243.581720][ T4316] Buffer I/O error on dev loop7, logical block 149, lost async page write
[  243.596410][ T4316] kworker/u4:6: attempt to access beyond end of device
[  243.596410][ T4316] loop7: rw=1, sector=150, nr_sectors = 1 limit=128
[  243.610355][ T4316] Buffer I/O error on dev loop7, logical block 150, lost async page write
[  243.626188][ T4316] kworker/u4:6: attempt to access beyond end of device
[  243.626188][ T4316] loop7: rw=1, sector=151, nr_sectors = 1 limit=128
[  243.640814][ T6836] truncated
[  243.647922][ T6836] loop3: p5 size 591360 extends beyond EOD, truncated
[  243.770264][ T6857] loop5: detected capacity change from 0 to 1024
[  243.779759][ T6857] EXT4-fs: Ignoring removed mblk_io_submit option
[  243.828779][ T6836] loop3: p6 size 81920 extends beyond EOD, truncated
[  244.008667][ T4316] Buffer I/O error on dev loop7, logical block 151, lost async page write
[  244.039519][ T6857] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  244.297439][ T6836] loop3: p7 size 591360 extends beyond EOD, truncated
[  244.336352][ T4316] kworker/u4:6: attempt to access beyond end of device
[  244.336352][ T4316] loop7: rw=1, sector=152, nr_sectors = 1 limit=128
[  244.356408][ T6836] loop3: p8 size 81920 extends beyond EOD, truncated
[  244.426476][ T6836] loop3: p9 size 591360 extends beyond EOD, truncated
[  244.431633][ T4316] Buffer I/O error on dev loop7, logical block 152, lost async page write
[  244.445074][ T4316] kworker/u4:6: attempt to access beyond end of device
[  244.445074][ T4316] loop7: rw=1, sector=153, nr_sectors = 888 limit=128
[  244.478794][ T4426] EXT4-fs (loop5): unmounting filesystem.
[  244.487676][ T6836] loop3: p10 size 81920 extends beyond EOD, truncated
[  244.547231][ T6836] loop3: p11 size 591360 extends beyond EOD, truncated
[  244.586374][ T6836] loop3: p12 size 81920 extends beyond EOD, truncated
[  244.616344][ T6836] loop3: p13 size 591360 extends beyond EOD, truncated
[  244.653894][ T6836] loop3: p14 size 81920 extends beyond EOD, truncated
[  244.726413][ T6836] loop3: p15 size 591360 extends beyond EOD, truncated
[  244.739836][ T6844] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  244.765399][ T6836] loop3: p16 size 81920 extends beyond EOD, truncated
[  244.816380][ T6836] loop3: p17 size 591360 extends beyond EOD, truncated
[  244.825063][ T6836] loop3: p18 size 81920 extends beyond EOD, truncated
[  244.853422][ T6836] loop3: p19 size 591360 extends beyond EOD, truncated
[  244.892790][ T6836] loop3: p20 size 81920 extends beyond EOD, truncated
[  244.927108][ T6836] loop3: p21 size 591360 extends beyond EOD, truncated
[  244.966967][ T6836] loop3: p22 size 81920 extends beyond EOD, truncated
[  244.988288][ T6874] loop7: detected capacity change from 0 to 2048
[  244.996558][ T6836] loop3: p23 size 591360 extends beyond EOD, truncated
[  245.019719][ T6836] loop3: p24 size 81920 extends beyond EOD, truncated
[  245.044088][ T6874]  loop7: p1 < > p4
[  245.048444][ T6836] loop3: p25 size 591360 extends beyond EOD, truncated
[  245.060325][ T6874] loop7: p4 size 8388608 extends beyond EOD, truncated
[  245.087047][ T6836] loop3: p26 size 81920 extends beyond EOD, truncated
[  245.136811][ T6836] loop3: p27 size 591360 extends beyond EOD, truncated
[  245.152067][ T6836] loop3: p28 size 81920 extends beyond EOD, truncated
[  245.200268][ T6836] loop3: p29 size 591360 extends beyond EOD, truncated
[  245.232740][ T6836] loop3: p30 size 81920 extends beyond EOD, truncated
[  245.263251][ T6836] loop3: p31 size 591360 extends beyond EOD, truncated
[  245.292250][ T6836] loop3: p32 size 81920 extends beyond EOD, truncated
[  245.321813][ T6836] loop3: p33 size 591360 extends beyond EOD, truncated
[  245.354161][ T6836] loop3: p34 size 81920 extends beyond EOD, truncated
[  245.393399][ T6836] loop3: p35 size 591360 extends beyond EOD, truncated
[  245.444982][ T6836] loop3: p36 size 81920 extends beyond EOD, truncated
[  245.476491][ T6836] loop3: p37 size 591360 extends beyond EOD, truncated
[  245.513637][ T6836] loop3: p38 size 81920 extends beyond EOD, truncated
[  245.546484][ T6836]  loop3: p38 could not be added: -ENOMEM
[  245.579721][ T6836] loop3: p39 size 591360 extends beyond EOD, truncated
[  245.609728][ T6836]  loop3: p39 could not be added: -ENOMEM
[  245.615512][ T6836] loop3: p40 size 81920 extends beyond EOD, truncated
[  245.699032][ T6836] loop3: p41 size 591360 extends beyond EOD, truncated
[  245.765777][ T6836] loop3: p42 size 81920 extends beyond EOD, truncated
[  245.813571][ T6836] loop3: p43 size 591360 extends beyond EOD, truncated
[  245.818094][   T26] kauditd_printk_skb: 30 callbacks suppressed
[  245.818112][   T26] audit: type=1107 audit(1733420001.386:380): pid=6885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  245.839720][ T6836]  loop3: p43 could not be added: -ENOMEM
[  245.845491][ T6836] loop3: p44 size 81920 extends beyond EOD, truncated
[  245.855630][ T6836]  loop3: p44 could not be added: -ENOMEM
[  245.861478][ T6836] loop3: p45 size 591360 extends beyond EOD, truncated
[  245.883691][ T6896] loop5: detected capacity change from 0 to 128
[  245.890420][ T6836]  loop3: p45 could not be added: -ENOMEM
[  245.898820][ T6836] loop3: p46 size 81920 extends beyond EOD, truncated
[  245.907853][ T6836]  loop3: p46 could not be added: -ENOMEM
[  245.913962][ T6836] loop3: p47 size 591360 extends beyond EOD, truncated
[  245.924148][ T6836]  loop3: p47 could not be added: -ENOMEM
[  245.943064][ T6836] loop3: p48 size 81920 extends beyond EOD, truncated
[  245.970966][ T6836]  loop3: p48 could not be added: -ENOMEM
[  245.988625][ T6836] loop3: p49 size 591360 extends beyond EOD, truncated
[  246.072140][ T6897] loop4: detected capacity change from 0 to 1024
[  246.082123][ T6897] EXT4-fs: Ignoring removed mblk_io_submit option
[  246.113921][ T6896] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  246.234342][ T6836]  loop3: p49 could not be added: -ENOMEM
[  246.359501][ T6836] loop3: p50 size 81920 extends beyond EOD, truncated
[  246.374899][ T6896] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  246.438850][ T6897] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  246.582376][ T6836]  loop3: p50 could not be added: -ENOMEM
[  246.710667][ T6836] loop3: p51 size 591360 extends beyond EOD, truncated
[  246.719349][ T6836] loop3: p52 size 81920 extends beyond EOD, truncated
[  246.727176][ T6836] loop3: p53 size 591360 extends beyond EOD, truncated
[  246.735003][ T6836] loop3: p54 size 81920 extends beyond EOD, truncated
[  246.742175][ T6836]  loop3: p54 could not be added: -ENOMEM
[  246.747989][ T6836] loop3: p55 size 591360 extends beyond EOD, truncated
[  246.755069][ T6836]  loop3: p55 could not be added: -ENOMEM
[  246.760981][ T6836] loop3: p56 size 81920 extends beyond EOD, truncated
[  246.768120][ T6836]  loop3: p56 could not be added: -ENOMEM
[  246.773881][ T6836] loop3: p57 size 591360 extends beyond EOD, truncated
[  246.781056][ T6836]  loop3: p57 could not be added: -ENOMEM
[  246.786931][ T6836] loop3: p58 size 81920 extends beyond EOD, truncated
[  246.793949][ T6836]  loop3: p58 could not be added: -ENOMEM
[  246.799836][ T6836] loop3: p59 size 591360 extends beyond EOD, truncated
[  246.807055][ T6836]  loop3: p59 could not be added: -ENOMEM
[  246.812825][ T6836] loop3: p60 size 81920 extends beyond EOD, truncated
[  246.820077][ T6836]  loop3: p60 could not be added: -ENOMEM
[  246.825831][ T6836] loop3: p61 size 591360 extends beyond EOD, truncated
[  246.832971][ T6836]  loop3: p61 could not be added: -ENOMEM
[  246.853374][ T6836] loop3: p62 size 81920 extends beyond EOD, truncated
[  246.897274][ T6836]  loop3: p62 could not be added: -ENOMEM
[  246.903092][ T6836] loop3: p63 size 591360 extends beyond EOD, truncated
[  246.910987][ T6836]  loop3: p63 could not be added: -ENOMEM
[  246.917776][ T6836] loop3: p64 size 81920 extends beyond EOD, truncated
[  246.924970][ T6836]  loop3: p64 could not be added: -ENOMEM
[  246.930850][ T6836] loop3: p65 size 591360 extends beyond EOD, truncated
[  246.956367][ T6836] loop3: p66 size 81920 extends beyond EOD, truncated
[  246.966646][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  247.010344][ T6836] loop3: p67 size 591360 extends beyond EOD, truncated
[  247.025700][ T6209] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  247.057611][ T6836] loop3: p68 size 81920 extends beyond EOD, truncated
[  247.071878][ T6836] loop3: p69 size 591360 extends beyond EOD, truncated
[  247.105408][ T6836] loop3: p70 size 81920 extends beyond EOD, truncated
[  247.134194][ T6836] loop3: p71 size 591360 extends beyond EOD, truncated
[  247.163614][ T6836] loop3: p72 size 81920 extends beyond EOD, truncated
[  247.215246][ T6836] loop3: p73 size 591360 extends beyond EOD, truncated
[  247.247330][ T6836] loop3: p74 size 81920 extends beyond EOD, truncated
[  247.249288][ T6905] loop6: detected capacity change from 0 to 1024
[  247.286353][ T6836] loop3: p75 size 591360 extends beyond EOD, truncated
[  247.306411][ T6836] loop3: p76 size 81920 extends beyond EOD, truncated
[  247.349543][ T6905] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.790: Invalid block bitmap block 0 in block_group 0
[  247.388689][ T6836] loop3: p77 size 591360 extends beyond EOD, truncated
[  247.396990][ T6836] loop3: p78 size 81920 extends beyond EOD, truncated
[  247.404801][ T6836] loop3: p79 size 591360 extends beyond EOD, truncated
[  247.412933][ T6836] loop3: p80 size 81920 extends beyond EOD, truncated
[  247.420935][ T6836] loop3: p81 size 591360 extends beyond EOD, truncated
[  247.428985][ T6836] loop3: p82 size 81920 extends beyond EOD, truncated
[  247.438867][ T6836] loop3: p83 size 591360 extends beyond EOD, truncated
[  247.446946][ T6836] loop3: p84 size 81920 extends beyond EOD, truncated
[  247.454879][ T6836] loop3: p85 size 591360 extends beyond EOD, truncated
[  247.462869][ T6836] loop3: p86 size 81920 extends beyond EOD, truncated
[  247.470931][ T6836] loop3: p87 size 591360 extends beyond EOD, truncated
[  247.480082][ T6836] loop3: p88 size 81920 extends beyond EOD, truncated
[  247.488369][ T6836] loop3: p89 size 591360 extends beyond EOD, truncated
[  247.496386][ T6836] loop3: p90 size 81920 extends beyond EOD, truncated
[  247.504120][ T6836] loop3: p91 size 591360 extends beyond EOD, truncated
[  247.512113][ T6836] loop3: p92 size 81920 extends beyond EOD, truncated
[  247.522648][ T6836] loop3: p93 size 591360 extends beyond EOD, truncated
[  247.541191][ T6905] Quota error (device loop6): write_blk: dquota write failed
[  247.547434][ T6836] loop3: p94 size 81920 extends beyond EOD, truncated
[  247.586243][ T6905] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  247.590941][ T6836] loop3: p95 size 591360 extends beyond EOD, truncated
[  247.649312][ T6905] EXT4-fs error (device loop6): ext4_acquire_dquot:6801: comm syz.6.790: Failed to acquire dquot type 0
[  247.663384][ T6836] loop3: p96 size 81920 extends beyond EOD, truncated
[  247.694384][ T6905] EXT4-fs error (device loop6): ext4_free_blocks:6210: comm syz.6.790: Freeing blocks not in datazone - block = 0, count = 4096
[  247.702372][ T6836] loop3: p97 size 591360 extends beyond EOD, truncated
[  247.754222][ T6836] loop3: p98 size 81920 extends beyond EOD, truncated
[  247.785187][ T6905] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.790: Invalid inode bitmap blk 0 in block_group 0
[  247.795688][ T6836] loop3: p99 size 591360 extends beyond EOD, 
[  247.801074][ T4457] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-8
[  247.805699][ T6836] truncated
[  247.816290][ T4457] EXT4-fs error (device loop6): ext4_release_dquot:6824: comm kworker/u4:12: Failed to release dquot type 0
[  247.856910][ T6836] loop3: p100 size 81920 extends beyond EOD, truncated
[  247.868931][ T6905] EXT4-fs error (device loop6) in ext4_free_inode:362: Corrupt filesystem
[  247.896341][ T6836] loop3: p101 size 591360 extends beyond EOD, truncated
[  247.922476][ T6905] EXT4-fs (loop6): 1 orphan inode deleted
[  247.928417][ T6905] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  247.934958][ T6836] loop3: p102 size 81920 extends beyond EOD, truncated
[  247.996323][ T6836] loop3: p103 size 591360 extends beyond EOD, truncated
[  248.023664][ T6836] loop3: p104 size 81920 extends beyond EOD, truncated
[  248.047090][ T6836] loop3: p105 size 591360 extends beyond EOD, truncated
[  248.086395][ T6836] loop3: p106 size 81920 extends beyond EOD, truncated
[  248.094413][ T6836] loop3: p107 size 591360 extends beyond EOD, truncated
[  248.123403][ T6917] loop4: detected capacity change from 0 to 2048
[  248.130260][ T6836] loop3: p108 size 81920 extends beyond EOD, truncated
[  248.141520][ T6836] loop3: p109 size 591360 extends beyond EOD, truncated
[  248.158041][ T6836] loop3: p110 size 81920 extends beyond EOD, truncated
[  248.185704][ T6836] loop3: p111 size 591360 extends beyond EOD, truncated
[  248.216349][ T6836] loop3: p112 size 81920 extends beyond EOD, truncated
[  248.224681][ T6917]  loop4: p1 < > p4
[  248.229888][ T6917] loop4: p4 size 8388608 extends beyond EOD, truncated
[  248.244243][ T6836] loop3: p113 size 591360 extends beyond EOD, truncated
[  248.282123][ T6836] loop3: p114 size 81920 extends beyond EOD, truncated
[  248.312524][ T6836] loop3: p115 size 591360 extends beyond EOD, truncated
[  248.343798][ T6836] loop3: p116 size 81920 extends beyond EOD, truncated
[  248.353398][ T6910] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[  248.376342][ T6836] loop3: p117 size 591360 extends beyond EOD, truncated
[  248.414217][ T6836] loop3: p118 size 81920 extends beyond EOD, truncated
[  248.454984][ T6836] loop3: p119 size 591360 extends beyond EOD, truncated
[  248.496797][ T6836] loop3: p120 size 81920 extends beyond EOD, truncated
[  248.523535][ T6836] loop3: p121 size 591360 extends beyond EOD, truncated
[  248.551075][ T6836] loop3: p122 size 81920 extends beyond EOD, truncated
[  248.617225][ T6836] loop3: p123 size 591360 extends beyond EOD, truncated
[  248.638661][ T6836] loop3: p124 size 81920 extends beyond EOD, truncated
[  248.677186][ T6836] loop3: p125 size 591360 extends beyond EOD, truncated
[  248.691776][ T6926] loop4: detected capacity change from 0 to 128
[  248.709708][ T6836] loop3: p126 size 81920 extends beyond EOD, truncated
[  248.739981][ T6836] loop3: p127 size 591360 extends beyond EOD, truncated
[  248.820400][ T6836] loop3: p128 size 81920 extends beyond EOD, truncated
[  248.842924][ T6836] loop3: p129 size 591360 extends beyond EOD, truncated
[  248.871898][ T6836] loop3: p130 size 81920 extends beyond EOD, truncated
[  248.934529][ T6836] loop3: p131 size 591360 extends beyond EOD, truncated
[  249.002599][ T6836] loop3: p132 size 81920 extends beyond EOD, truncated
[  249.106231][ T6935] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  249.116504][ T6935] FAT-fs (loop4): Filesystem has been set read-only
[  249.124018][ T6935] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  249.134376][ T6935] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  249.161813][ T6935] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  249.267119][   T26] audit: type=1800 audit(1733420004.706:381): pid=6935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.798" name="file0" dev="loop4" ino=1048711 res=0 errno=0
[  249.377389][ T6836] loop3: p133 size 591360 extends beyond EOD, truncated
[  249.591927][ T6935] syz.4.798 (6935) used greatest stack depth: 19192 bytes left
[  249.639062][ T6836] loop3: p134 size 81920 extends beyond EOD, truncated
[  249.696296][ T6836] loop3: p135 size 591360 extends beyond EOD, truncated
[  249.704953][   T26] audit: type=1800 audit(1733420004.776:382): pid=6935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.798" name="file1" dev="loop4" ino=1048712 res=0 errno=0
[  249.782842][ T6836] loop3: p136 size 81920 extends beyond EOD, truncated
[  249.801188][ T6836] loop3: p137 size 591360 extends beyond EOD, truncated
[  249.828797][ T6836] loop3: p138 size 81920 extends beyond EOD, truncated
[  249.869048][ T6836] loop3: p139 size 591360 extends beyond EOD, truncated
[  249.897293][ T6836] loop3: p140 size 81920 extends beyond EOD, truncated
[  249.919633][ T6836] loop3: p141 size 591360 extends beyond EOD, truncated
[  249.975699][ T6836] loop3: p142 size 81920 extends beyond EOD, truncated
[  250.006975][ T6836] loop3: p143 size 591360 extends beyond EOD, truncated
[  250.026388][ T6836] loop3: p144 size 81920 extends beyond EOD, truncated
[  250.066529][ T6836] loop3: p145 size 591360 extends beyond EOD, truncated
[  250.084571][   T26] audit: type=1326 audit(1733420005.706:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6941 comm="syz.5.803" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x0
[  250.117317][ T6836] loop3: p146 size 81920 extends beyond EOD, truncated
[  250.139847][ T5363] EXT4-fs (loop6): unmounting filesystem.
[  250.174863][ T6836] loop3: p147 size 591360 extends beyond EOD, truncated
[  250.194459][ T6836] loop3: p148 size 81920 extends beyond EOD, truncated
[  250.235328][ T6836] loop3: p149 size 591360 extends beyond EOD, truncated
[  250.271206][ T6836] loop3: p150 size 81920 extends beyond EOD, truncated
[  250.303866][ T6836] loop3: p151 size 591360 extends beyond EOD, truncated
[  250.338626][ T6836] loop3: p152 size 81920 extends beyond EOD, truncated
[  250.372395][ T6836] loop3: p153 size 591360 extends beyond EOD, truncated
[  250.403786][ T6836] loop3: p154 size 81920 extends beyond EOD, truncated
[  250.419136][ T6836] loop3: p155 size 591360 extends beyond EOD, truncated
[  250.437859][ T6836] loop3: p156 size 81920 extends beyond EOD, truncated
[  250.461579][ T6836] loop3: p157 size 591360 extends beyond EOD, truncated
[  250.490165][ T6836] loop3: p158 size 81920 extends beyond EOD, truncated
[  250.513120][ T6836] loop3: p159 size 591360 extends beyond EOD, truncated
[  250.545363][ T6836] loop3: p160 size 81920 extends beyond EOD, truncated
[  250.570307][ T6836] loop3: p161 size 591360 extends beyond EOD, truncated
[  250.595552][ T6836] loop3: p162 size 81920 extends beyond EOD, truncated
[  250.616489][ T6836] loop3: p163 size 591360 extends beyond EOD, truncated
[  250.655268][ T6836] loop3: p164 size 81920 extends beyond EOD, truncated
[  250.687000][ T6836] loop3: p165 size 591360 extends beyond EOD, truncated
[  250.716557][ T6836] loop3: p166 size 81920 extends beyond EOD, truncated
[  250.739113][ T6836] loop3: p167 size 591360 extends beyond EOD, truncated
[  250.775848][ T6836] loop3: p168 size 81920 extends beyond EOD, truncated
[  250.783973][ T6959] netlink: 24 bytes leftover after parsing attributes in process `syz.4.811'.
[  250.794493][ T6836] loop3: p169 size 591360 extends beyond EOD, truncated
[  250.811041][ T6836] loop3: p170 size 81920 extends beyond EOD, truncated
[  250.836718][ T6836] loop3: p171 size 591360 extends beyond EOD, truncated
[  250.854133][ T6836] loop3: p172 size 81920 extends beyond EOD, truncated
[  250.877983][ T6836] loop3: p173 size 591360 extends beyond EOD, truncated
[  250.922137][ T6836] loop3: p174 size 81920 extends beyond EOD, truncated
[  250.955122][ T6836] loop3: p175 size 591360 extends beyond EOD, truncated
[  250.992861][ T6836] loop3: p176 size 81920 extends beyond EOD, truncated
[  251.022335][ T6836] loop3: p177 size 591360 extends beyond EOD, truncated
[  251.053593][ T6836] loop3: p178 size 81920 extends beyond EOD, truncated
[  251.083401][ T6836] loop3: p179 size 591360 extends beyond EOD, truncated
[  251.108204][ T6836] loop3: p180 size 81920 extends beyond EOD, truncated
[  251.135993][ T6836] loop3: p181 size 591360 extends beyond EOD, truncated
[  251.166696][ T6836] loop3: p182 size 81920 extends beyond EOD, truncated
[  251.188155][ T6836] loop3: p183 size 591360 extends beyond EOD, truncated
[  251.224449][ T6836]  loop3: p183 could not be added: -ENOMEM
[  251.243994][ T6836] loop3: p184 size 81920 extends beyond EOD, truncated
[  251.291450][ T6836] loop3: p185 size 591360 extends beyond EOD, truncated
[  251.335118][ T6836] loop3: p186 size 81920 extends beyond EOD, truncated
[  251.366374][ T6836] loop3: p187 size 591360 extends beyond EOD, truncated
[  251.380232][ T6836] loop3: p188 size 81920 extends beyond EOD, truncated
[  251.420512][ T6836] loop3: p189 size 591360 extends beyond EOD, truncated
[  251.539728][ T6836] loop3: p190 size 81920 extends beyond EOD, truncated
[  251.567418][ T6836] loop3: p191 size 591360 extends beyond EOD, truncated
[  251.604333][ T6836] loop3: p192 size 81920 extends beyond EOD, truncated
[  251.652009][ T6836] loop3: p193 size 591360 extends beyond EOD, truncated
[  251.689545][ T6836] loop3: p194 size 81920 extends beyond EOD, truncated
[  251.698734][ T6836] loop3: p195 size 591360 extends beyond EOD, truncated
[  251.718005][ T6836] loop3: p196 size 81920 extends beyond EOD, truncated
[  251.856719][ T6980] loop6: detected capacity change from 0 to 1024
[  251.866590][ T6980] EXT4-fs: Ignoring removed mblk_io_submit option
[  251.912973][ T6836] loop3: p197 size 591360 extends beyond EOD, truncated
[  252.099822][ T6836] loop3: p198 size 81920 extends beyond EOD, truncated
[  252.213989][ T6980] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  252.238014][ T6980] bridge0: port 3(erspan0) entered blocking state
[  252.244799][ T6980] bridge0: port 3(erspan0) entered disabled state
[  252.257015][ T6980] device erspan0 entered promiscuous mode
[  252.456892][ T6836] loop3: p199 size 591360 extends beyond EOD, truncated
[  252.464898][ T6836] loop3: p200 size 81920 extends beyond EOD, truncated
[  252.473051][ T6836] loop3: p201 size 591360 extends beyond EOD, truncated
[  252.481052][ T6836] loop3: p202 size 81920 extends beyond EOD, truncated
[  252.489206][ T6836] loop3: p203 size 591360 extends beyond EOD, truncated
[  252.497859][ T6836] loop3: p204 size 81920 extends beyond EOD, truncated
[  252.505810][ T6836] loop3: p205 size 591360 extends beyond EOD, truncated
[  252.518900][ T6836] loop3: p206 size 81920 extends beyond EOD, truncated
[  252.543628][ T6836] loop3: p207 size 591360 extends beyond EOD, truncated
[  252.557381][ T6836] loop3: p208 size 81920 extends beyond EOD, truncated
[  252.575560][ T6836] loop3: p209 size 591360 extends beyond EOD, truncated
[  252.608914][ T5363] EXT4-fs (loop6): unmounting filesystem.
[  252.634964][ T6836] loop3: p210 size 81920 extends beyond EOD, truncated
[  252.679170][ T6836] loop3: p211 size 591360 extends beyond EOD, truncated
[  252.707371][ T6836] loop3: p212 size 81920 extends beyond EOD, truncated
[  252.735663][ T6836] loop3: p213 size 591360 extends beyond EOD, truncated
[  252.770582][ T6836] loop3: p214 size 81920 extends beyond EOD, truncated
[  252.797907][ T6836] loop3: p215 size 591360 extends beyond EOD, truncated
[  252.824951][ T6836] loop3: p216 size 81920 extends beyond EOD, truncated
[  252.851890][ T6836] loop3: p217 size 591360 extends beyond EOD, truncated
[  252.886579][ T6836] loop3: p218 size 81920 extends beyond EOD, truncated
[  252.924250][ T6836] loop3: p219 size 591360 extends beyond EOD, truncated
[  252.949459][ T6836] loop3: p220 size 81920 extends beyond EOD, truncated
[  252.975872][ T6836] loop3: p221 size 591360 extends beyond EOD, truncated
[  252.976046][ T6994] program syz.6.823 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  252.993272][ T6836] loop3: p222 size 81920 extends beyond EOD, truncated
[  253.044954][ T6836] loop3: p223 size 591360 extends beyond EOD, truncated
[  253.072242][ T6836] loop3: p224 size 81920 extends beyond EOD, truncated
[  253.110702][ T6836] loop3: p225 size 591360 extends beyond EOD, truncated
[  253.131470][ T6836] loop3: p226 size 81920 extends beyond EOD, truncated
[  253.165330][ T6836] loop3: p227 size 591360 extends beyond EOD, truncated
[  253.199930][ T6836] loop3: p228 size 81920 extends beyond EOD, truncated
[  253.230320][ T6836] loop3: p229 size 591360 extends beyond EOD, truncated
[  253.253976][ T6836] loop3: p230 size 81920 extends beyond EOD, truncated
[  253.293680][ T6836] loop3: p231 size 591360 extends beyond EOD, truncated
[  253.326394][ T6836] loop3: p232 size 81920 extends beyond EOD, truncated
[  253.347288][ T6836] loop3: p233 size 591360 extends beyond EOD, truncated
[  253.383825][ T6836] loop3: p234 size 81920 extends beyond EOD, truncated
[  253.417968][ T6836] loop3: p235 size 591360 extends beyond EOD, truncated
[  253.439566][ T6836] loop3: p236 size 81920 extends beyond EOD, truncated
[  253.473591][ T6836] loop3: p237 size 591360 extends beyond EOD, truncated
[  253.499750][ T6836] loop3: p238 size 81920 extends beyond EOD, truncated
[  253.520590][ T6836] loop3: p239 size 591360 extends beyond EOD, truncated
[  253.548611][ T6836] loop3: p240 size 81920 extends beyond EOD, truncated
[  253.578704][ T6836] loop3: p241 size 591360 extends beyond EOD, truncated
[  253.603118][ T6836] loop3: p242 size 81920 extends beyond EOD, truncated
[  253.623616][ T6836] loop3: p243 size 591360 extends beyond EOD, truncated
[  253.625596][ T6101] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.655800][ T6836] loop3: p244 size 81920 extends beyond EOD, truncated
[  253.687674][ T6836] loop3: p245 size 591360 extends beyond EOD, truncated
[  253.715261][ T6836] loop3: p246 size 81920 extends beyond EOD, truncated
[  253.747668][ T6836] loop3: p247 size 591360 extends beyond EOD, truncated
[  253.776396][ T6836] loop3: p248 size 81920 extends beyond EOD, truncated
[  253.797966][ T6836] loop3: p249 size 591360 extends beyond EOD, truncated
[  253.817815][ T6101] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.837592][ T6836] loop3: p250 size 81920 extends beyond EOD, truncated
[  253.848793][ T6836] loop3: p251 size 591360 extends beyond EOD, truncated
[  253.875786][ T6836] loop3: p252 size 81920 extends beyond EOD, truncated
[  253.918660][ T6836] loop3: p253 size 591360 extends beyond EOD, truncated
[  253.960291][ T6836] loop3: p254 size 81920 extends beyond EOD, truncated
[  254.020683][ T6836] loop3: p255 size 591360 extends beyond EOD, truncated
[  254.176651][ T7018] loop7: detected capacity change from 0 to 1024
[  254.186485][ T7018] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.466443][ T7018] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  254.747514][   T26] audit: type=1326 audit(1733420010.376:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7016 comm="syz.6.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  254.772006][ T7018] bridge0: port 3(erspan0) entered blocking state
[  254.778622][ T7018] bridge0: port 3(erspan0) entered disabled state
[  254.786296][ T7018] device erspan0 entered promiscuous mode
[  254.792361][ T7018] bridge0: port 3(erspan0) entered blocking state
[  254.799075][ T7018] bridge0: port 3(erspan0) entered forwarding state
[  254.910041][   T26] audit: type=1326 audit(1733420010.426:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7016 comm="syz.6.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  254.931760][ T6101] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.932590][   T26] audit: type=1326 audit(1733420010.426:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7016 comm="syz.6.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  254.965718][   T26] audit: type=1326 audit(1733420010.426:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7016 comm="syz.6.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  255.036037][ T5823] EXT4-fs (loop7): unmounting filesystem.
[  255.062961][   T26] audit: type=1326 audit(1733420010.426:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7016 comm="syz.6.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ed57ff19 code=0x7ffc0000
[  255.174291][ T6101] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.638556][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.644901][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  256.098026][   T26] audit: type=1326 audit(1733420011.726:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.3.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  256.115772][ T7047] loop3: detected capacity change from 0 to 512
[  256.173081][   T26] audit: type=1326 audit(1733420011.726:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.3.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  256.200504][ T7047] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  256.248718][   T26] audit: type=1326 audit(1733420011.726:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.3.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  256.299222][ T7047] EXT4-fs (loop3): 1 truncate cleaned up
[  256.304951][ T7047] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  256.386334][   T26] audit: type=1326 audit(1733420011.726:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.3.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  256.510833][   T26] audit: type=1326 audit(1733420011.726:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.3.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b32f7ff19 code=0x7ffc0000
[  256.669367][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  257.101585][ T7061] loop4: detected capacity change from 0 to 1024
[  257.111445][ T7061] EXT4-fs: Ignoring removed mblk_io_submit option
[  257.731069][ T7061] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  257.778522][ T6101] bridge0: port 3(erspan0) entered disabled state
[  257.881480][ T7068] loop3: detected capacity change from 0 to 256
[  257.939667][ T6101] device erspan0 left promiscuous mode
[  257.945272][ T6101] bridge0: port 3(erspan0) entered disabled state
[  258.008508][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  259.693645][ T7091] loop5: detected capacity change from 0 to 1024
[  259.710561][ T7091] EXT4-fs (loop5): invalid first ino: 0
[  260.730579][ T6101] device hsr_slave_0 left promiscuous mode
[  260.770153][ T6101] device hsr_slave_1 left promiscuous mode
[  260.783412][ T6101] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.807900][ T6101] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.028228][ T6101] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.037079][ T6101] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.075305][ T6101] device bridge_slave_1 left promiscuous mode
[  261.085960][ T6101] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.224072][ T7109] loop3: detected capacity change from 0 to 1024
[  261.234181][ T7109] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.412489][ T7109] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  261.799679][ T6101] device bridge_slave_0 left promiscuous mode
[  261.825280][ T6101] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.889292][ T6101] device veth1_macvtap left promiscuous mode
[  261.895478][ T6101] device veth0_macvtap left promiscuous mode
[  261.926363][ T6101] device veth1_vlan left promiscuous mode
[  261.946390][ T6101] device veth0_vlan left promiscuous mode
[  263.933525][ T6101] team0 (unregistering): Port device team_slave_1 removed
[  263.994714][ T6101] team0 (unregistering): Port device team_slave_0 removed
[  264.057322][ T6101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  264.113206][ T6101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  264.315778][ T7133] usb usb5: usbfs: process 7133 (syz.6.874) did not claim interface 0 before use
[  265.635519][ T6101] bond0 (unregistering): Released all slaves
[  266.514623][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  266.728263][ T7155] loop3: detected capacity change from 0 to 1024
[  266.735583][ T7155] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.843386][ T7155] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  267.164059][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  267.758558][ T7173] loop7: detected capacity change from 0 to 4096
[  267.781524][ T7178] sg_write: data in/out 207360/1 bytes for SCSI command 0xf2-- guessing data in;
[  267.781524][ T7178]    program syz.3.891 not setting count and/or reply_len properly
[  267.810078][ T7173] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  268.088242][ T7180] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.271881][ T7180] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.389449][ T5823] EXT4-fs (loop7): unmounting filesystem.
[  268.469958][ T7180] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.621021][ T7180] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.852228][ T7193] loop7: detected capacity change from 0 to 512
[  268.888498][ T7193] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  268.928536][ T7180] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.998773][ T7180] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.998899][ T7193] EXT4-fs (loop7): 1 truncate cleaned up
[  269.024661][ T7180] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.036306][ T7193] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  269.096950][ T7180] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.232553][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  269.232570][   T26] audit: type=1326 audit(1733420024.856:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.331364][ T5823] EXT4-fs (loop7): unmounting filesystem.
[  269.366222][   T26] audit: type=1326 audit(1733420024.866:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.466632][   T26] audit: type=1326 audit(1733420024.886:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.552800][   T26] audit: type=1326 audit(1733420024.886:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.610443][ T7210] loop4: detected capacity change from 0 to 2048
[  269.646847][   T26] audit: type=1326 audit(1733420024.886:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.709898][   T26] audit: type=1326 audit(1733420024.886:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.748576][   T26] audit: type=1326 audit(1733420024.886:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.771393][   T26] audit: type=1326 audit(1733420024.886:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.777571][ T7210] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  269.793736][   T26] audit: type=1326 audit(1733420024.886:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  269.824653][   T26] audit: type=1326 audit(1733420024.886:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7201 comm="syz.5.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a4f57ff19 code=0x7ffc0000
[  270.489139][ T4847] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  270.546558][ T4847] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  270.580912][ T4847] EXT4-fs (loop4): This should not happen!! Data will be lost
[  270.580912][ T4847] 
[  270.610444][ T4847] EXT4-fs (loop4): Total free blocks count 0
[  270.636139][ T4847] EXT4-fs (loop4): Free/Dirty block details
[  270.646756][ T4847] EXT4-fs (loop4): free_blocks=2415919104
[  270.673012][ T4847] EXT4-fs (loop4): dirty_blocks=1376
[  270.683910][ T7243] device batadv0 entered promiscuous mode
[  270.686260][ T4847] EXT4-fs (loop4): Block reservation details
[  270.712355][ T7243] device vlan2 entered promiscuous mode
[  270.726457][ T4847] EXT4-fs (loop4): i_reserved_data_blocks=86
[  270.747183][ T4847] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1358 with error 28
[  270.806808][ T7243] device batadv0 left promiscuous mode
[  271.205687][ T7234] 9pnet_fd: p9_fd_create_tcp (7234): problem connecting socket to 127.0.0.1
[  272.023709][ T7278] loop3: detected capacity change from 0 to 128
[  272.383972][ T7284] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  272.394247][ T7284] FAT-fs (loop3): Filesystem has been set read-only
[  272.401762][ T7284] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  272.412252][ T7284] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  272.432218][ T7284] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  273.340872][ T7299] siw: device registration error -23
[  273.919408][ T7312] device macvtap0 entered promiscuous mode
[  273.953346][ T7312] device macvtap0 left promiscuous mode
[  274.251031][ T7318] loop7: detected capacity change from 0 to 128
[  275.866680][ T7324] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  275.876856][ T7324] FAT-fs (loop7): Filesystem has been set read-only
[  275.883628][ T7324] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  275.893793][ T7324] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  276.096683][ T7324] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[  276.756787][   T27] INFO: task syz-executor:4249 blocked for more than 143 seconds.
[  276.764665][   T27]       Not tainted 6.1.119-syzkaller #0
[  276.770946][   T26] kauditd_printk_skb: 71 callbacks suppressed
[  276.770964][   T26] audit: type=1800 audit(1733420031.396:509): pid=7324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.948" name="file0" dev="loop7" ino=1048716 res=0 errno=0
[  276.858196][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  276.876222][   T27] task:syz-executor    state:D stack:20952 pid:4249  ppid:1      flags:0x00004004
[  276.885513][   T27] Call Trace:
[  276.896413][   T26] audit: type=1800 audit(1733420031.536:510): pid=7324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.948" name="file1" dev="loop7" ino=1048717 res=0 errno=0
[  276.917754][   T27]  <TASK>
[  276.923102][   T27]  __schedule+0x143f/0x4570
[  276.931187][   T27]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  276.946339][   T27]  ? release_firmware_map_entry+0x186/0x186
[  276.962559][   T27]  ? prepare_to_wait_event+0x3b5/0x3f0
[  276.978514][   T27]  schedule+0xbf/0x180
[  276.990632][   T27]  wb_wait_for_completion+0x162/0x290
[  277.006181][   T27]  ? __bpf_trace_writeback_inode_template+0x20/0x20
[  277.025324][   T27]  ? wake_bit_function+0x210/0x210
[  277.050368][   T27]  __writeback_inodes_sb_nr+0x2ce/0x370
[  277.079225][   T27]  ? writeback_inodes_sb_nr+0x30/0x30
[  277.096176][   T27]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[  277.120520][   T27]  sync_filesystem+0xa0/0x220
[  277.142055][   T27]  generic_shutdown_super+0x6b/0x340
[  277.165078][   T27]  kill_block_super+0x7a/0xe0
[  277.179061][   T27]  deactivate_locked_super+0xa0/0x110
[  277.198197][   T27]  cleanup_mnt+0x490/0x520
[  277.213172][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  277.226540][   T27]  task_work_run+0x246/0x300
[  277.242753][   T27]  ? task_work_cancel+0x2e0/0x2e0
[  277.254770][   T27]  ? exit_to_user_mode_loop+0x39/0x100
[  277.272799][   T27]  exit_to_user_mode_loop+0xde/0x100
[  277.291170][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  277.305368][   T27]  syscall_exit_to_user_mode+0x60/0x270
[  277.317873][   T27]  do_syscall_64+0x47/0xb0
[  277.326974][   T27]  ? clear_bhb_loop+0x45/0xa0
[  277.337476][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  277.359268][   T27] RIP: 0033:0x7fcb38181247
[  277.375038][   T27] RSP: 002b:00007ffc0fdacd18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  277.401342][   T27] RAX: 0000000000000000 RBX: 00007fcb381f3824 RCX: 00007fcb38181247
[  277.427282][   T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc0fdacdd0
[  277.453143][   T27] RBP: 00007ffc0fdacdd0 R08: 0000000000000000 R09: 0000000000000000
[  277.478992][   T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc0fdade50
[  277.502704][   T27] R13: 00007fcb381f3824 R14: 000000000002005b R15: 00007ffc0fdade90
[  277.530647][   T27]  </TASK>
[  277.541775][   T27] 
[  277.541775][   T27] Showing all locks held in the system:
[  277.582253][   T27] 1 lock held by rcu_tasks_kthre/12:
[  277.616187][   T27]  #0: ffffffff8d32b110 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  277.656156][   T27] 1 lock held by rcu_tasks_trace/13:
[  277.661513][   T27]  #0: ffffffff8d32b910 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  277.696214][   T27] 1 lock held by khungtaskd/27:
[  277.701184][   T27]  #0: ffffffff8d32af40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  277.736295][   T27] 2 locks held by kworker/u4:2/34:
[  277.741517][   T27] 2 locks held by getty/4012:
[  277.766944][   T27]  #0: ffff888030b41098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  277.816164][   T27]  #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  277.836187][   T27] 1 lock held by syz-executor/4249:
[  277.841449][   T27]  #0: ffff8880285100e0 (&type->s_umount_key#53){++++}-{3:3}, at: deactivate_super+0xa9/0xe0
[  277.896180][   T27] 2 locks held by kworker/0:6/4301:
[  277.901555][   T27]  #0: ffff888017c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  277.936314][   T27]  #1: ffffc90003ed7d20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  277.986179][   T27] 3 locks held by kworker/u4:13/4539:
[  277.991926][   T27] 4 locks held by kworker/u4:14/4622:
[  278.026186][   T27]  #0: ffff88801aef9938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  278.056132][   T27]  #1: ffff8880b8e27788 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x419/0x790
[  278.086960][   T27]  #2: ffff8880b8e3a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  278.116220][   T27]  #3: ffffffff9760b308 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x68/0x4e0
[  278.137297][   T27] 5 locks held by kworker/u4:15/4847:
[  278.158495][   T27]  #0: ffff888017e16938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  278.187299][   T27]  #1: ffffc90003347d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  278.206171][   T27]  #2: ffffffff8e4fe3d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  278.230265][   T27]  #3: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: vti6_exit_batch_net+0xb0/0x410
[  278.257519][   T27]  #4: ffffffff8d330538 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930
[  278.288368][   T27] 1 lock held by syz-executor/5363:
[  278.293634][   T27]  #0: ffffffff8d330538 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x930
[  278.329500][   T27] 3 locks held by syz.7.905/7222:
[  278.334593][   T27] 2 locks held by syz.4.926/7272:
[  278.357290][   T27] 1 lock held by syz.7.953/7330:
[  278.362301][   T27] 3 locks held by syz.7.953/7331:
[  278.380735][   T27]  #0: ffff8880b8e3a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  278.410596][   T27]  #1: ffffffff8d41ba18 (remove_cache_srcu){....}-{0:0}, at: srcu_read_lock+0x16/0x40
[  278.434998][   T27]  #2: ffff8880b8e3a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  278.461035][   T27] 
[  278.476176][   T27] =============================================
[  278.476176][   T27] 
[  278.484709][   T27] NMI backtrace for cpu 1
[  278.489088][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.119-syzkaller #0
[  278.497016][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  278.507114][   T27] Call Trace:
[  278.510430][   T27]  <TASK>
[  278.513385][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  278.518112][   T27]  ? preempt_schedule_thunk+0x16/0x18
[  278.523540][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  278.529049][   T27]  ? panic+0x764/0x764
[  278.533154][   T27]  ? vprintk_emit+0x622/0x740
[  278.537881][   T27]  ? printk_sprint+0x490/0x490
[  278.542697][   T27]  ? nmi_cpu_backtrace+0x252/0x560
[  278.547868][   T27]  nmi_cpu_backtrace+0x4e1/0x560
[  278.552857][   T27]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  278.559063][   T27]  ? _printk+0xd1/0x111
[  278.563271][   T27]  ? panic+0x764/0x764
[  278.567384][   T27]  ? __wake_up_klogd+0xcc/0x100
[  278.572248][   T27]  ? panic+0x764/0x764
[  278.576326][   T27]  ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0
[  278.582452][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  278.588525][   T27]  nmi_trigger_cpumask_backtrace+0x1ae/0x3f0
[  278.594530][   T27]  watchdog+0xf88/0xfd0
[  278.598708][   T27]  ? watchdog+0x1f8/0xfd0
[  278.603057][   T27]  kthread+0x28d/0x320
[  278.607146][   T27]  ? hungtask_pm_notify+0x50/0x50
[  278.612188][   T27]  ? kthread_blkcg+0xd0/0xd0
[  278.616795][   T27]  ret_from_fork+0x1f/0x30
[  278.621254][   T27]  </TASK>
[  278.624713][   T27] Sending NMI from CPU 1 to CPUs 0:
[  278.630031][    C0] NMI backtrace for cpu 0
[  278.630049][    C0] CPU: 0 PID: 7272 Comm: syz.4.926 Not tainted 6.1.119-syzkaller #0
[  278.630067][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  278.630077][    C0] RIP: 0010:check_preemption_disabled+0x59/0x110
[  278.630103][    C0] Code: 48 8b 04 25 28 00 00 00 48 3b 44 24 08 0f 85 c7 00 00 00 89 d8 48 83 c4 10 5b 41 5c 41 5e 41 5f c3 48 c7 04 24 00 00 00 00 9c <8f> 04 24 f7 04 24 00 02 00 00 74 c9 49 89 f6 49 89 ff 65 4c 8b 25
[  278.630123][    C0] RSP: 0018:ffffc900040c65f8 EFLAGS: 00000046
[  278.630138][    C0] RAX: 0000000080000000 RBX: 0000000000000000 RCX: ffff888027643b80
[  278.630151][    C0] RDX: 0000000000000000 RSI: ffffffff8b0c0ea0 RDI: ffffffff8b5e6200
[  278.630163][    C0] RBP: 00000000ffffffff R08: dffffc0000000000 R09: fffffbfff1d35ef6
[  278.630175][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000246
[  278.630186][    C0] R13: ffff888027643b80 R14: 00000000ffffffff R15: ffffffff8d32aec0
[  278.630199][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  278.630214][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  278.630226][    C0] CR2: 0000000020522000 CR3: 0000000042fef000 CR4: 00000000003506f0
[  278.630241][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  278.630250][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  278.630261][    C0] Call Trace:
[  278.630266][    C0]  <NMI>
[  278.630272][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  278.630299][    C0]  ? read_lock_is_recursive+0x10/0x10
[  278.630327][    C0]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  278.630353][    C0]  ? nmi_handle+0x25/0x440
[  278.630395][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  278.630411][    C0]  ? nmi_handle+0x12e/0x440
[  278.630438][    C0]  ? nmi_handle+0x25/0x440
[  278.630464][    C0]  ? check_preemption_disabled+0x59/0x110
[  278.630483][    C0]  ? default_do_nmi+0x62/0x150
[  278.630510][    C0]  ? exc_nmi+0xa8/0x100
[  278.630535][    C0]  ? end_repeat_nmi+0x16/0x31
[  278.630566][    C0]  ? check_preemption_disabled+0x59/0x110
[  278.630586][    C0]  ? check_preemption_disabled+0x59/0x110
[  278.630606][    C0]  ? check_preemption_disabled+0x59/0x110
[  278.630626][    C0]  </NMI>
[  278.630630][    C0]  <TASK>
[  278.630638][    C0]  lock_is_held_type+0x76/0x180
[  278.630657][    C0]  __might_resched+0xf0/0x780
[  278.630676][    C0]  ? __alloc_pages+0x16a/0x770
[  278.630693][    C0]  ? reacquire_held_locks+0x660/0x660
[  278.630709][    C0]  ? __might_sleep+0xb0/0xb0
[  278.630726][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  278.630754][    C0]  ? fs_reclaim_acquire+0x8e/0x120
[  278.630774][    C0]  prepare_alloc_pages+0x1c8/0x5b0
[  278.630796][    C0]  __alloc_pages+0x16a/0x770
[  278.630815][    C0]  ? zone_statistics+0x160/0x160
[  278.630831][    C0]  ? __lock_acquire+0x125b/0x1f80
[  278.630865][    C0]  ? mark_lock+0x9a/0x340
[  278.630893][    C0]  __folio_alloc+0xf/0x30
[  278.630910][    C0]  vma_alloc_folio+0x486/0x990
[  278.630927][    C0]  ? mpol_shared_policy_lookup+0x144/0x1e0
[  278.630946][    C0]  shmem_alloc_and_acct_folio+0x5a8/0xd50
[  278.630968][    C0]  ? shmem_replace_folio+0xee0/0xee0
[  278.630992][    C0]  ? xas_load+0x128/0x140
[  278.631015][    C0]  ? __filemap_get_folio+0xbf2/0xe80
[  278.631033][    C0]  ? __filemap_get_folio+0x150/0xe80
[  278.631048][    C0]  ? page_cache_prev_miss+0x500/0x500
[  278.631073][    C0]  shmem_get_folio_gfp+0x13f0/0x3470
[  278.631103][    C0]  ? mark_lock+0x9a/0x340
[  278.631131][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  278.631164][    C0]  ? shmem_get_folio+0xa0/0xa0
[  278.631189][    C0]  ? seqcount_lockdep_reader_access+0x1d3/0x220
[  278.631213][    C0]  ? ktime_get_real_ts64+0x460/0x460
[  278.631237][    C0]  ? mark_lock+0x9a/0x340
[  278.631262][    C0]  shmem_write_begin+0x16e/0x4e0
[  278.631291][    C0]  ? shmem_writepage+0x1c90/0x1c90
[  278.631319][    C0]  ? current_time+0x1ba/0x300
[  278.631344][    C0]  ? fault_in_iov_iter_readable+0x22e/0x270
[  278.631367][    C0]  generic_perform_write+0x2fc/0x5e0
[  278.631390][    C0]  ? generic_file_direct_write+0x460/0x460
[  278.631409][    C0]  ? __file_remove_privs+0x640/0x640
[  278.631435][    C0]  ? generic_write_checks+0x15c/0x1c0
[  278.631456][    C0]  ? clear_nonspinnable+0x60/0x60
[  278.631481][    C0]  __generic_file_write_iter+0x176/0x400
[  278.631502][    C0]  generic_file_write_iter+0xab/0x310
[  278.631522][    C0]  __kernel_write_iter+0x2ff/0x710
[  278.631545][    C0]  ? vfs_read+0xbf0/0xbf0
[  278.631564][    C0]  ? __sanitizer_cov_trace_const_cmp2+0x80/0x80
[  278.631588][    C0]  ? iov_iter_bvec+0x4a/0x1b0
[  278.631609][    C0]  dump_user_range+0x43d/0x8e0
[  278.631633][    C0]  ? dump_skip+0x40/0x40
[  278.631651][    C0]  ? writenote+0x24c/0x3b0
[  278.631682][    C0]  ? dump_emit+0x95/0xc0
[  278.631700][    C0]  elf_core_dump+0x3d2b/0x4590
[  278.631737][    C0]  ? load_elf_binary+0x2720/0x2720
[  278.631764][    C0]  ? mark_lock+0x9a/0x340
[  278.631791][    C0]  ? __lock_acquire+0x125b/0x1f80
[  278.631835][    C0]  ? rcu_read_lock_any_held+0xb3/0x160
[  278.631865][    C0]  ? 0xffffffffff600000
[  278.631878][    C0]  ? getname_kernel+0x55/0x2e0
[  278.631902][    C0]  do_coredump+0x18b7/0x2700
[  278.631933][    C0]  ? nfs_ssc_unregister+0x30/0x30
[  278.631965][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  278.631983][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  278.632004][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  278.632023][    C0]  get_signal+0x1454/0x17d0
[  278.632055][    C0]  ? ptrace_notify+0x370/0x370
[  278.632080][    C0]  ? _raw_spin_unlock+0x40/0x40
[  278.632100][    C0]  ? __send_signal_locked+0xb43/0xdc0
[  278.632127][    C0]  arch_do_signal_or_restart+0xb0/0x1a10
[  278.632155][    C0]  ? force_sig_fault+0x127/0x1d0
[  278.632180][    C0]  ? force_sig_fault_to_task+0x1c0/0x1c0
[  278.632207][    C0]  ? get_sigframe_size+0x10/0x10
[  278.632237][    C0]  ? exit_to_user_mode_loop+0x39/0x100
[  278.632255][    C0]  exit_to_user_mode_loop+0x6a/0x100
[  278.632273][    C0]  exit_to_user_mode_prepare+0xb1/0x140
[  278.632290][    C0]  irqentry_exit_to_user_mode+0x5/0x30
[  278.632308][    C0]  exc_page_fault+0x1c0/0x620
[  278.632328][    C0]  asm_exc_page_fault+0x22/0x30
[  278.632352][    C0] RIP: 0033:0x7f3b75c40457
[  278.632365][    C0] Code: 88 15 9a 52 e3 00 88 05 97 52 e3 00 c3 50 48 8d 35 3e 35 1b 00 48 8d 3d 44 35 1b 00 31 c0 e8 a0 f9 ff ff 53 89 fb 48 83 ec 10 <64> 8b 04 25 94 ff ff ff 85 c0 74 2a 89 fe 31 c0 bf 3c 00 00 00 e8
[  278.632378][    C0] RSP: 002b:00007f3b76a83160 EFLAGS: 00010206
[  278.632392][    C0] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f3b75d7ff19
[  278.632403][    C0] RDX: 00007f3b76a83180 RSI: 00007f3b76a832b0 RDI: 000000000000000b
[  278.632414][    C0] RBP: 00007f3b75df3986 R08: 0000000000000000 R09: 0000000000000000
[  278.632424][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  278.632434][    C0] R13: 0000000000000000 R14: 00007f3b75f45fa0 R15: 00007ffea3d2e6b8
[  278.632454][    C0]  </TASK>
[  279.631226][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  279.638142][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.1.119-syzkaller #0
[  279.646069][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  279.656188][   T27] Call Trace:
[  279.659511][   T27]  <TASK>
[  279.662467][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  279.667193][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  279.672698][   T27]  ? panic+0x764/0x764
[  279.676816][   T27]  ? llist_add_batch+0x160/0x1d0
[  279.681885][   T27]  ? vscnprintf+0x59/0x80
[  279.686251][   T27]  panic+0x318/0x764
[  279.690172][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  279.696369][   T27]  ? memcpy_page_flushcache+0xfc/0xfc
[  279.701793][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  279.707988][   T27]  ? nmi_trigger_cpumask_backtrace+0x338/0x3f0
[  279.714197][   T27]  ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0
[  279.720493][   T27]  watchdog+0xfc7/0xfd0
[  279.724706][   T27]  ? watchdog+0x1f8/0xfd0
[  279.729113][   T27]  kthread+0x28d/0x320
[  279.733220][   T27]  ? hungtask_pm_notify+0x50/0x50
[  279.738290][   T27]  ? kthread_blkcg+0xd0/0xd0
[  279.742916][   T27]  ret_from_fork+0x1f/0x30
[  279.747393][   T27]  </TASK>
[  279.750752][   T27] Kernel Offset: disabled
[  279.755085][   T27] Rebooting in 86400 seconds..