last executing test programs:

21.683376883s ago: executing program 1 (id=1326):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000017008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

21.682921603s ago: executing program 1 (id=1328):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
write$nbd(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x2c, r2, 0x1, 0x0, 0xfffffffe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7f}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48008}, 0x20044000)

21.633885753s ago: executing program 1 (id=1329):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000040))
close_range(r0, r1, 0x0)

21.633575453s ago: executing program 1 (id=1330):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
open(&(0x7f00000003c0)='./bus\x00', 0x143142, 0x120)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x81000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x800, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x12, 0x11, 0x15, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0xa]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

21.546144343s ago: executing program 1 (id=1336):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000007580)=[{{&(0x7f0000000180)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000b00)="933698590830bfbddf4a4f8972ad60ce054bb806", 0x14}], 0x1}}], 0x1, 0x0)

21.199550805s ago: executing program 1 (id=1356):
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r4, {0x0, 0xfff2}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

21.079224395s ago: executing program 32 (id=1356):
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r4, {0x0, 0xfff2}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

7.000166788s ago: executing program 2 (id=1727):
clock_nanosleep(0xfffffffa, 0x0, &(0x7f0000000080)={0x77359400}, 0x0)

6.43295287s ago: executing program 3 (id=1751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x6)
r3 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}]}, 0x88}}, 0x0)

6.39543043s ago: executing program 3 (id=1755):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000540)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setrlimit(0x4, 0x0)

6.384771031s ago: executing program 3 (id=1757):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000b80)=ANY=[@ANYBLOB="54020000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c001400636d61632861657329"], 0x254}}, 0x0)

6.350931951s ago: executing program 3 (id=1760):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
open(&(0x7f00000003c0)='./bus\x00', 0x143142, 0x120)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x81000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x800, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x12, 0x11, 0x15, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0xa]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

6.206308631s ago: executing program 3 (id=1767):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000fc0)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7e}]}, 0x54}}, 0x0)

6.137772641s ago: executing program 2 (id=1770):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

5.987606942s ago: executing program 2 (id=1777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000500)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1, 0x0, 0x40}, 0x18)
epoll_create(0xd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001840)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c0002"], 0xe4}}, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8035}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48d1}, 0x810)

5.883496412s ago: executing program 2 (id=1779):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
open(&(0x7f00000003c0)='./bus\x00', 0x143142, 0x120)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x81000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x800, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x12, 0x11, 0x15, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0xa]})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

5.755055852s ago: executing program 3 (id=1787):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0200001000010000000000fedbdf25e0000002000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0], 0x24c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

5.738005572s ago: executing program 33 (id=1787):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0200001000010000000000fedbdf25e0000002000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0], 0x24c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

5.695801383s ago: executing program 2 (id=1790):
unshare(0x62040200)
r0 = fsopen(&(0x7f0000000380)='rpc_pipefs\x00', 0x0)
r1 = fsopen(&(0x7f0000000380)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x8, 0x0, 0x0, 0x0)

5.378503213s ago: executing program 2 (id=1797):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='percpu_free_percpu\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3804c82, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x788, &(0x7f00000007c0)="$eJzs3d1rW+UfAPDvSdt17fb7tYKg86ogaGEstbNuCl5MvBDBwUCv3UKaldm0GU061lJwQwRvBBUvBL3ZtS/zzltfbvW/8EI2pnZjEy+kctJkS9ekS2uTFPr5wGme55yTPs83z3l5Ts5DTgD71lj6JxNxJCI+SiJGavOTiBiopvojTq2vd291JZ9OSaytvflHUl3nzupKPhrekzpUyzwZET++H3E0s7nc8tLybK5YLCzU8hOVuYsT5aXlYxfmcjOFmcL8icmpqeMnXzh5YvdivfvL8uGbH7/27Den/n7viesf/pTEqThcW9YYx24Zi7HaZzKQfoQbvLrbhfVY0usKsCPprtm3vpfHkRiJvmqqhaFu1gwA6JR3I2INANhnEud/ANhn6t8D3Fldyden3n4j0V23XomIg+vx1+9vri/pr92zO1i9Dzp8J9lwZySJiNFdKH8sIr747u2v0ik6dB8SoJkrVyPi3OjY5uN/smnMwnY9t9XCtcHqy9hDsx3/oHu+T/s/Lzbr/2Xu93+iSf9nsMm+uxOP3v8zN3ahmJbS/t/LDWPb7jXEXzPaV8v9r9rnG0jOXygW0mPb/yNiPAYG0/xkddXmo6DGb/9zu1X5jf2/Pz9558u0/PT1wRqZG/2DG98znavk/mvcdbeuRjzV3yz+5H77Jy36v2faLOP1lz74vNWyNP403vq0Of7OWrsW8UzT9n/QlsmW4xMnqpvDRH2jaOLbXz8bblV+Y/unU1p+/VqglWQXB9ul7T+8dfyjSeN4zfL2y/j52sgPrZY9Ov7m2/+B5K1q+kBt3uVcpbIwGXEgeWPz/OMP3lvP19dP4x9/uvn+v9X2n14Tnmsz/v6bv3+98/g7K41/elvtv/3E9Xuzfa3Kb6/9p6qp8dqcdo5/7VXw7g62ZgAAAAAAAAAAAAAAAAAAAAAAAADYvkxEHI4kk72fzmSy2fVneD8ew5liKRNHz5cW56ej+qzs0RjI1H/qcqTh91Ana7+HX88ffyj/fEQ8FhGfDg5V89l8qTjd6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOZQi+f/p34b7HXtAICOOdjrCgAAXef8DwD7z/bO/0MdqwcA0D2u/wFg/2n7/H+us/UAALrH9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAddub06XRa+2t1JZ/mpy8tLc6WLh2bLpRns3OL+Wy+tHAxO1MqzRQL2XxpruU/urL+UiyVLk7F/OLliUqhXJkoLy2fnSstzlfOXpjLzRTOFga6FhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtK+8tDybKxYLCxJbJob2RjX2TKI/9kQ1JDqWaDxKDPXuAAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwx/0bAAD//9VrKnk=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x242, 0x0)
close(r1)
r2 = socket(0x11, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x4, 0xd, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xdb9}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0x2}, @printk={@i}]}, 0x0, 0x99, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x33, &(0x7f0000000040)=0x80000000, 0x1a)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @local}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0xaf, 0x0, 0x0, 0x0, 0xdffc})
ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x128})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clock_gettime(0xfffffffffffffffc, &(0x7f0000003a40))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000280)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0xdf, 0x4, 0x0, @private1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0x6, 0x48be}})
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

5.271573734s ago: executing program 34 (id=1797):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='percpu_free_percpu\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3804c82, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x788, &(0x7f00000007c0)="$eJzs3d1rW+UfAPDvSdt17fb7tYKg86ogaGEstbNuCl5MvBDBwUCv3UKaldm0GU061lJwQwRvBBUvBL3ZtS/zzltfbvW/8EI2pnZjEy+kctJkS9ekS2uTFPr5wGme55yTPs83z3l5Ts5DTgD71lj6JxNxJCI+SiJGavOTiBiopvojTq2vd291JZ9OSaytvflHUl3nzupKPhrekzpUyzwZET++H3E0s7nc8tLybK5YLCzU8hOVuYsT5aXlYxfmcjOFmcL8icmpqeMnXzh5YvdivfvL8uGbH7/27Den/n7viesf/pTEqThcW9YYx24Zi7HaZzKQfoQbvLrbhfVY0usKsCPprtm3vpfHkRiJvmqqhaFu1gwA6JR3I2INANhnEud/ANhn6t8D3Fldyden3n4j0V23XomIg+vx1+9vri/pr92zO1i9Dzp8J9lwZySJiNFdKH8sIr747u2v0ik6dB8SoJkrVyPi3OjY5uN/smnMwnY9t9XCtcHqy9hDsx3/oHu+T/s/Lzbr/2Xu93+iSf9nsMm+uxOP3v8zN3ahmJbS/t/LDWPb7jXEXzPaV8v9r9rnG0jOXygW0mPb/yNiPAYG0/xkddXmo6DGb/9zu1X5jf2/Pz9558u0/PT1wRqZG/2DG98znavk/mvcdbeuRjzV3yz+5H77Jy36v2faLOP1lz74vNWyNP403vq0Of7OWrsW8UzT9n/QlsmW4xMnqpvDRH2jaOLbXz8bblV+Y/unU1p+/VqglWQXB9ul7T+8dfyjSeN4zfL2y/j52sgPrZY9Ov7m2/+B5K1q+kBt3uVcpbIwGXEgeWPz/OMP3lvP19dP4x9/uvn+v9X2n14Tnmsz/v6bv3+98/g7K41/elvtv/3E9Xuzfa3Kb6/9p6qp8dqcdo5/7VXw7g62ZgAAAAAAAAAAAAAAAAAAAAAAAADYvkxEHI4kk72fzmSy2fVneD8ew5liKRNHz5cW56ej+qzs0RjI1H/qcqTh91Ana7+HX88ffyj/fEQ8FhGfDg5V89l8qTjd6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOZQi+f/p34b7HXtAICOOdjrCgAAXef8DwD7z/bO/0MdqwcA0D2u/wFg/2n7/H+us/UAALrH9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAddub06XRa+2t1JZ/mpy8tLc6WLh2bLpRns3OL+Wy+tHAxO1MqzRQL2XxpruU/urL+UiyVLk7F/OLliUqhXJkoLy2fnSstzlfOXpjLzRTOFga6FhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtK+8tDybKxYLCxJbJob2RjX2TKI/9kQ1JDqWaDxKDPXuAAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwx/0bAAD//9VrKnk=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x242, 0x0)
close(r1)
r2 = socket(0x11, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x4, 0xd, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xdb9}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0x2}, @printk={@i}]}, 0x0, 0x99, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x33, &(0x7f0000000040)=0x80000000, 0x1a)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @local}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0xaf, 0x0, 0x0, 0x0, 0xdffc})
ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000000)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x128})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clock_gettime(0xfffffffffffffffc, &(0x7f0000003a40))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000280)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0xdf, 0x4, 0x0, @private1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0x6, 0x48be}})
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.497800402s ago: executing program 4 (id=1839):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000003c0), 0x10)
close(r1)

2.486127602s ago: executing program 4 (id=1840):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @dev}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xfffffffe}]}, 0x64}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x14, 0x2, 0x1, 0x409, 0x0, 0x0, {0xa}}, 0x14}}, 0x4000)

2.414789932s ago: executing program 4 (id=1843):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001c40)={@ifindex, 0xffffffffffffffff, 0x7, 0x0, 0x0, @void, @value}, 0x20)

2.390282213s ago: executing program 4 (id=1845):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r7, 0x0, 0x4000004)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@noload}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

1.043927206s ago: executing program 4 (id=1857):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)

431.135668ms ago: executing program 7 (id=1909):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000280)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nobh}, {@block_validity}, {@mb_optimize_scan}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000003, 0x20010, 0xffffffffffffffff, 0xa6720000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x7, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000dd850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)

376.336308ms ago: executing program 6 (id=1913):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x94, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)

375.650428ms ago: executing program 6 (id=1915):
unshare(0x24020400)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket(0x15, 0x5, 0x0)
recvmsg$can_raw(r1, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)

337.269679ms ago: executing program 6 (id=1916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000100)=@framed={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0, @generic={0x65}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

336.429858ms ago: executing program 0 (id=1919):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)

290.026559ms ago: executing program 6 (id=1920):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)

289.722129ms ago: executing program 0 (id=1922):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)=@known='user.incfs.size\x00')

279.198629ms ago: executing program 5 (id=1923):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000002c00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xe72, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0)

268.164819ms ago: executing program 5 (id=1924):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
socket(0x2, 0x80003, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{}, &(0x7f0000000500), 0x0}, 0x20)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f00000002c0)={[{@noblock_validity}, {@mb_optimize_scan}, {@norecovery}, {@minixdf}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setpgid(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = io_uring_setup(0xaab, &(0x7f0000000340)={0x0, 0x40000001})
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
listen(r3, 0x20000005)
r4 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='b 75:', @ANYRESOCT], 0x9)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000180)='wg0\x00', 0x10)
accept4(r3, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

205.644999ms ago: executing program 0 (id=1925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
setitimer(0x2, 0x0, 0x0)

195.322929ms ago: executing program 5 (id=1926):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f00000004c0)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "ee527a", 0x44, 0x3c, 0x0, @empty, @mcast2}}}}, 0x0)

187.770779ms ago: executing program 7 (id=1927):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x4}]}, 0x10)

129.952739ms ago: executing program 4 (id=1928):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x16)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

129.655239ms ago: executing program 5 (id=1929):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x0)

129.331649ms ago: executing program 7 (id=1930):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x41, 0x0)
writev(r0, &(0x7f0000000380)=[{0x0}], 0x1)

129.205379ms ago: executing program 0 (id=1931):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000140)='./bus\x00', 0x1a404ac, &(0x7f0000001480)=ANY=[], 0xfe, 0x0, &(0x7f0000000000))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)
renameat2(r1, &(0x7f0000000240)='./bus/file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0x0)

129.055819ms ago: executing program 7 (id=1932):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x14f, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000aaaaaaaaaabb81004c00080046b8013d00660000292f9078e0000001ac1e0001010000000421"], 0x0)

117.076049ms ago: executing program 0 (id=1933):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r0, 0x0, 0x0)

116.841659ms ago: executing program 5 (id=1934):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000002c00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xe72, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0)

104.927599ms ago: executing program 5 (id=1935):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000002c0)={[{@mb_optimize_scan}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@auto_da_alloc}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')

70.67345ms ago: executing program 7 (id=1936):
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
process_vm_writev(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

70.28438ms ago: executing program 6 (id=1937):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r0, 0xffffffffffffffff, 0x0)

69.93617ms ago: executing program 0 (id=1938):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x4c, 0x0, 0x3a)

69.532719ms ago: executing program 7 (id=1939):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
mount(0x0, 0x0, 0x0, 0x2000000, 0x0)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x400c0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002240)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x1)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
io_uring_setup(0x2282, &(0x7f0000000140))
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000060bfa300000000000007030000f0ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000a0000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebaa2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15f279b513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8d075ffaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac42738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998802008f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300020b000000000000000000000003000600002000000200000000000000000000000000000002000100000000000000fb03000000e6030005000000000002000000ac1414aa0000000000000000010008"], 0x58}, 0x1, 0x7}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x7fffffffffffffff, 0x1000000000200})

0s ago: executing program 6 (id=1940):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x800, 0x0)

kernel console output (not intermixed with test programs):

rypted files will use data=ordered instead of data journaling mode
[   53.928783][ T1443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.433'.
[   53.934042][   T28] audit: type=1326 audit(1733965125.220:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1442 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   53.965509][   T28] audit: type=1326 audit(1733965125.220:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1442 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   53.988834][   T28] audit: type=1326 audit(1733965125.220:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1442 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   54.012864][   T28] audit: type=1326 audit(1733965125.220:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1442 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   54.035830][   T28] audit: type=1326 audit(1733965125.220:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1442 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   54.036967][ T1441] EXT4-fs (loop4): 1 truncate cleaned up
[   54.064446][ T1441] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   54.082601][ T1441] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #12: block 7: comm syz.4.432: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=56 fake=0
[   54.102009][ T1441] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.4.432: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=56 fake=0
[   54.121539][ T1441] EXT4-fs error (device loop4) in ext4_delete_inline_entry:1804: Corrupt filesystem
[   54.140034][  T292] EXT4-fs (loop4): unmounting filesystem.
[   54.159543][ T1461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.440'.
[   54.168356][ T1461] device bridge_slave_1 left promiscuous mode
[   54.174384][ T1461] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.182216][ T1461] device bridge_slave_0 left promiscuous mode
[   54.189740][ T1463] loop3: detected capacity change from 0 to 256
[   54.193689][ T1461] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.207613][ T1463] FAT-fs (loop3): Directory bread(block 64) failed
[   54.214169][ T1463] FAT-fs (loop3): Directory bread(block 65) failed
[   54.222046][ T1463] FAT-fs (loop3): Directory bread(block 66) failed
[   54.228440][ T1463] FAT-fs (loop3): Directory bread(block 67) failed
[   54.234824][ T1463] FAT-fs (loop3): Directory bread(block 68) failed
[   54.241255][ T1463] FAT-fs (loop3): Directory bread(block 69) failed
[   54.247645][ T1463] FAT-fs (loop3): Directory bread(block 70) failed
[   54.254029][ T1463] FAT-fs (loop3): Directory bread(block 71) failed
[   54.260392][ T1463] FAT-fs (loop3): Directory bread(block 72) failed
[   54.266975][ T1463] FAT-fs (loop3): Directory bread(block 73) failed
[   54.271633][ T1474] loop1: detected capacity change from 0 to 2048
[   54.282290][ T1462] netlink: '+}[@': attribute type 4 has an invalid length.
[   54.289883][ T1471] netlink: 'syz.4.439': attribute type 4 has an invalid length.
[   54.299983][ T1463] +}[@: attempt to access beyond end of device
[   54.299983][ T1463] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   54.313203][ T1463] +}[@: attempt to access beyond end of device
[   54.313203][ T1463] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[   54.326230][ T1474]  loop1: p1 < > p4
[   54.331311][ T1474] loop1: p4 size 8388608 extends beyond EOD, truncated
[   54.390879][ T1485] loop3: detected capacity change from 0 to 512
[   54.436677][ T1485] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   54.445523][ T1485] ext4 filesystem being mounted at /102/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.510767][ T1495] loop4: detected capacity change from 0 to 512
[   54.520406][  T294] EXT4-fs (loop3): unmounting filesystem.
[   54.539397][ T1495] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.561338][ T1512] loop3: detected capacity change from 0 to 512
[   54.581726][ T1495] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   54.592857][ T1495] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.637509][  T292] EXT4-fs (loop4): unmounting filesystem.
[   54.663015][ T1521] loop3: detected capacity change from 0 to 2048
[   54.679006][ T1507] syz.1.459 (1507) used greatest stack depth: 20456 bytes left
[   54.705314][ T1521] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.712900][ T1535] loop2: detected capacity change from 0 to 1024
[   54.722286][ T1535] EXT4-fs: Ignoring removed oldalloc option
[   54.741624][ T1535] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   54.751047][  T294] EXT4-fs (loop3): unmounting filesystem.
[   54.757802][ T1540] loop4: detected capacity change from 0 to 2048
[   54.811441][ T1549] loop3: detected capacity change from 0 to 1024
[   54.827720][ T1549] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.842808][  T294] EXT4-fs (loop3): unmounting filesystem.
[   54.879275][ T1564] loop3: detected capacity change from 0 to 1024
[   54.885706][ T1564] EXT4-fs: Ignoring removed nobh option
[   54.899028][ T1564] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.987719][ T1582] loop1: detected capacity change from 0 to 256
[   55.008977][ T1582] FAT-fs (loop1): Directory bread(block 64) failed
[   55.021925][ T1582] FAT-fs (loop1): Directory bread(block 65) failed
[   55.023556][ T1585] loop4: detected capacity change from 0 to 1024
[   55.036207][ T1582] FAT-fs (loop1): Directory bread(block 66) failed
[   55.043734][ T1585] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   55.047853][ T1582] FAT-fs (loop1): Directory bread(block 67) failed
[   55.059029][ T1585] EXT4-fs (loop4): shut down requested (0)
[   55.059383][  T294] EXT4-fs (loop3): unmounting filesystem.
[   55.071901][ T1582] FAT-fs (loop1): Directory bread(block 68) failed
[   55.078777][ T1582] FAT-fs (loop1): Directory bread(block 69) failed
[   55.078912][  T292] EXT4-fs (loop4): unmounting filesystem.
[   55.090295][ T1582] FAT-fs (loop1): Directory bread(block 70) failed
[   55.097148][ T1582] FAT-fs (loop1): Directory bread(block 71) failed
[   55.103757][ T1582] FAT-fs (loop1): Directory bread(block 72) failed
[   55.111419][ T1582] FAT-fs (loop1): Directory bread(block 73) failed
[   55.126595][ T1582] syz.1.491: attempt to access beyond end of device
[   55.126595][ T1582] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   55.140266][ T1582] syz.1.491: attempt to access beyond end of device
[   55.140266][ T1582] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256
[   55.179471][ T1604] netlink: 60 bytes leftover after parsing attributes in process `syz.1.499'.
[   55.198095][ T1600] loop3: detected capacity change from 0 to 512
[   55.205175][ T1600] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   55.218899][ T1600] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   55.229421][ T1608] loop4: detected capacity change from 0 to 256
[   55.237054][ T1600] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.253964][ T1608] FAT-fs (loop4): Directory bread(block 64) failed
[   55.261561][ T1608] FAT-fs (loop4): Directory bread(block 65) failed
[   55.279840][ T1616] loop1: detected capacity change from 0 to 128
[   55.283832][ T1608] FAT-fs (loop4): Directory bread(block 66) failed
[   55.297647][ T1608] FAT-fs (loop4): Directory bread(block 67) failed
[   55.299502][  T294] EXT4-fs (loop3): unmounting filesystem.
[   55.316052][ T1608] FAT-fs (loop4): Directory bread(block 68) failed
[   55.323537][ T1608] FAT-fs (loop4): Directory bread(block 69) failed
[   55.331536][ T1608] FAT-fs (loop4): Directory bread(block 70) failed
[   55.339586][ T1608] FAT-fs (loop4): Directory bread(block 71) failed
[   55.346437][ T1608] FAT-fs (loop4): Directory bread(block 72) failed
[   55.353781][ T1608] FAT-fs (loop4): Directory bread(block 73) failed
[   55.385159][ T1608] syz.4.502: attempt to access beyond end of device
[   55.385159][ T1608] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   55.403255][ T1608] syz.4.502: attempt to access beyond end of device
[   55.403255][ T1608] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256
[   55.664996][ T1653] loop3: detected capacity change from 0 to 2048
[   55.814468][ T1653] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   55.826856][ T1658] 9pnet_fd: Insufficient options for proto=fd
[   55.845138][  T294] EXT4-fs (loop3): unmounting filesystem.
[   55.858940][  T298] EXT4-fs (loop2): unmounting filesystem.
[   55.893031][ T1674] loop3: detected capacity change from 0 to 512
[   55.908731][ T1674] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   55.912870][ T1686] loop4: detected capacity change from 0 to 1024
[   55.917546][ T1674] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.924187][ T1686] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.941830][ T1682] loop2: detected capacity change from 0 to 256
[   55.955362][ T1682] FAT-fs (loop2): bogus number of FAT sectors
[   55.955851][  T294] EXT4-fs (loop3): unmounting filesystem.
[   55.963685][ T1682] FAT-fs (loop2): Can't find a valid FAT filesystem
[   55.974964][ T1686] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   56.003215][  T292] EXT4-fs (loop4): unmounting filesystem.
[   56.082523][ T1705] syz.0.540[1705] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.082595][ T1705] syz.0.540[1705] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.139050][ T1711] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[   56.314721][ T1726] loop2: detected capacity change from 0 to 2048
[   56.321360][ T1723] netlink: 28 bytes leftover after parsing attributes in process `syz.4.551'.
[   56.335890][ T1723] netlink: 24 bytes leftover after parsing attributes in process `syz.4.551'.
[   56.374339][ T1732] loop4: detected capacity change from 0 to 1024
[   56.386229][ T1732] EXT4-fs: Ignoring removed nobh option
[   56.404334][ T1732] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   56.418461][ T1732] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   56.429586][ T1737] loop1: detected capacity change from 0 to 512
[   56.439823][ T1737] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.560: invalid indirect mapped block 256 (level 2)
[   56.453846][ T1737] EXT4-fs (loop1): 2 truncates cleaned up
[   56.456341][ T1732] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.557: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   56.459483][ T1737] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   56.497134][ T1732] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.557: couldn't read orphan inode 11 (err -117)
[   56.497794][  T297] EXT4-fs (loop1): unmounting filesystem.
[   56.516021][ T1732] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   56.530541][ T1747] loop1: detected capacity change from 0 to 128
[   56.542518][ T1732] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.557: Invalid block bitmap block 0 in block_group 0
[   56.557486][ T1732] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.557: Failed to acquire dquot type 0
[   56.612137][ T1747] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.619175][ T1747] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.643618][ T1748] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=1748 comm=syz.4.557
[   56.788072][  T292] EXT4-fs (loop4): unmounting filesystem.
[   56.801531][  T320] kworker/u4:4: attempt to access beyond end of device
[   56.801531][  T320] loop1: rw=1, sector=145, nr_sectors = 33 limit=128
[   56.815119][   T43] EXT4-fs error (device loop4): ext4_release_dquot:6811: comm kworker/u4:2: Failed to release dquot type 0
[   56.867900][ T1755] netem: unknown loss type 0
[   56.875491][ T1755] netem: change failed
[   56.914834][ T1761] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   56.959414][ T1769] netlink: 12 bytes leftover after parsing attributes in process `syz.0.574'.
[   56.980142][ T1766] loop4: detected capacity change from 0 to 8192
[   56.993066][ T1766] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   57.021589][ T1778] syz.0.578[1778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.021659][ T1778] syz.0.578[1778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.056294][ T1784] loop0: detected capacity change from 0 to 1024
[   57.092915][ T1784] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.103851][ T1796] netlink: 'syz.4.585': attribute type 6 has an invalid length.
[   57.123585][ T1784] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.581: bg 0: block 393: padding at end of block bitmap is not set
[   57.132890][ T1802] loop4: detected capacity change from 0 to 1024
[   57.151102][ T1802] EXT4-fs: Ignoring removed oldalloc option
[   57.163079][ T1784] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[   57.175987][ T1784] EXT4-fs (loop0): This should not happen!! Data will be lost
[   57.175987][ T1784] 
[   57.219402][ T1819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.594'.
[   57.229812][ T1815] loop0: detected capacity change from 0 to 512
[   57.236058][ T1819] device bridge_slave_1 left promiscuous mode
[   57.242011][ T1815] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   57.246118][ T1819] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.257583][ T1819] device bridge_slave_0 left promiscuous mode
[   57.263705][ T1819] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.399475][ T1843] SELinux:  policydb version 0 does not match my version range 15-33
[   57.399690][ T1842] loop2: detected capacity change from 0 to 128
[   57.407465][ T1843] SELinux: failed to load policy
[   57.419855][ T1842] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.500385][ T1855] 9pnet_fd: Insufficient options for proto=fd
[   57.551117][ T1861] netlink: 'syz.0.613': attribute type 4 has an invalid length.
[   57.662792][ T1865] loop0: detected capacity change from 0 to 512
[   57.677534][ T1865] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.689964][ T1865] EXT4-fs error (device loop0): ext4_acquire_dquot:6788: comm syz.0.615: Failed to acquire dquot type 0
[   57.719964][ T1871] loop0: detected capacity change from 0 to 512
[   57.832990][ T1883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.622'.
[   57.841705][ T1883] device bridge_slave_1 left promiscuous mode
[   57.847812][ T1883] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.855278][ T1883] device bridge_slave_0 left promiscuous mode
[   57.861999][ T1883] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.864160][ T1887] loop0: detected capacity change from 0 to 2048
[   57.908360][ T1892] loop0: detected capacity change from 0 to 512
[   57.915835][ T1892] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.625: bg 0: block 393: padding at end of block bitmap is not set
[   57.930844][ T1892] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   57.939927][ T1892] EXT4-fs (loop0): 2 truncates cleaned up
[   57.946407][ T1892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.625'.
[   57.964441][ T1895] loop0: detected capacity change from 0 to 128
[   57.974600][ T1895] syz.0.626: attempt to access beyond end of device
[   57.974600][ T1895] loop0: rw=2049, sector=177, nr_sectors = 1 limit=128
[   57.988689][ T1895] syz.0.626: attempt to access beyond end of device
[   57.988689][ T1895] loop0: rw=2049, sector=153, nr_sectors = 24 limit=128
[   58.002256][ T1895] syz.0.626: attempt to access beyond end of device
[   58.002256][ T1895] loop0: rw=2049, sector=177, nr_sectors = 1 limit=128
[   58.015639][ T1895] Buffer I/O error on dev loop0, logical block 177, lost async page write
[   58.022170][ T1900] syz.1.628[1900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.023996][ T1900] syz.1.628[1900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.150909][ T1917] loop4: detected capacity change from 0 to 512
[   58.162933][ T1924] loop3: detected capacity change from 0 to 2048
[   58.180527][ T1926] random: crng reseeded on system resumption
[   58.304774][ T1953] loop6: detected capacity change from 0 to 7
[   58.368029][ T1962] netlink: 4 bytes leftover after parsing attributes in process `syz.3.650'.
[   58.426370][   T28] kauditd_printk_skb: 387 callbacks suppressed
[   58.426385][   T28] audit: type=1326 audit(1733965129.760:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc9e5576ee7 code=0x7ffc0000
[   58.487374][   T28] audit: type=1326 audit(1733965129.790:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc9e551c119 code=0x7ffc0000
[   58.526888][ T1992] can0: slcan on pts0.
[   58.547670][   T28] audit: type=1326 audit(1733965129.790:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc9e5576ee7 code=0x7ffc0000
[   58.577358][ T1991] can0 (unregistered): slcan off pts0.
[   58.602976][ T2002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.666'.
[   58.637565][   T28] audit: type=1326 audit(1733965129.790:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc9e551c119 code=0x7ffc0000
[   58.701543][   T28] audit: type=1326 audit(1733965129.790:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   58.775139][   T28] audit: type=1326 audit(1733965129.790:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   58.824333][ T2018] xt_nat: multiple ranges no longer supported
[   58.829484][   T28] audit: type=1326 audit(1733965129.790:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   58.887503][   T28] audit: type=1326 audit(1733965129.790:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   58.919670][ T2052] loop2: detected capacity change from 0 to 512
[   58.943522][ T2052] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.944170][   T28] audit: type=1326 audit(1733965129.790:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.3.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   58.996523][   T28] audit: type=1326 audit(1733965129.810:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc9e5576ee7 code=0x7ffc0000
[   59.068744][ T2080] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[   59.201258][ T2117] loop2: detected capacity change from 0 to 2048
[   59.284412][ T2136] loop1: detected capacity change from 0 to 128
[   59.294163][ T2138] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.309782][ T2136] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[   59.320093][ T2140] loop2: detected capacity change from 0 to 2048
[   59.327600][ T2136] FAT-fs (loop1): Filesystem has been set read-only
[   59.330027][ T2142] loop3: detected capacity change from 0 to 512
[   59.351562][ T2142] ext4 filesystem being mounted at /152/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.365079][ T2142] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #12: comm syz.3.729: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   59.388333][ T2147] loop1: detected capacity change from 0 to 512
[   59.407656][ T2147] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.423807][ T2147] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.731: bg 0: block 255: padding at end of block bitmap is not set
[   59.497361][ T2169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.739'.
[   59.580963][ T2191] xt_hashlimit: max too large, truncated to 1048576
[   59.591147][ T2195] device pim6reg1 entered promiscuous mode
[   59.699673][ T2215] device pim6reg1 entered promiscuous mode
[   59.742950][ T2225] loop1: detected capacity change from 0 to 512
[   59.750445][ T2225] EXT4-fs error (device loop1): ext4_get_journal_inode:5721: inode #32: comm syz.1.768: iget: special inode unallocated
[   59.763240][ T2225] EXT4-fs (loop1): Remounting filesystem read-only
[   59.770712][ T2225] EXT4-fs (loop1): no journal found
[   59.776182][ T2225] EXT4-fs (loop1): can't get journal size
[   59.782210][ T2225] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   59.791805][ T2225] EXT4-fs error (device loop1): ext4_protect_reserved_inode:160: inode #32: comm syz.1.768: iget: special inode unallocated
[   59.804876][ T2225] EXT4-fs (loop1): Remounting filesystem read-only
[   59.811421][ T2225] EXT4-fs (loop1): failed to initialize system zone (-117)
[   59.818692][ T2225] EXT4-fs (loop1): mount failed
[   59.902710][ T2235] syz.1.772[2235] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.902779][ T2235] syz.1.772[2235] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.929443][ T2237] loop1: detected capacity change from 0 to 512
[   59.964691][ T2237] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[   59.966044][ T2245] capability: warning: `syz.4.776' uses deprecated v2 capabilities in a way that may be insecure
[   59.979603][ T2237] EXT4-fs (loop1): mount failed
[   60.158550][ T2275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.790'.
[   60.240973][ T2285] loop1: detected capacity change from 0 to 512
[   60.247236][ T2285] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   60.340893][ T2293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.799'.
[   60.368046][ T2295] loop1: detected capacity change from 0 to 512
[   60.374419][ T2295] EXT4-fs: Ignoring removed nobh option
[   60.380509][ T2295] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.391569][ T2295] EXT4-fs (loop1): 1 truncate cleaned up
[   60.440772][ T2304] tipc: Cannot configure node identity twice
[   60.449073][ T2306] loop1: detected capacity change from 0 to 1024
[   60.455487][ T2306] EXT4-fs: Ignoring removed orlov option
[   60.461970][ T2306] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.476052][ T1150] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   60.599715][ T2327] netlink: 'syz.2.814': attribute type 3 has an invalid length.
[   60.628128][ T2330] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=2330 comm=syz.0.811
[   60.655997][ T1150] usb 4-1: Using ep0 maxpacket: 32
[   60.662162][ T1150] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   60.679755][ T1150] usb 4-1: config 0 has no interfaces?
[   60.685112][ T1150] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   60.695547][ T1150] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.710366][ T1150] usb 4-1: config 0 descriptor??
[   60.718589][ T2348] loop1: detected capacity change from 0 to 512
[   60.725868][ T2348] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   60.743245][ T2348] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[   60.753779][ T2348] System zones: 1-12
[   60.758231][ T2348] EXT4-fs (loop1): orphan cleanup on readonly fs
[   60.759888][ T2356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.827'.
[   60.773637][ T2348] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.824: bg 0: block 361: padding at end of block bitmap is not set
[   60.788460][ T2348] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   60.797251][ T2348] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.824: attempt to clear invalid blocks 33619980 len 1
[   60.813533][ T2348] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.824: invalid indirect mapped block 1811939328 (level 0)
[   60.827535][ T2348] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.824: invalid indirect mapped block 2 (level 2)
[   60.840994][ T2348] EXT4-fs (loop1): 1 truncate cleaned up
[   60.882862][ T2368] loop1: detected capacity change from 0 to 256
[   60.891218][ T2368] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[   60.918924][  T341] usb 4-1: USB disconnect, device number 2
[   60.950361][ T2372] loop1: detected capacity change from 0 to 2048
[   60.964636][ T2380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.839'.
[   60.973759][ T2380] device bridge_slave_1 left promiscuous mode
[   60.980320][ T2380] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.988003][ T2380] device bridge_slave_0 left promiscuous mode
[   60.993940][ T2380] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.006768][ T2372] loop1: detected capacity change from 0 to 512
[   61.016784][ T2372] EXT4-fs: Ignoring removed orlov option
[   61.023482][ T2372] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.033441][ T2372] EXT4-fs (loop1): orphan cleanup on readonly fs
[   61.048118][ T2372] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.835: bg 0: block 248: padding at end of block bitmap is not set
[   61.063338][ T2372] EXT4-fs error (device loop1): ext4_acquire_dquot:6788: comm syz.1.835: Failed to acquire dquot type 1
[   61.074809][ T2372] EXT4-fs (loop1): 1 truncate cleaned up
[   61.081533][ T2372] EXT4-fs: Ignoring removed orlov option
[   61.087144][ T2372] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.095389][ T2372] EXT4-fs error (device loop1): __ext4_remount:6436: comm syz.1.835: Abort forced by user
[   61.106430][ T2372] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.835: deleted inode referenced: 12
[   61.122398][ T2372] xt_hashlimit: max too large, truncated to 1048576
[   61.129184][ T2372] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.835: deleted inode referenced: 12
[   61.154693][ T2372] syz.1.835 (2372) used greatest stack depth: 19592 bytes left
[   61.218364][ T2395] loop2: detected capacity change from 0 to 2048
[   61.275162][ T2413] loop4: detected capacity change from 0 to 512
[   61.287735][ T2413] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.311231][ T2413] EXT4-fs error (device loop4): ext4_lookup:1850: inode #2: comm syz.4.852: bad inode number: 12
[   61.314167][ T2418] netlink: 276 bytes leftover after parsing attributes in process `syz.2.854'.
[   61.435914][ T2437] loop1: detected capacity change from 0 to 128
[   61.448942][ T2437] syz.1.863: attempt to access beyond end of device
[   61.448942][ T2437] loop1: rw=2049, sector=145, nr_sectors = 3 limit=128
[   61.463952][ T2439] loop3: detected capacity change from 0 to 128
[   61.472224][ T2437] syz.1.863: attempt to access beyond end of device
[   61.472224][ T2437] loop1: rw=0, sector=97, nr_sectors = 32 limit=128
[   61.728523][ T2437] syz.1.863: attempt to access beyond end of device
[   61.728523][ T2437] loop1: rw=0, sector=145, nr_sectors = 3 limit=128
[   61.746167][ T2442] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   61.755700][ T2439] syz.3.864: attempt to access beyond end of device
[   61.755700][ T2439] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   61.801737][ T2439] syz.3.864: attempt to access beyond end of device
[   61.801737][ T2439] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   61.834763][ T2439] syz.3.864: attempt to access beyond end of device
[   61.834763][ T2439] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   61.851836][ T2439] syz.3.864: attempt to access beyond end of device
[   61.851836][ T2439] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   61.884349][ T2439] syz.3.864: attempt to access beyond end of device
[   61.884349][ T2439] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   61.902264][ T2439] syz.3.864: attempt to access beyond end of device
[   61.902264][ T2439] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   61.915362][ T2439] syz.3.864: attempt to access beyond end of device
[   61.915362][ T2439] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   61.932092][ T2460] loop1: detected capacity change from 0 to 512
[   61.938579][ T2460] EXT4-fs: Ignoring removed orlov option
[   61.947171][ T2460] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   61.958605][ T2460] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   61.974930][ T2460] EXT4-fs (loop1): 1 orphan inode deleted
[   61.980607][ T2460] EXT4-fs (loop1): 1 truncate cleaned up
[   61.988235][  T341] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   61.995941][  T341] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   62.128357][ T2472] loop3: detected capacity change from 0 to 512
[   62.250020][ T2478] loop4: detected capacity change from 0 to 2048
[   62.596363][ T2416] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   62.690143][ T2416] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   62.995517][ T2494] loop1: detected capacity change from 0 to 1024
[   63.018868][ T2494] EXT4-fs: Ignoring removed oldalloc option
[   63.161432][ T2505] __nla_validate_parse: 4 callbacks suppressed
[   63.161447][ T2505] netlink: 104 bytes leftover after parsing attributes in process `syz.0.889'.
[   63.184052][ T2503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.888'.
[   63.270966][ T1930] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[   63.283289][ T1930] EXT4-fs (loop4): This should not happen!! Data will be lost
[   63.283289][ T1930] 
[   63.296757][ T1930] EXT4-fs (loop4): Total free blocks count 0
[   63.310040][ T1930] EXT4-fs (loop4): Free/Dirty block details
[   63.315756][ T1930] EXT4-fs (loop4): free_blocks=2415919104
[   63.325574][ T1930] EXT4-fs (loop4): dirty_blocks=7392
[   63.332676][ T1930] EXT4-fs (loop4): Block reservation details
[   63.338989][ T1930] EXT4-fs (loop4): i_reserved_data_blocks=462
[   63.348196][ T2523] loop1: detected capacity change from 0 to 512
[   63.367234][ T1937] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[   63.377953][ T2528] loop3: detected capacity change from 0 to 2048
[   63.386265][ T1937] EXT4-fs (loop4): This should not happen!! Data will be lost
[   63.386265][ T1937] 
[   63.401183][ T2523] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.404997][ T2534] loop2: detected capacity change from 0 to 256
[   63.446587][ T2523] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   63.448514][ T2536] loop3: detected capacity change from 0 to 512
[   63.483212][ T2536] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.903: iget: bad extended attribute block 1
[   63.496652][ T2523] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 3 with error 28
[   63.509124][ T2536] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.903: couldn't read orphan inode 15 (err -117)
[   63.519184][ T2523] EXT4-fs (loop1): This should not happen!! Data will be lost
[   63.519184][ T2523] 
[   63.530265][ T2523] EXT4-fs (loop1): Total free blocks count 0
[   63.536209][ T2523] EXT4-fs (loop1): Free/Dirty block details
[   63.542010][ T2523] EXT4-fs (loop1): free_blocks=65280
[   63.547174][ T2523] EXT4-fs (loop1): dirty_blocks=4
[   63.552191][ T2523] EXT4-fs (loop1): Block reservation details
[   63.558097][ T2523] EXT4-fs (loop1): i_reserved_data_blocks=4
[   63.570265][   T28] kauditd_printk_skb: 454 callbacks suppressed
[   63.570277][   T28] audit: type=1400 audit(1733969229.898:1740): avc:  denied  { read append open } for  pid=2535 comm="syz.3.903" path="/180/file0/cpu.stat" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   63.608171][ T2536] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   63.615909][   T28] audit: type=1400 audit(1733969229.938:1741): avc:  denied  { ioctl } for  pid=2535 comm="syz.3.903" path="/180/file0/cpu.stat" dev="loop3" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   63.646637][   T28] audit: type=1400 audit(1733969229.968:1742): avc:  denied  { name_bind } for  pid=2547 comm="syz.0.908" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   63.682849][   T28] audit: type=1326 audit(1733969230.008:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.718533][   T28] audit: type=1326 audit(1733969230.038:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.742262][   T28] audit: type=1326 audit(1733969230.038:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.788495][ T2570] loop3: detected capacity change from 0 to 2048
[   63.790536][ T2572] loop4: detected capacity change from 0 to 512
[   63.794918][   T28] audit: type=1326 audit(1733969230.038:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.801716][ T2572] EXT4-fs: Ignoring removed mblk_io_submit option
[   63.824206][   T28] audit: type=1326 audit(1733969230.038:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.832106][ T2572] EXT4-fs: Ignoring removed bh option
[   63.853385][   T28] audit: type=1326 audit(1733969230.038:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.882026][ T2572] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   63.897342][ T2572] EXT4-fs (loop4): 1 truncate cleaned up
[   63.925051][   T28] audit: type=1326 audit(1733969230.038:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2553 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1236b7ff19 code=0x7ffc0000
[   63.967403][ T2584] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2584 comm=syz.3.923
[   64.008298][ T2584] loop3: detected capacity change from 0 to 8192
[   64.036306][ T2584]  loop3: p2 p3 p4
[   64.039858][ T2584] loop3: p2 start 14935 is beyond EOD, truncated
[   64.046383][ T2584] loop3: p3 size 196608 extends beyond EOD, truncated
[   64.053406][ T2584] loop3: p4 start 4026530307 is beyond EOD, truncated
[   64.209935][ T2605] loop4: detected capacity change from 0 to 2048
[   64.292997][ T2615] loop4: detected capacity change from 0 to 1024
[   64.322764][ T2619] loop4: detected capacity change from 0 to 1024
[   64.329672][ T2619] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   64.340540][ T2619] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[   64.350466][ T2619] EXT4-fs (loop4): invalid journal inode
[   64.356039][ T2619] EXT4-fs (loop4): can't get journal size
[   64.372266][ T2622] loop4: detected capacity change from 0 to 512
[   64.378808][ T2622] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   64.390188][ T2622] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   64.404665][ T2622] EXT4-fs (loop4): 1 truncate cleaned up
[   64.654543][ T2640] mmap: syz.4.945 (2640) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   64.695921][ T2646] loop4: detected capacity change from 0 to 4096
[   64.788469][ T2654] loop0: detected capacity change from 0 to 2048
[   64.832107][ T2664] netlink: 4 bytes leftover after parsing attributes in process `syz.2.955'.
[   64.886306][ T2674] netlink: 8 bytes leftover after parsing attributes in process `syz.2.960'.
[   64.975631][ T2690] loop3: detected capacity change from 0 to 128
[   64.996508][ T2690] FAT-fs (loop3): Unrecognized mount option "0" or missing value
[   65.015163][ T2688] loop4: detected capacity change from 0 to 4096
[   65.105318][ T2709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.977'.
[   65.145203][ T2711] netlink: 36 bytes leftover after parsing attributes in process `syz.4.978'.
[   65.214155][ T2728] netlink: 340 bytes leftover after parsing attributes in process `syz.3.986'.
[   65.346282][ T2739] netlink: 4 bytes leftover after parsing attributes in process `syz.1.990'.
[   65.453169][ T2752] loop1: detected capacity change from 0 to 2048
[   65.497212][ T1930] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   65.512275][ T1930] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[   65.532715][ T1930] EXT4-fs (loop0): This should not happen!! Data will be lost
[   65.532715][ T1930] 
[   65.545509][ T1930] EXT4-fs (loop0): Total free blocks count 0
[   65.556159][ T1930] EXT4-fs (loop0): Free/Dirty block details
[   65.562082][ T1930] EXT4-fs (loop0): free_blocks=2415919104
[   65.567872][ T1930] EXT4-fs (loop0): dirty_blocks=8208
[   65.572988][ T1930] EXT4-fs (loop0): Block reservation details
[   65.579420][ T1930] EXT4-fs (loop0): i_reserved_data_blocks=513
[   65.608544][ T1930] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[   65.624659][ T1930] EXT4-fs (loop0): This should not happen!! Data will be lost
[   65.624659][ T1930] 
[   65.676044][ T1150] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[   65.836031][ T1150] usb 5-1: device descriptor read/64, error -71
[   66.036969][ T2776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1007'.
[   66.052476][ T2777] loop0: detected capacity change from 0 to 2048
[   66.070066][ T2777] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   66.082625][ T2777] EXT4-fs error (device loop0): ext4_init_orphan_info:586: comm syz.0.1006: inode #0: comm syz.0.1006: iget: illegal inode #
[   66.098232][ T2781] loop1: detected capacity change from 0 to 2048
[   66.104670][ T2777] EXT4-fs (loop0): get orphan inode failed
[   66.106139][ T1150] usb 5-1: device descriptor read/64, error -71
[   66.115023][ T2777] EXT4-fs (loop0): mount failed
[   66.184793][ T2790] syz.0.1012[2790] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.184833][ T2790] syz.0.1012[2790] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.199550][ T2790] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   66.237155][ T2797] loop3: detected capacity change from 0 to 128
[   66.247390][ T2794] loop0: detected capacity change from 0 to 256
[   66.281710][ T2803] loop1: detected capacity change from 0 to 256
[   66.319125][ T2807] device pim6reg1 entered promiscuous mode
[   66.337819][ T2809] loop1: detected capacity change from 0 to 2048
[   66.356153][ T2811] loop3: detected capacity change from 0 to 1024
[   66.362670][ T2811] EXT4-fs: Ignoring removed orlov option
[   66.378565][ T2811] EXT4-fs error (device loop3): ext4_read_inline_dir:1593: inode #12: block 7: comm syz.3.1022: path /200/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[   66.400279][ T1150] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[   66.400397][ T2811] EXT4-fs (loop3): Remounting filesystem read-only
[   66.451836][ T2822] loop1: detected capacity change from 0 to 128
[   66.484310][ T2828] syz.1.1029[2828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.484363][ T2828] syz.1.1029[2828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.556026][ T1150] usb 5-1: device descriptor read/64, error -71
[   66.574773][ T2842] loop1: detected capacity change from 0 to 128
[   66.608761][ T2842] bio_check_eod: 4 callbacks suppressed
[   66.608777][ T2842] syz.1.1035: attempt to access beyond end of device
[   66.608777][ T2842] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[   66.677723][ T2855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1040'.
[   66.701978][ T2858] loop1: detected capacity change from 0 to 1024
[   66.723679][ T2858] EXT4-fs: Ignoring removed nobh option
[   66.769608][ T2873] xt_hashlimit: max too large, truncated to 1048576
[   66.836076][ T1150] usb 5-1: device descriptor read/64, error -71
[   66.956286][ T1150] usb usb5-port1: attempt power cycle
[   67.131337][ T2924] loop1: detected capacity change from 0 to 512
[   67.146914][ T2928] device pim6reg1 entered promiscuous mode
[   67.155406][ T2924] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.167204][ T2924] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   67.255387][ T2956] loop1: detected capacity change from 0 to 512
[   67.270112][ T2956] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.357013][ T2984] loop3: detected capacity change from 0 to 512
[   67.366023][ T1150] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[   67.375128][ T2984] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.392852][ T2984] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.1099: corrupted inode contents
[   67.405839][ T2984] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #2: comm syz.3.1099: mark_inode_dirty error
[   67.405900][ T1150] usb 5-1: device descriptor read/8, error -71
[   67.418214][ T2984] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.1099: corrupted inode contents
[   67.450932][ T2984] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.1099: mark_inode_dirty error
[   67.469252][ T2996] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   67.482977][  T294] EXT4-fs unmount: 61 callbacks suppressed
[   67.482990][  T294] EXT4-fs (loop3): unmounting filesystem.
[   67.500811][ T3000] Invalid ELF header magic: != ELF
[   67.514761][ T3004] loop3: detected capacity change from 0 to 512
[   67.525734][ T3002] loop2: detected capacity change from 0 to 1024
[   67.525734][ T3006] loop1: detected capacity change from 0 to 512
[   67.538916][ T3006] EXT4-fs (loop1): too many log groups per flexible block group
[   67.546620][ T3006] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   67.548097][ T3004] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   67.553299][ T3006] EXT4-fs (loop1): mount failed
[   67.562830][ T3004] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.568036][ T1150] usb 5-1: device descriptor read/8, error -71
[   67.578449][ T3002] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   67.595087][ T3002] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2739: inode #15: comm syz.2.1108: corrupted in-inode xattr
[   67.608277][  T294] EXT4-fs (loop3): unmounting filesystem.
[   67.643115][ T3014] device pim6reg1 entered promiscuous mode
[   67.649714][  T298] EXT4-fs (loop2): unmounting filesystem.
[   67.695736][ T3023] loop1: detected capacity change from 0 to 128
[   67.710854][ T3023] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   67.719889][ T3023] ext4 filesystem being mounted at /240/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   67.732742][ T3023] EXT4-fs warning (device loop1): ext4_group_extend:1870: can't shrink FS - resize aborted
[   67.754891][  T297] EXT4-fs (loop1): unmounting filesystem.
[   67.846239][ T1150] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[   67.887648][ T1150] usb 5-1: device descriptor read/8, error -71
[   68.195339][ T1150] usb 5-1: device descriptor read/8, error -71
[   68.228029][ T3053] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[   68.259996][ T3060] __nla_validate_parse: 5 callbacks suppressed
[   68.260011][ T3060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1130'.
[   68.275512][ T3062] loop3: detected capacity change from 0 to 2048
[   68.294106][ T3066] loop0: detected capacity change from 0 to 128
[   68.300601][ T3066] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   68.313488][ T3066] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   68.322600][ T1150] usb usb5-port1: unable to enumerate USB device
[   68.324975][ T3066] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   68.385503][ T3076] loop0: detected capacity change from 0 to 512
[   68.392721][ T3076] EXT4-fs error (device loop0): ext4_get_journal_inode:5721: inode #32: comm syz.0.1139: iget: special inode unallocated
[   68.406775][ T3076] EXT4-fs (loop0): Remounting filesystem read-only
[   68.414524][ T3076] EXT4-fs (loop0): no journal found
[   68.423723][ T3076] EXT4-fs (loop0): can't get journal size
[   68.429593][ T3076] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   68.439171][ T3076] EXT4-fs error (device loop0): ext4_protect_reserved_inode:160: inode #32: comm syz.0.1139: iget: special inode unallocated
[   68.453848][ T3076] EXT4-fs (loop0): Remounting filesystem read-only
[   68.455537][ T3089] loop3: detected capacity change from 0 to 512
[   68.462590][ T3076] EXT4-fs (loop0): failed to initialize system zone (-117)
[   68.474991][ T3076] EXT4-fs (loop0): mount failed
[   68.477438][ T3089] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1143: inode #1: comm syz.3.1143: iget: illegal inode #
[   68.493854][ T3089] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1143: error while reading EA inode 1 err=-117
[   68.509337][ T3089] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1143: inode #1: comm syz.3.1143: iget: illegal inode #
[   68.522571][ T3089] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1143: error while reading EA inode 1 err=-117
[   68.535379][ T3089] EXT4-fs (loop3): 1 orphan inode deleted
[   68.541041][ T3089] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   68.603971][  T294] EXT4-fs (loop3): unmounting filesystem.
[   68.624192][ T3101] loop3: detected capacity change from 0 to 128
[   68.634715][ T3101] syz.3.1148: attempt to access beyond end of device
[   68.634715][ T3101] loop3: rw=2049, sector=177, nr_sectors = 1 limit=128
[   68.650752][ T3105] serio: Serial port ptm0
[   68.656335][ T3101] syz.3.1148: attempt to access beyond end of device
[   68.656335][ T3101] loop3: rw=2049, sector=153, nr_sectors = 24 limit=128
[   68.669930][   T28] kauditd_printk_skb: 925 callbacks suppressed
[   68.669939][   T28] audit: type=1400 audit(1733969234.998:2675): avc:  denied  { create } for  pid=3096 comm="syz.2.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   68.686053][ T3101] syz.3.1148: attempt to access beyond end of device
[   68.686053][ T3101] loop3: rw=2049, sector=177, nr_sectors = 1 limit=128
[   68.709048][ T3101] Buffer I/O error on dev loop3, logical block 177, lost async page write
[   68.758787][   T28] audit: type=1326 audit(1733969235.088:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3111 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.785086][   T28] audit: type=1326 audit(1733969235.088:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3111 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.816004][   T28] audit: type=1326 audit(1733969235.088:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3111 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.833512][ T3122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1160'.
[   68.842195][   T28] audit: type=1326 audit(1733969235.088:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3111 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.873488][ T3125] loop3: detected capacity change from 0 to 256
[   68.881254][   T28] audit: type=1400 audit(1733969235.138:2680): avc:  denied  { audit_write } for  pid=3116 comm="syz.0.1156" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   68.903439][   T28] audit: type=1107 audit(1733969235.138:2681): pid=3116 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   68.918852][ T3128] loop0: detected capacity change from 0 to 512
[   68.926838][   T28] audit: type=1326 audit(1733969235.258:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3126 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.951021][ T3128] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   68.960914][ T3128] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.971490][   T28] audit: type=1326 audit(1733969235.258:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3126 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   68.994934][   T28] audit: type=1326 audit(1733969235.258:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3126 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   69.025504][  T291] EXT4-fs (loop0): unmounting filesystem.
[   69.028680][ T3135] loop2: detected capacity change from 0 to 512
[   69.067655][ T3135] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.1164: Failed to acquire dquot type 1
[   69.079275][ T3135] EXT4-fs (loop2): 1 truncate cleaned up
[   69.084811][ T3135] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   69.094160][ T3135] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.108875][  T298] EXT4-fs (loop2): unmounting filesystem.
[   69.147313][ T3156] usb usb4: usbfs: process 3156 (syz.3.1173) did not claim interface 0 before use
[   69.398661][ T3167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1177'.
[   69.448844][ T3174] loop4: detected capacity change from 0 to 512
[   69.455079][ T3174] EXT4-fs: Ignoring removed nomblk_io_submit option
[   69.475833][ T3174] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   69.484605][ T3174] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[   69.497276][ T3174] EXT4-fs (loop4): 1 truncate cleaned up
[   69.503719][ T3174] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   69.523734][ T3174] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 4: comm syz.4.1180: lblock 0 mapped to illegal pblock 4 (length 1)
[   69.546221][ T3174] EXT4-fs (loop4): Remounting filesystem read-only
[   69.552781][ T3174] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 4: comm syz.4.1180: lblock 0 mapped to illegal pblock 4 (length 1)
[   69.567402][ T3174] EXT4-fs (loop4): Remounting filesystem read-only
[   69.581812][  T292] EXT4-fs (loop4): unmounting filesystem.
[   69.999767][ T3197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1190'.
[   70.078296][ T3194] syz.3.1189[3194] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.078371][ T3194] syz.3.1189[3194] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.120385][ T3194] loop3: detected capacity change from 0 to 1024
[   70.134572][ T3212] loop2: detected capacity change from 0 to 2048
[   70.138170][ T3194] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.144089][ T3212] EXT4-fs: Ignoring removed orlov option
[   70.157749][ T3194] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   70.167933][ T3212] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   70.193684][ T3221] usb usb4: usbfs: process 3221 (syz.0.1200) did not claim interface 0 before use
[   70.209865][  T294] EXT4-fs (loop3): unmounting filesystem.
[   70.222516][ T3224] loop3: detected capacity change from 0 to 128
[   70.246924][ T3224] syz.3.1201: attempt to access beyond end of device
[   70.246924][ T3224] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   70.271423][ T3224] syz.3.1201: attempt to access beyond end of device
[   70.271423][ T3224] loop3: rw=0, sector=177, nr_sectors = 1 limit=128
[   70.291183][  T298] EXT4-fs (loop2): unmounting filesystem.
[   70.327066][ T3234] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   70.358310][ T3240] loop2: detected capacity change from 0 to 1024
[   70.435122][ T3252] syz.4.1214[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.435169][ T3252] syz.4.1214[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.449857][ T3253] loop3: detected capacity change from 0 to 512
[   70.527073][ T3253] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   70.539807][ T3253] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.562414][  T294] EXT4-fs (loop3): unmounting filesystem.
[   70.602022][ T3278] loop1: detected capacity change from 0 to 512
[   70.608648][ T3281] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1226'.
[   70.609366][ T3278] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   70.629055][ T3278] EXT4-fs (loop1): 1 truncate cleaned up
[   70.706897][ T3285] loop3: detected capacity change from 0 to 512
[   70.716018][ T3285] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.725270][ T3278] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   70.850405][ T3285] EXT4-fs (loop3): orphan cleanup on readonly fs
[   70.859646][ T3285] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1222: bg 0: block 248: padding at end of block bitmap is not set
[   70.875380][ T3285] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.1222: Failed to acquire dquot type 1
[   70.888723][ T3285] EXT4-fs (loop3): 1 truncate cleaned up
[   70.895056][ T3285] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   71.645327][ T3302] loop2: detected capacity change from 0 to 128
[   71.652527][  T297] EXT4-fs (loop1): unmounting filesystem.
[   71.661956][ T3302] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   71.671179][ T3302] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.692146][ T3302] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1234: bg 0: block 81: padding at end of block bitmap is not set
[   71.741218][ T3318] loop0: detected capacity change from 0 to 1024
[   71.741339][  T294] EXT4-fs (loop3): unmounting filesystem.
[   71.748471][ T3318] EXT4-fs: Ignoring removed nobh option
[   71.759075][ T3318] EXT4-fs: Ignoring removed orlov option
[   71.766462][ T3318] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   71.796871][  T298] EXT4-fs (loop2): unmounting filesystem.
[   71.803468][ T3318] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   71.803533][ T3321] loop3: detected capacity change from 0 to 2048
[   71.825654][ T3321] EXT4-fs: Ignoring removed oldalloc option
[   71.837629][ T3321] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   71.852701][  T291] EXT4-fs (loop0): unmounting filesystem.
[   71.867470][ T3335] 9pnet: Could not find request transport: f
[   71.934479][  T294] EXT4-fs (loop3): unmounting filesystem.
[   72.037777][ T3358] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96
[   72.156902][ T3383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1269'.
[   72.189553][ T3387] loop3: detected capacity change from 0 to 256
[   72.218928][ T3395] loop3: detected capacity change from 0 to 2048
[   72.266886][ T3395]  loop3: p1 < > p4
[   72.270981][ T3395] loop3: p4 size 8388608 extends beyond EOD, truncated
[   72.341371][ T3407] netlink: 45 bytes leftover after parsing attributes in process `syz.0.1281'.
[   72.366561][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.427491][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.439945][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.452554][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.466197][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.475293][ T3425] syz.2.1288[3425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.478483][ T3425] syz.2.1288[3425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.478969][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.513269][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.525774][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.538194][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.550913][ T3413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3413 comm=syz.3.1283
[   72.648519][ T3432] loop4: detected capacity change from 0 to 128
[   72.756741][ T3448] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1299'.
[   72.790229][ T3456] cgroup: Need name or subsystem set
[   72.826298][ T3462] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1306'.
[   72.848277][ T3464] loop1: detected capacity change from 0 to 2048
[   72.955677][ T3475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1312'.
[   73.015486][ T3488] loop1: detected capacity change from 0 to 128
[   73.073778][ T3500] loop1: detected capacity change from 0 to 256
[   73.080697][ T3500] FAT-fs (loop1): bogus number of FAT sectors
[   73.086856][ T3500] FAT-fs (loop1): Can't find a valid FAT filesystem
[   73.178805][ T3512] loop1: detected capacity change from 0 to 512
[   73.185285][ T3512] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   73.197532][ T3512] EXT4-fs (loop1): 1 truncate cleaned up
[   73.208829][ T3512] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   73.256338][ T3512] support for cryptoloop has been removed.  Use dm-crypt instead.
[   73.273127][  T297] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /293/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.294935][  T297] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.314853][  T297] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /293/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.336766][  T297] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.356823][  T297] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /293/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.385192][  T297] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.417676][  T297] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /293/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.446372][  T297] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.476330][  T297] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /293/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.506049][  T297] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.531550][ T3551] __nla_validate_parse: 2 callbacks suppressed
[   73.531566][ T3551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1348'.
[   73.560426][ T3556] syz.3.1350[3556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.560545][ T3556] syz.3.1350[3556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.605613][ T3562] loop4: detected capacity change from 0 to 512
[   73.628780][ T1918] tipc: Left network mode
[   73.630613][  T297] EXT4-fs (loop1): unmounting filesystem.
[   73.648078][ T3562] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   73.659287][ T3562] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.671497][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2197815810, rec_len=21, size=2048 fake=0
[   73.692287][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   73.715832][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   73.738458][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   73.759303][ T3571] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 18: comm syz.4.1353: lblock 23 mapped to illegal pblock 18 (length 1)
[   73.774487][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   73.796295][ T3571] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 18: comm syz.4.1353: lblock 23 mapped to illegal pblock 18 (length 1)
[   73.834873][ T3577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1360'.
[   73.843727][ T3576] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 18: comm syz.4.1353: lblock 23 mapped to illegal pblock 18 (length 1)
[   73.858743][   T28] kauditd_printk_skb: 253 callbacks suppressed
[   73.858755][   T28] audit: type=1400 audit(1733973335.190:2934): avc:  denied  { mounton } for  pid=3578 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   73.886426][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   73.917606][ T3562] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz.4.1353: path /245/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   73.951857][ T3578] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.958802][ T3578] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.971014][ T3578] device bridge_slave_0 entered promiscuous mode
[   73.980741][ T3585] loop3: detected capacity change from 0 to 512
[   73.988304][ T3578] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.004063][ T3585] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   74.015433][ T3578] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.023046][ T3578] device bridge_slave_1 entered promiscuous mode
[   74.032727][   T28] audit: type=1326 audit(1733973335.360:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1236b76ee7 code=0x7ffc0000
[   74.059200][   T28] audit: type=1326 audit(1733973335.360:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1236b1c119 code=0x7ffc0000
[   74.091945][ T3585] EXT4-fs (loop3): too many log groups per flexible block group
[   74.101879][ T3585] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   74.115432][ T3585] EXT4-fs (loop3): mount failed
[   74.122136][   T28] audit: type=1326 audit(1733973335.360:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1236b76ee7 code=0x7ffc0000
[   74.173183][   T28] audit: type=1326 audit(1733973335.360:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1236b1c119 code=0x7ffc0000
[   74.205328][ T3578] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.212201][ T3578] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.213594][   T28] audit: type=1326 audit(1733973335.360:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1236b76ee7 code=0x7ffc0000
[   74.219270][ T3578] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.219284][ T3578] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.279526][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   74.296666][   T28] audit: type=1326 audit(1733973335.360:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1236b1c119 code=0x7ffc0000
[   74.320027][ T1930] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.329687][ T1930] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.336616][   T28] audit: type=1326 audit(1733973335.360:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1236b76ee7 code=0x7ffc0000
[   74.368864][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   74.377392][   T28] audit: type=1326 audit(1733973335.360:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1236b1c119 code=0x7ffc0000
[   74.382290][ T1930] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.407332][ T1930] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.438574][   T28] audit: type=1326 audit(1733973335.360:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3586 comm="syz.0.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1236b76ee7 code=0x7ffc0000
[   74.442631][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   74.474081][ T1930] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.480942][ T1930] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.516153][  T292] EXT4-fs (loop4): unmounting filesystem.
[   74.556882][ T3611] loop0: detected capacity change from 0 to 512
[   74.563918][ T3611] EXT4-fs error (device loop0): ext4_get_journal_inode:5721: inode #32: comm syz.0.1373: iget: special inode unallocated
[   74.577053][ T3611] EXT4-fs (loop0): Remounting filesystem read-only
[   74.583476][ T3611] EXT4-fs (loop0): no journal found
[   74.588894][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   74.589594][ T3611] EXT4-fs (loop0): can't get journal size
[   74.603047][ T3611] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   74.609797][ T3612] loop4: detected capacity change from 0 to 2048
[   74.612350][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   74.628459][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   74.636226][ T3611] EXT4-fs error (device loop0): ext4_protect_reserved_inode:160: inode #32: comm syz.0.1373: iget: special inode unallocated
[   74.636466][ T3609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1372'.
[   74.658025][ T3612]  loop4: p1 < > p3 < > p4 < >
[   74.661731][ T3578] device veth0_vlan entered promiscuous mode
[   74.667912][ T3612] loop4: partition table partially beyond EOD, truncated
[   74.675559][ T3611] EXT4-fs (loop0): Remounting filesystem read-only
[   74.682103][ T3612] loop4: p3 start 4284289 is beyond EOD, truncated
[   74.686408][ T3611] EXT4-fs (loop0): failed to initialize system zone (-117)
[   74.694452][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   74.701027][ T3611] EXT4-fs (loop0): mount failed
[   74.708099][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   74.716496][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   74.730239][ T3578] device veth1_macvtap entered promiscuous mode
[   74.748960][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   74.788339][ T3612] 9pnet_virtio: no channels available for device syz
[   74.800727][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   74.813451][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.824688][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   74.835337][ T1930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.997752][ T3641] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1382'.
[   75.034906][ T3651] loop2: detected capacity change from 0 to 512
[   75.054064][ T3655] loop0: detected capacity change from 0 to 512
[   75.062613][ T3651] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.1389: Failed to acquire dquot type 0
[   75.064485][ T3660] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   75.074283][ T3651] EXT4-fs (loop2): Remounting filesystem read-only
[   75.093117][ T3651] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.1389: Failed to acquire dquot type 0
[   75.113583][ T3651] EXT4-fs (loop2): Remounting filesystem read-only
[   75.114320][ T3655] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   75.128832][ T3651] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.1389: Failed to acquire dquot type 0
[   75.139070][ T3655] ext4 filesystem being mounted at /277/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.146144][ T3651] EXT4-fs (loop2): Remounting filesystem read-only
[   75.156781][ T3651] EXT4-fs (loop2): 1 orphan inode deleted
[   75.158877][ T3669] loop4: detected capacity change from 0 to 512
[   75.162325][ T3651] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   75.162397][ T3651] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.195176][ T3669] EXT4-fs (loop4): orphan cleanup on readonly fs
[   75.202061][ T3669] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1396: bg 0: block 248: padding at end of block bitmap is not set
[   75.220208][ T3671] loop3: detected capacity change from 0 to 1024
[   75.237607][  T291] EXT4-fs (loop0): unmounting filesystem.
[   75.244444][  T298] EXT4-fs (loop2): unmounting filesystem.
[   75.245033][ T3669] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.1396: Failed to acquire dquot type 1
[   75.257366][ T3671] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   75.261691][ T3669] EXT4-fs (loop4): 1 truncate cleaned up
[   75.283141][ T3671] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.288227][ T3669] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   75.306154][ T3671] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1397: bg 0: block 393: padding at end of block bitmap is not set
[   75.325879][ T3671] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[   75.335773][ T3689] loop2: detected capacity change from 0 to 128
[   75.338542][ T3671] EXT4-fs (loop3): This should not happen!! Data will be lost
[   75.338542][ T3671] 
[   75.362761][ T3687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1401'.
[   75.364647][ T3669] syz.4.1396 (3669) used greatest stack depth: 19432 bytes left
[   75.385748][ T3689] syz.2.1404: attempt to access beyond end of device
[   75.385748][ T3689] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   75.399289][  T292] EXT4-fs (loop4): unmounting filesystem.
[   75.400621][  T294] EXT4-fs (loop3): unmounting filesystem.
[   75.415505][ T3694] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1408'.
[   75.442003][ T3701] syz.0.1410[3701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.442087][ T3701] syz.0.1410[3701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.450224][ T3703] loop5: detected capacity change from 0 to 512
[   75.494084][ T3708] loop0: detected capacity change from 0 to 512
[   75.510768][ T3708] EXT4-fs: Ignoring removed oldalloc option
[   75.530477][ T3716] loop3: detected capacity change from 0 to 128
[   75.539688][ T3716] syz.3.1417: attempt to access beyond end of device
[   75.539688][ T3716] loop3: rw=2049, sector=129, nr_sectors = 4 limit=128
[   75.553043][ T3703] loop5: detected capacity change from 0 to 1024
[   75.559707][ T3703] EXT4-fs: Ignoring removed oldalloc option
[   75.567336][ T3708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1414: Parent and EA inode have the same ino 15
[   75.580663][ T3708] EXT4-fs (loop0): Remounting filesystem read-only
[   75.587455][ T3708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1414: Parent and EA inode have the same ino 15
[   75.599807][ T3708] EXT4-fs (loop0): Remounting filesystem read-only
[   75.606994][ T3703] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   75.609706][ T3708] EXT4-fs (loop0): 1 orphan inode deleted
[   75.706656][ T3708] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   75.959573][  T291] EXT4-fs (loop0): unmounting filesystem.
[   75.966895][ T3730] loop3: detected capacity change from 0 to 1024
[   75.974978][ T3730] EXT4-fs: Ignoring removed nobh option
[   75.997536][ T3730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   75.999367][ T3736] loop0: detected capacity change from 0 to 1024
[   76.013283][ T3736] EXT4-fs: Ignoring removed nobh option
[   76.021790][  T294] EXT4-fs (loop3): unmounting filesystem.
[   76.034682][ T3736] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   76.069135][ T3742] loop4: detected capacity change from 0 to 256
[   76.084139][ T3742] FAT-fs (loop4): Directory bread(block 64) failed
[   76.084633][  T291] EXT4-fs (loop0): unmounting filesystem.
[   76.090566][ T3742] FAT-fs (loop4): Directory bread(block 65) failed
[   76.102495][ T3742] FAT-fs (loop4): Directory bread(block 66) failed
[   76.109430][ T3742] FAT-fs (loop4): Directory bread(block 67) failed
[   76.115888][ T3742] FAT-fs (loop4): Directory bread(block 68) failed
[   76.122259][ T3742] FAT-fs (loop4): Directory bread(block 69) failed
[   76.128927][ T3742] FAT-fs (loop4): Directory bread(block 70) failed
[   76.130278][ T3746] loop0: detected capacity change from 0 to 1024
[   76.135348][ T3742] FAT-fs (loop4): Directory bread(block 71) failed
[   76.142394][ T3746] EXT4-fs: Ignoring removed nobh option
[   76.147996][ T3742] FAT-fs (loop4): Directory bread(block 72) failed
[   76.153967][ T3746] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   76.159701][ T3742] FAT-fs (loop4): Directory bread(block 73) failed
[   76.170950][ T3746] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.187301][ T3746] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.1427: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   76.189187][ T3742] syz.4.1425: attempt to access beyond end of device
[   76.189187][ T3742] loop4: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   76.219334][ T3742] syz.4.1425: attempt to access beyond end of device
[   76.219334][ T3742] loop4: rw=0, sector=1800, nr_sectors = 8 limit=256
[   76.219379][ T3746] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1427: couldn't read orphan inode 11 (err -117)
[   76.244293][ T3746] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   76.261587][ T3746] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.1427: Invalid block bitmap block 0 in block_group 0
[   76.276120][ T3746] EXT4-fs error (device loop0): ext4_acquire_dquot:6788: comm syz.0.1427: Failed to acquire dquot type 0
[   76.302482][  T291] EXT4-fs (loop0): unmounting filesystem.
[   76.308110][ T1965] EXT4-fs error (device loop0): ext4_release_dquot:6811: comm kworker/u4:21: Failed to release dquot type 0
[   76.315922][ T3757] syz.4.1432[3757] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.319401][ T3757] syz.4.1432[3757] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.349512][ T3578] EXT4-fs (loop5): unmounting filesystem.
[   76.370638][ T3762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1431'.
[   76.445908][ T3784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1444'.
[   76.455184][ T3782] loop4: detected capacity change from 0 to 1024
[   76.461734][ T3782] ext4: Unknown parameter 'noacl'
[   76.489446][ T3791] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1447'.
[   76.505143][ T3782] loop4: detected capacity change from 0 to 1024
[   76.516269][ T3791] device bridge_slave_1 left promiscuous mode
[   76.522241][ T3791] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.530361][ T3791] device bridge_slave_0 left promiscuous mode
[   76.537307][ T3791] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.072407][ T3822] tmpfs: Unknown parameter 'mp'
[   77.126017][    T6] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[   77.206042][ T3827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1462'.
[   77.217736][ T3812] syz.2.1455[3812] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.218203][ T3812] syz.2.1455[3812] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.286500][    T6] usb 6-1: device descriptor read/64, error -71
[   77.553736][ T3841] loop0: detected capacity change from 0 to 512
[   77.594391][ T3841] EXT4-fs warning (device loop0): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[   77.609054][    T6] usb 6-1: device descriptor read/64, error -71
[   77.627675][ T3841] EXT4-fs (loop0): mount failed
[   77.819642][ T3866] loop3: detected capacity change from 0 to 1024
[   77.857630][ T3866] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   77.889213][ T3866] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks
[   77.895301][ T3874] SELinux: failed to load policy
[   77.896637][ T3866] EXT4-fs warning (device loop3): ext4_resize_fs:2051: can't shrink FS - resize aborted
[   77.911250][    T6] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[   77.976890][  T294] EXT4-fs (loop3): unmounting filesystem.
[   78.177972][    T6] usb 6-1: device descriptor read/64, error -71
[   78.242298][ T3880] loop2: detected capacity change from 0 to 256
[   78.257649][ T3880] FAT-fs (loop2): bogus number of FAT sectors
[   78.264092][ T3880] FAT-fs (loop2): Can't find a valid FAT filesystem
[   78.335484][ T3882] netlink: 'syz.0.1486': attribute type 15 has an invalid length.
[   78.457814][    T6] usb 6-1: device descriptor read/64, error -71
[   78.591088][    T6] usb usb6-port1: attempt power cycle
[   79.406017][    T6] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   79.473148][    T6] usb 6-1: device descriptor read/8, error -71
[   79.492711][   T28] kauditd_printk_skb: 391 callbacks suppressed
[   79.492726][   T28] audit: type=1326 audit(1733973340.820:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3893 comm="syz.0.1489" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1236b7ff19 code=0x0
[   79.513475][ T3892] syz.4.1488[3892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.522855][ T3892] syz.4.1488[3892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.568671][   T28] audit: type=1400 audit(1733973340.900:3325): avc:  denied  { mounton } for  pid=3893 comm="syz.0.1489" path="/proc/659/task/660/net" dev="proc" ino=27698 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   79.667775][    T6] usb 6-1: device descriptor read/8, error -71
[   79.755373][ T3901] __nla_validate_parse: 1 callbacks suppressed
[   79.755391][ T3901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1491'.
[   79.797208][   T28] audit: type=1326 audit(1733973341.100:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   79.840015][ T3906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1494'.
[   79.858583][ T3909] loop2: detected capacity change from 0 to 128
[   79.878986][   T28] audit: type=1326 audit(1733973341.110:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   79.945179][ T3915] loop2: detected capacity change from 0 to 128
[   79.954644][ T3913] loop4: detected capacity change from 0 to 2048
[   80.006556][   T28] audit: type=1326 audit(1733973341.110:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.036814][   T28] audit: type=1326 audit(1733973341.110:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.045051][ T3915] syz.2.1499: attempt to access beyond end of device
[   80.045051][ T3915] loop2: rw=2049, sector=177, nr_sectors = 1 limit=128
[   80.060391][   T28] audit: type=1326 audit(1733973341.110:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.060420][   T28] audit: type=1326 audit(1733973341.110:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.060439][   T28] audit: type=1326 audit(1733973341.110:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.060457][   T28] audit: type=1326 audit(1733973341.110:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3900 comm="syz.2.1493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68a77ff19 code=0x7ffc0000
[   80.187046][ T3913]  loop4: p1 < > p4
[   80.206997][ T3913] loop4: p4 size 8388608 extends beyond EOD, truncated
[   80.300031][ T3915] syz.2.1499: attempt to access beyond end of device
[   80.300031][ T3915] loop2: rw=2049, sector=153, nr_sectors = 24 limit=128
[   80.319523][ T3915] syz.2.1499: attempt to access beyond end of device
[   80.319523][ T3915] loop2: rw=2049, sector=177, nr_sectors = 1 limit=128
[   80.333772][ T3915] Buffer I/O error on dev loop2, logical block 177, lost async page write
[   80.376709][ T3935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1507'.
[   80.565668][ T3951] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1522'.
[   80.566768][ T3949] loop2: detected capacity change from 0 to 512
[   80.659462][ T3949] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.2.1513: corrupted xattr block 95
[   80.690026][ T3959] selinux_netlink_send: 65 callbacks suppressed
[   80.690191][ T3959] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3959 comm=syz.0.1515
[   80.696250][ T3949] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.1513: bg 0: block 7: invalid block bitmap
[   80.721515][ T3949] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   80.730366][ T3949] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #11: comm syz.2.1513: corrupted xattr block 95
[   80.734216][ T3959] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3959 comm=syz.0.1515
[   80.754953][ T3949] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[   80.765044][ T3949] EXT4-fs (loop2): 1 orphan inode deleted
[   80.771496][ T3949] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   80.902823][ T3968] loop3: detected capacity change from 0 to 128
[   80.939126][ T3968] syz.3.1519: attempt to access beyond end of device
[   80.939126][ T3968] loop3: rw=2049, sector=177, nr_sectors = 1 limit=128
[   80.969553][ T3968] syz.3.1519: attempt to access beyond end of device
[   80.969553][ T3968] loop3: rw=2049, sector=153, nr_sectors = 24 limit=128
[   81.005521][ T3968] syz.3.1519: attempt to access beyond end of device
[   81.005521][ T3968] loop3: rw=2049, sector=177, nr_sectors = 1 limit=128
[   81.023210][ T3968] Buffer I/O error on dev loop3, logical block 177, lost async page write
[   81.102818][ T3989] rtc_cmos 00:00: Alarms can be up to one day in the future
[   81.154074][ T3998] loop0: detected capacity change from 0 to 512
[   81.188580][ T3998] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   81.206076][ T3998] ext4 filesystem being mounted at /306/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   81.227987][ T3998] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #18: comm syz.0.1533: corrupted inode contents
[   81.270032][ T3998] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #18: comm syz.0.1533: mark_inode_dirty error
[   81.282160][ T3998] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #18: comm syz.0.1533: corrupted inode contents
[   81.294550][ T3998] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2954: inode #18: comm syz.0.1533: mark_inode_dirty error
[   81.315472][ T3998] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2957: inode #18: comm syz.0.1533: mark inode dirty (error -117)
[   81.328055][ T3998] EXT4-fs warning (device loop0): ext4_evict_inode:299: xattr delete (err -117)
[   81.360179][  T291] EXT4-fs (loop0): unmounting filesystem.
[   81.408023][  T298] EXT4-fs (loop2): unmounting filesystem.
[   81.507555][ T4023] loop2: detected capacity change from 0 to 512
[   81.525629][ T4023] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   81.548104][ T4029] binfmt_misc: register: failed to install interpreter file ./file0
[   81.564350][ T4023] EXT4-fs (loop2): corrupt root inode, run e2fsck
[   81.573498][ T4023] EXT4-fs (loop2): mount failed
[   81.577699][ T4033] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   81.629195][  T325] rtc_cmos 00:00: Alarms can be up to one day in the future
[   81.636925][  T325] rtc_cmos 00:00: Alarms can be up to one day in the future
[   81.644436][  T325] rtc_cmos 00:00: Alarms can be up to one day in the future
[   81.671901][  T325] rtc_cmos 00:00: Alarms can be up to one day in the future
[   81.710146][ T4035] loop3: detected capacity change from 0 to 512
[   81.719257][ T4035] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.739979][  T325] rtc rtc0: __rtc_set_alarm: err=-22
[   81.817536][ T4035] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.826386][ T4035] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1548: bg 0: block 248: padding at end of block bitmap is not set
[   81.841541][ T4035] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.1548: Failed to acquire dquot type 1
[   81.854129][ T4035] EXT4-fs (loop3): 1 truncate cleaned up
[   81.860345][ T4035] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   82.048254][ T4038] loop2: detected capacity change from 0 to 2048
[   82.123543][ T4038] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   82.231420][  T298] EXT4-fs (loop2): unmounting filesystem.
[   82.493173][ T4051] loop0: detected capacity change from 0 to 1024
[   82.525165][ T4051] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   82.552288][ T4051] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2739: inode #15: comm syz.0.1555: corrupted in-inode xattr
[   82.610560][  T291] EXT4-fs (loop0): unmounting filesystem.
[   82.694480][ T4071] loop0: detected capacity change from 0 to 1024
[   82.706257][ T4071] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.730045][ T4065] loop3: detected capacity change from 0 to 8192
[   82.741318][ T4065] tipc: Started in network mode
[   82.751328][ T4065] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   82.760769][ T4065] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[   82.769383][ T4065] tipc: Enabled bearer <udp:syz1>, priority 10
[   82.777834][ T4080] netlink: 47 bytes leftover after parsing attributes in process `syz.4.1567'.
[   82.847977][ T4093] loop0: detected capacity change from 0 to 128
[   82.966382][ T4103] loop4: detected capacity change from 0 to 1024
[   82.972828][ T4103] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.658621][ T4115] loop4: detected capacity change from 0 to 512
[   83.666715][ T4115] EXT4-fs (loop4): orphan cleanup on readonly fs
[   83.673176][ T4115] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   83.681648][ T4115] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1579: invalid indirect mapped block 2683928664 (level 1)
[   83.695617][ T4115] EXT4-fs (loop4): Remounting filesystem read-only
[   83.702112][ T4115] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   83.774061][ T4115] EXT4-fs (loop4): Remounting filesystem read-only
[   83.787237][ T4115] EXT4-fs (loop4): 1 truncate cleaned up
[   83.846419][ T4136] serio: Serial port ptm0
[   83.866277][ T4148] loop0: detected capacity change from 0 to 512
[   83.877014][ T4149] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   83.886033][   T24] tipc: Node number set to 1
[   83.889515][ T4148] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.933363][ T4160] loop0: detected capacity change from 0 to 1024
[   83.944565][ T4162] hub 9-0:1.0: USB hub found
[   83.949074][ T4162] hub 9-0:1.0: 1 port detected
[   83.960308][ T4160] 9pnet_fd: Insufficient options for proto=fd
[   83.979646][ T4171] loop3: detected capacity change from 0 to 128
[   84.000728][ T4171] syz.3.1601: attempt to access beyond end of device
[   84.000728][ T4171] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   84.020394][ T4171] syz.3.1601: attempt to access beyond end of device
[   84.020394][ T4171] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   84.029014][ T4179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1606'.
[   84.057078][ T4183] loop3: detected capacity change from 0 to 512
[   84.069519][ T4183] ext4 filesystem being mounted at /337/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.288920][ T4211] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1620'.
[   84.326137][ T4213] loop0: detected capacity change from 0 to 8192
[   84.363912][ T4205] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1618'.
[   84.633307][   T28] kauditd_printk_skb: 85 callbacks suppressed
[   84.633324][   T28] audit: type=1400 audit(1733973345.930:3417): avc:  denied  { bind } for  pid=4214 comm="syz.0.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   85.066688][ T4221] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1623'.
[   85.435088][   T28] audit: type=1400 audit(1733973346.760:3418): avc:  granted  { setsecparam } for  pid=4234 comm="syz.3.1630" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   85.458984][ T4237] device batadv_slave_1 entered promiscuous mode
[   85.465551][ T4237] device batadv_slave_1 left promiscuous mode
[   85.471505][   T28] audit: type=1326 audit(1733973346.790:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4234 comm="syz.3.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   85.506322][ T4239] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1632'.
[   85.526027][   T28] audit: type=1326 audit(1733973346.790:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4234 comm="syz.3.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc9e557e880 code=0x7ffc0000
[   85.575998][   T28] audit: type=1326 audit(1733973346.790:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4234 comm="syz.3.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   85.601708][   T28] audit: type=1326 audit(1733973346.790:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4234 comm="syz.3.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc9e557ff19 code=0x7ffc0000
[   85.628541][   T28] audit: type=1401 audit(1733973346.850:3423): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   85.645385][   T28] audit: type=1400 audit(1733973346.850:3424): avc:  denied  { ioctl } for  pid=4234 comm="syz.3.1630" path="socket:[28291]" dev="sockfs" ino=28291 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   85.687227][ T4250] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1637'.
[   85.699206][   T39] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   85.710258][   T39] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   85.770036][ T4264] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1643'.
[   85.773505][ T4260] loop0: detected capacity change from 0 to 2048
[   85.810768][   T28] audit: type=1400 audit(1733973347.140:3425): avc:  denied  { write } for  pid=4268 comm="syz.4.1646" name="event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   85.842946][   T28] audit: type=1400 audit(1733973347.140:3426): avc:  denied  { open } for  pid=4268 comm="syz.4.1646" path="/dev/input/event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   85.896560][ T4260] EXT4-fs error (device loop0): ext4_find_extent:936: inode #2: comm syz.0.1642: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   85.914204][ T4260] EXT4-fs (loop0): Remounting filesystem read-only
[   86.272851][ T4299] loop5: detected capacity change from 0 to 1024
[   86.279349][ T4299] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.387310][ T4320] netlink: 124 bytes leftover after parsing attributes in process `syz.5.1668'.
[   86.453789][ T4339] device vlan2 entered promiscuous mode
[   86.726992][ T4367] loop4: detected capacity change from 0 to 512
[   86.753391][ T4367] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.793206][ T4372] loop4: detected capacity change from 0 to 512
[   86.800606][ T4372] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   86.816863][ T4372] EXT4-fs (loop4): 1 truncate cleaned up
[   86.925632][ T4386] loop4: detected capacity change from 0 to 256
[   86.940301][ T4386] FAT-fs (loop4): Directory bread(block 64) failed
[   86.947130][ T4386] FAT-fs (loop4): Directory bread(block 65) failed
[   86.953887][ T4386] FAT-fs (loop4): Directory bread(block 66) failed
[   86.970850][ T4386] FAT-fs (loop4): Directory bread(block 67) failed
[   86.977375][ T4386] FAT-fs (loop4): Directory bread(block 68) failed
[   86.983877][ T4386] FAT-fs (loop4): Directory bread(block 69) failed
[   86.990632][ T4386] FAT-fs (loop4): Directory bread(block 70) failed
[   87.061409][ T4386] FAT-fs (loop4): Directory bread(block 71) failed
[   87.068214][ T4386] FAT-fs (loop4): Directory bread(block 72) failed
[   87.074598][ T4386] FAT-fs (loop4): Directory bread(block 73) failed
[   87.090525][ T4386] syz.4.1696: attempt to access beyond end of device
[   87.090525][ T4386] loop4: rw=2049, sector=1296, nr_sectors = 4 limit=256
[   87.130650][ T1965] kworker/u4:21: attempt to access beyond end of device
[   87.130650][ T1965] loop4: rw=1, sector=1224, nr_sectors = 72 limit=256
[   87.377847][ T4396] loop5: detected capacity change from 0 to 1024
[   87.387812][ T4396] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.441845][ T4409] loop3: detected capacity change from 0 to 1024
[   87.453602][ T4411] loop5: detected capacity change from 0 to 1024
[   87.456513][ T4409] EXT4-fs: Ignoring removed nobh option
[   87.465276][ T4409] EXT4-fs: Ignoring removed orlov option
[   87.470750][ T4411] EXT4-fs (loop5): INFO: recovery required on readonly filesystem
[   87.470765][ T4411] EXT4-fs (loop5): write access will be enabled during recovery
[   87.470873][ T4411] JBD2: no valid journal superblock found
[   87.491649][ T4411] EXT4-fs (loop5): error loading journal
[   87.600477][ T4433] loop3: detected capacity change from 0 to 2048
[   87.673410][ T4443] loop5: detected capacity change from 0 to 1024
[   87.683442][ T4443] EXT4-fs: Ignoring removed nobh option
[   87.690595][ T4443] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.691816][ T4445] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1721'.
[   87.698468][ T4443] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   87.717349][ T4443] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.848226][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   87.938333][ T4469] loop5: detected capacity change from 0 to 2048
[   88.064433][ T4473] loop3: detected capacity change from 0 to 8192
[   88.280759][ T4495] loop3: detected capacity change from 0 to 1024
[   88.287260][ T4495] EXT4-fs: Ignoring removed nobh option
[   88.290380][ T4497] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1743'.
[   88.292701][ T4495] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.309287][ T4495] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   88.320810][ T4495] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.337763][ T4502] loop5: detected capacity change from 0 to 128
[   88.372238][ T4502] syz.5.1745: attempt to access beyond end of device
[   88.372238][ T4502] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[   88.456613][ T4523] netlink: 192 bytes leftover after parsing attributes in process `syz.3.1757'.
[   88.495236][ T4529] loop5: detected capacity change from 0 to 512
[   88.503704][ T4530] loop3: detected capacity change from 0 to 512
[   88.511274][ T4530] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.523587][ T4530] EXT4-fs (loop3): 1 truncate cleaned up
[   88.530359][ T4529] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.546244][ T4539] loop0: detected capacity change from 0 to 128
[   88.572338][ T4539] syz.0.1763: attempt to access beyond end of device
[   88.572338][ T4539] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[   88.586120][ T4530] support for cryptoloop has been removed.  Use dm-crypt instead.
[   88.634181][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /369/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   88.658200][  T294] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   88.678059][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /369/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   88.704804][  T294] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   88.725903][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /369/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   88.726579][ T4551] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   88.757002][  T294] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   88.776905][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /369/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   88.799686][  T294] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   88.819720][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /369/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   88.834186][ T4564] loop5: detected capacity change from 0 to 128
[   88.843490][  T294] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   88.870678][ T4566] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1777'.
[   88.879917][ T4566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1777'.
[   88.892109][ T4564] syz.5.1775: attempt to access beyond end of device
[   88.892109][ T4564] loop5: rw=2049, sector=177, nr_sectors = 1 limit=128
[   88.920809][ T4564] syz.5.1775: attempt to access beyond end of device
[   88.920809][ T4564] loop5: rw=2049, sector=153, nr_sectors = 24 limit=128
[   88.947098][ T4570] loop2: detected capacity change from 0 to 512
[   88.947604][ T4572] loop0: detected capacity change from 0 to 1024
[   88.959482][ T4570] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   88.965369][ T4572] EXT4-fs: Ignoring removed orlov option
[   88.971115][ T4570] EXT4-fs (loop2): 1 truncate cleaned up
[   89.026252][ T4570] support for cryptoloop has been removed.  Use dm-crypt instead.
[   89.047897][ T1937] tipc: Disabling bearer <udp:syz1>
[   89.053229][ T1937] tipc: Left network mode
[   89.078439][ T4586] loop4: detected capacity change from 0 to 2048
[   89.100749][  T298] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /332/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.122843][  T298] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   89.145628][  T298] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /332/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.168374][  T298] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   89.203547][  T298] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /332/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.239694][  T298] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   89.264119][  T298] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /332/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.285905][  T298] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   89.306139][  T298] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /332/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.335193][  T298] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   89.375576][ T4594] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.382479][ T4594] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.390191][ T4594] device bridge_slave_0 entered promiscuous mode
[   89.398626][ T4594] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.405507][ T4594] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.412717][ T4594] device bridge_slave_1 entered promiscuous mode
[   89.520794][ T4594] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.527665][ T4594] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.534756][ T4594] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.541559][ T4594] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.587795][ T1965] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.597113][ T1965] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.606348][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   89.615012][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   89.624489][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   89.632600][ T1965] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.639584][ T1965] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.657826][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   89.665810][ T1965] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.672656][ T1965] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.679937][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   89.695922][ T4594] device veth0_vlan entered promiscuous mode
[   89.703889][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   89.712163][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   89.721427][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   89.728832][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   89.736136][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   89.750015][ T1937] device veth1_macvtap left promiscuous mode
[   89.755818][ T1937] device veth0_vlan left promiscuous mode
[   89.790858][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   89.803817][ T4594] device veth1_macvtap entered promiscuous mode
[   89.822706][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   89.840587][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   89.876069][ T4618] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.887843][ T4618] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.896368][ T4627] loop5: detected capacity change from 0 to 512
[   89.896445][ T4618] device bridge_slave_0 entered promiscuous mode
[   89.909006][ T4627] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.918596][ T4618] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.925468][ T4618] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.926076][ T4627] EXT4-fs (loop5): orphan cleanup on readonly fs
[   89.932810][ T4618] device bridge_slave_1 entered promiscuous mode
[   89.945380][ T4627] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1802: bg 0: block 248: padding at end of block bitmap is not set
[   89.960086][ T4627] __quota_error: 115 callbacks suppressed
[   89.960100][ T4627] Quota error (device loop5): write_blk: dquota write failed
[   89.972937][ T4627] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   89.983712][ T4627] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.1802: Failed to acquire dquot type 1
[   89.995248][ T4627] EXT4-fs (loop5): 1 truncate cleaned up
[   90.048884][ T1937] tipc: Left network mode
[   90.062603][ T4618] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.069475][ T4618] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.076576][ T4618] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.083768][ T4618] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.104373][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.111810][ T1965] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.119010][ T1965] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.133908][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   90.141973][ T1965] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.148843][ T1965] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.157860][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   90.166312][ T1965] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.173146][ T1965] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.180707][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   90.189242][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   90.218306][ T4644] loop5: detected capacity change from 0 to 512
[   90.227351][ T4644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   90.280822][ T4644] EXT4-fs (loop5): orphan cleanup on readonly fs
[   90.289838][ T4644] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1808: bg 0: block 248: padding at end of block bitmap is not set
[   90.304934][ T4644] Quota error (device loop5): write_blk: dquota write failed
[   90.312277][ T4644] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   90.322075][ T4644] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.1808: Failed to acquire dquot type 1
[   90.334939][ T4644] EXT4-fs (loop5): 1 truncate cleaned up
[   90.501891][ T4648] loop0: detected capacity change from 0 to 128
[   90.570623][ T4650] loop4: detected capacity change from 0 to 1024
[   90.600573][ T4648] ext4 filesystem being mounted at /371/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   90.634988][ T4650] EXT4-fs: Ignoring removed orlov option
[   90.646314][ T4650] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.877828][   T28] audit: type=1400 audit(1733973352.210:3542): avc:  denied  { link } for  pid=4646 comm="syz.0.1809" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   91.323260][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   91.331427][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   91.365141][ T4661] loop6: detected capacity change from 0 to 512
[   91.374585][   T28] audit: type=1400 audit(1733973352.630:3543): avc:  denied  { read } for  pid=4656 comm="syz.6.1812" name="event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   91.383230][ T4618] device veth0_vlan entered promiscuous mode
[   91.404089][ T4661] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.416993][ T4661] EXT4-fs (loop6): orphan cleanup on readonly fs
[   91.424528][   T28] audit: type=1400 audit(1733973352.630:3544): avc:  denied  { ioctl } for  pid=4656 comm="syz.6.1812" path="/dev/input/event2" dev="devtmpfs" ino=270 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   91.444662][ T4618] device veth1_macvtap entered promiscuous mode
[   91.457060][ T4661] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1813: bg 0: block 248: padding at end of block bitmap is not set
[   91.468705][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   91.472902][ T4661] Quota error (device loop6): write_blk: dquota write failed
[   91.485864][ T4661] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[   91.496139][ T4661] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.1813: Failed to acquire dquot type 1
[   91.507709][   T28] audit: type=1400 audit(1733973352.630:3545): avc:  denied  { rename } for  pid=4646 comm="syz.0.1809" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   91.508097][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   91.559581][ T4661] EXT4-fs (loop6): 1 truncate cleaned up
[   91.599127][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   91.607603][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   91.615662][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   91.623587][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   91.630894][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   91.638872][ T4675] loop4: detected capacity change from 0 to 512
[   91.657342][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   91.665607][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   91.675193][ T4675] ext4 filesystem being mounted at /333/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.689117][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   91.697321][ T1965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   91.791980][ T4690] device batadv_slave_1 entered promiscuous mode
[   91.823060][ T4690] device batadv_slave_1 left promiscuous mode
[   91.865272][ T4701] loop6: detected capacity change from 0 to 512
[   91.888261][ T4701] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.941791][ T4701] EXT4-fs (loop6): orphan cleanup on readonly fs
[   91.957427][ T4701] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1829: bg 0: block 248: padding at end of block bitmap is not set
[   91.972082][ T4701] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.1829: Failed to acquire dquot type 1
[   91.984847][ T4701] EXT4-fs (loop6): 1 truncate cleaned up
[   92.159225][ T1937] device veth0_vlan left promiscuous mode
[   92.579255][ T4747] loop4: detected capacity change from 0 to 512
[   92.588126][ T4747] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.632419][ T4747] EXT4-fs (loop4): orphan cleanup on readonly fs
[   92.678796][ T4747] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1845: bg 0: block 248: padding at end of block bitmap is not set
[   92.787653][ T4747] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.1845: Failed to acquire dquot type 1
[   92.800631][ T4747] EXT4-fs (loop4): 1 truncate cleaned up
[   93.808098][   T39] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   93.816445][   T39] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   93.844635][ T4774] loop6: detected capacity change from 0 to 1024
[   93.860763][ T4774] ext4: Unknown parameter 'noacl'
[   93.904227][ T4774] loop6: detected capacity change from 0 to 1024
[   93.915462][ T4779] loop7: detected capacity change from 0 to 8192
[   93.950795][ T4797] loop5: detected capacity change from 0 to 2048
[   94.001723][ T4803] loop6: detected capacity change from 0 to 1024
[   94.009220][ T4803] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.042470][ T4821] loop6: detected capacity change from 0 to 512
[   94.064206][ T4821] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.118520][ T4840] loop0: detected capacity change from 0 to 1024
[   94.136335][ T4840] EXT4-fs: Ignoring removed nobh option
[   94.140079][ T4845] loop7: detected capacity change from 0 to 1024
[   94.154467][ T4840] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.1889: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   94.157221][ T4845] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.179800][ T4837] loop5: detected capacity change from 0 to 8192
[   94.186436][ T4840] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1889: couldn't read orphan inode 11 (err -117)
[   94.282961][ T4861] loop6: detected capacity change from 0 to 1024
[   94.299938][ T4840] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.1889: Invalid block bitmap block 0 in block_group 0
[   94.304185][ T4861] EXT4-fs: Ignoring removed oldalloc option
[   94.325069][ T4840] EXT4-fs error (device loop0): ext4_acquire_dquot:6788: comm syz.0.1889: Failed to acquire dquot type 0
[   94.331778][ T4866] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   94.421279][ T4884] loop7: detected capacity change from 0 to 1024
[   94.431490][ T4884] EXT4-fs: Ignoring removed nobh option
[   94.511060][ T4907] loop5: detected capacity change from 0 to 128
[   94.581693][ T4917] loop5: detected capacity change from 0 to 1024
[   94.588648][ T4917] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   94.599691][ T4917] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   94.609825][ T4917] EXT4-fs error (device loop5): ext4_get_journal_inode:5721: inode #5: comm syz.5.1924: unexpected bad inode w/o EXT4_IGET_BAD
[   94.623020][ T4917] EXT4-fs (loop5): no journal found
[   94.628438][ T4917] EXT4-fs (loop5): can't get journal size
[   94.652493][ T4919] syz.0.1925 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   94.759883][ T4944] loop5: detected capacity change from 0 to 512
[   94.786607][ T4944] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   94.805565][ T4950] loop7: detected capacity change from 0 to 2048
[   94.815741][ T4944] EXT4-fs (loop5): 1 truncate cleaned up
[   94.845890][ T4944] ==================================================================
[   94.853771][ T4944] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x909/0x1fa0
[   94.861318][ T4944] Read of size 18446744073709551572 at addr ffff888111cda050 by task syz.5.1935/4944
[   94.870610][ T4944] 
[   94.872783][ T4944] CPU: 1 PID: 4944 Comm: syz.5.1935 Not tainted 6.1.115-syzkaller-00012-ge318dc4c06a5 #0
[   94.882409][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.892303][ T4944] Call Trace:
[   94.895433][ T4944]  <TASK>
[   94.898205][ T4944]  dump_stack_lvl+0x151/0x1b7
[   94.902721][ T4944]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   94.908015][ T4944]  ? _printk+0xd1/0x111
[   94.912006][ T4944]  ? __virt_addr_valid+0x242/0x2f0
[   94.916955][ T4944]  print_report+0x158/0x4e0
[   94.921297][ T4944]  ? __virt_addr_valid+0x242/0x2f0
[   94.926239][ T4944]  ? kasan_complete_mode_report_info+0x57/0x1b0
[   94.932315][ T4944]  ? ext4_xattr_set_entry+0x909/0x1fa0
[   94.937611][ T4944]  kasan_report+0x13c/0x170
[   94.941951][ T4944]  ? ext4_xattr_set_entry+0x909/0x1fa0
[   94.947249][ T4944]  kasan_check_range+0x294/0x2a0
[   94.952103][ T4944]  ? ext4_xattr_set_entry+0x909/0x1fa0
[   94.957398][ T4944]  memmove+0x2d/0x70
[   94.961135][ T4944]  ext4_xattr_set_entry+0x909/0x1fa0
[   94.966255][ T4944]  ? ext4_xattr_inode_lookup_create+0x1a60/0x1a60
[   94.972503][ T4944]  ? memcpy+0x56/0x70
[   94.976326][ T4944]  ext4_xattr_block_set+0x99c/0x37f0
[   94.981447][ T4944]  ? ext4_drop_inode+0x90/0x1a0
[   94.986128][ T4944]  ? __getblk_gfp+0x3d/0x7d0
[   94.990554][ T4944]  ? ext4_xattr_block_find+0x320/0x320
[   94.995847][ T4944]  ? xattr_find_entry+0x23c/0x300
[   95.000710][ T4944]  ? ext4_xattr_block_find+0x2ac/0x320
[   95.006002][ T4944]  ext4_expand_extra_isize_ea+0x10eb/0x1c40
[   95.011737][ T4944]  ? ext4_xattr_set+0x3d0/0x3d0
[   95.016417][ T4944]  ? rwsem_write_trylock+0x153/0x340
[   95.021545][ T4944]  ? dquot_initialize_needed+0x13d/0x370
[   95.027005][ T4944]  __ext4_expand_extra_isize+0x31a/0x420
[   95.032476][ T4944]  __ext4_mark_inode_dirty+0x4bb/0x7d0
[   95.037770][ T4944]  ? sb_end_intwrite+0x130/0x130
[   95.042542][ T4944]  ? current_time+0x1ba/0x300
[   95.047055][ T4944]  ? atime_needs_update+0x810/0x810
[   95.052116][ T4944]  ? __kasan_check_write+0x14/0x20
[   95.057060][ T4944]  ? drop_nlink+0xa9/0x110
[   95.061291][ T4944]  __ext4_unlink+0x6ed/0xba0
[   95.065719][ T4944]  ? __ext4_read_dirblock+0x8e0/0x8e0
[   95.070925][ T4944]  ? rwsem_mark_wake+0x770/0x770
[   95.075698][ T4944]  ext4_unlink+0x142/0x3f0
[   95.079952][ T4944]  vfs_unlink+0x38c/0x630
[   95.084116][ T4944]  do_unlinkat+0x483/0x920
[   95.088373][ T4944]  ? fsnotify_link_count+0x100/0x100
[   95.093490][ T4944]  ? strncpy_from_user+0x169/0x2b0
[   95.098437][ T4944]  ? getname_flags+0x1fd/0x520
[   95.103038][ T4944]  __x64_sys_unlink+0x49/0x50
[   95.107550][ T4944]  x64_sys_call+0x289/0x9a0
[   95.111889][ T4944]  do_syscall_64+0x3b/0xb0
[   95.116142][ T4944]  ? clear_bhb_loop+0x55/0xb0
[   95.120657][ T4944]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.126383][ T4944] RIP: 0033:0x7ff543f7ff19
[   95.130638][ T4944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.150078][ T4944] RSP: 002b:00007ff544d0a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   95.158324][ T4944] RAX: ffffffffffffffda RBX: 00007ff544145fa0 RCX: 00007ff543f7ff19
[   95.166135][ T4944] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[   95.173945][ T4944] RBP: 00007ff543ff3cc8 R08: 0000000000000000 R09: 0000000000000000
[   95.181757][ T4944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.189569][ T4944] R13: 0000000000000000 R14: 00007ff544145fa0 R15: 00007ffed261ce18
[   95.197384][ T4944]  </TASK>
[   95.200244][ T4944] 
[   95.202415][ T4944] Allocated by task 4944:
[   95.206582][ T4944]  kasan_set_track+0x4b/0x70
[   95.211008][ T4944]  kasan_save_alloc_info+0x1f/0x30
[   95.215955][ T4944]  __kasan_kmalloc+0x9c/0xb0
[   95.220382][ T4944]  __kmalloc_node_track_caller+0xb3/0x1e0
[   95.225934][ T4944]  kmemdup+0x29/0x60
[   95.229670][ T4944]  ext4_xattr_block_set+0x80f/0x37f0
[   95.234788][ T4944]  ext4_expand_extra_isize_ea+0x10eb/0x1c40
[   95.240516][ T4944]  __ext4_expand_extra_isize+0x31a/0x420
[   95.245983][ T4944]  __ext4_mark_inode_dirty+0x4bb/0x7d0
[   95.251282][ T4944]  __ext4_unlink+0x6ed/0xba0
[   95.255704][ T4944]  ext4_unlink+0x142/0x3f0
[   95.259958][ T4944]  vfs_unlink+0x38c/0x630
[   95.264133][ T4944]  do_unlinkat+0x483/0x920
[   95.268378][ T4944]  __x64_sys_unlink+0x49/0x50
[   95.272888][ T4944]  x64_sys_call+0x289/0x9a0
[   95.277231][ T4944]  do_syscall_64+0x3b/0xb0
[   95.281483][ T4944]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.287209][ T4944] 
[   95.289382][ T4944] The buggy address belongs to the object at ffff888111cda000
[   95.289382][ T4944]  which belongs to the cache kmalloc-1k of size 1024
[   95.303271][ T4944] The buggy address is located 80 bytes inside of
[   95.303271][ T4944]  1024-byte region [ffff888111cda000, ffff888111cda400)
[   95.316376][ T4944] 
[   95.318543][ T4944] The buggy address belongs to the physical page:
[   95.324794][ T4944] page:ffffea0004473600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111cd8
[   95.334862][ T4944] head:ffffea0004473600 order:3 compound_mapcount:0 compound_pincount:0
[   95.343022][ T4944] flags: 0x4000000000010200(slab|head|zone=1)
[   95.348930][ T4944] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043080
[   95.357370][ T4944] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   95.365760][ T4944] page dumped because: kasan: bad access detected
[   95.372017][ T4944] page_owner tracks the page as allocated
[   95.377564][ T4944] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 298, tgid 298 (syz-executor), ts 21971270161, free_ts 21961408397
[   95.398916][ T4944]  post_alloc_hook+0x213/0x220
[   95.403512][ T4944]  prep_new_page+0x1b/0x110
[   95.407854][ T4944]  get_page_from_freelist+0x2980/0x2a10
[   95.413236][ T4944]  __alloc_pages+0x234/0x610
[   95.417661][ T4944]  alloc_slab_page+0x6c/0xf0
[   95.422086][ T4944]  new_slab+0x90/0x3e0
[   95.425992][ T4944]  ___slab_alloc+0x6f9/0xb80
[   95.430419][ T4944]  __slab_alloc+0x5d/0xa0
[   95.434585][ T4944]  __kmem_cache_alloc_node+0x207/0x2a0
[   95.439880][ T4944]  __kmalloc_node_track_caller+0xa2/0x1e0
[   95.445435][ T4944]  __alloc_skb+0x125/0x2d0
[   95.449688][ T4944]  alloc_uevent_skb+0x80/0x230
[   95.454290][ T4944]  kobject_uevent_net_broadcast+0x188/0x590
[   95.460016][ T4944]  kobject_uevent_env+0x53c/0x720
[   95.464877][ T4944]  kobject_uevent+0x1f/0x30
[   95.469216][ T4944]  netdev_queue_update_kobjects+0x235/0x4a0
[   95.474947][ T4944] page last free stack trace:
[   95.479460][ T4944]  free_unref_page_prepare+0x83d/0x850
[   95.484840][ T4944]  free_unref_page+0xb2/0x5c0
[   95.489352][ T4944]  __free_pages+0x61/0xf0
[   95.493519][ T4944]  __free_slab+0xce/0x1a0
[   95.497687][ T4944]  __unfreeze_partials+0x165/0x1a0
[   95.502631][ T4944]  put_cpu_partial+0xa9/0x100
[   95.507149][ T4944]  __slab_free+0x1c8/0x280
[   95.511404][ T4944]  ___cache_free+0xc6/0xd0
[   95.515656][ T4944]  qlist_free_all+0xc5/0x140
[   95.520077][ T4944]  kasan_quarantine_reduce+0x15a/0x180
[   95.525371][ T4944]  __kasan_slab_alloc+0x24/0x80
[   95.530058][ T4944]  slab_post_alloc_hook+0x53/0x2c0
[   95.535006][ T4944]  __kmem_cache_alloc_node+0x193/0x2a0
[   95.540299][ T4944]  kmalloc_trace+0x2a/0xa0
[   95.544552][ T4944]  ref_tracker_alloc+0x138/0x450
[   95.549332][ T4944]  netdev_hold+0x92/0xe0
[   95.553406][ T4944] 
[   95.555573][ T4944] Memory state around the buggy address:
[   95.561046][ T4944]  ffff888111cd9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   95.568945][ T4944]  ffff888111cd9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   95.576845][ T4944] >ffff888111cda000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   95.584736][ T4944]                                                  ^
[   95.591250][ T4944]  ffff888111cda080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   95.599241][ T4944]  ffff888111cda100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   95.607130][ T4944] ==================================================================
[   95.620118][ T4944] Disabling lock debugging due to kernel taint
[   95.628926][ T4950]  loop7: p1 < > p4
[   95.636398][ T4950] loop7: p4 size 8388608 extends beyond EOD, truncated