last executing test programs:

5.151620073s ago: executing program 4 (id=1611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f0000000200)=""/166}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000d40)={[{@init_itable_val={'init_itable', 0x3d, 0x6}}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@nouid32}, {@commit={'commit', 0x3d, 0x100000001}}, {@nomblk_io_submit}, {}]}, 0x45, 0x7b1, &(0x7f0000001140)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r3, &(0x7f0000000400)={&(0x7f0000000340), 0x14, &(0x7f00000003c0)={&(0x7f0000000380)="4801f15b23f509890aeee9cba159114a3db7cc", 0x13}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000c0)

4.712590321s ago: executing program 0 (id=1614):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
mincore(&(0x7f00008ee000/0x12000)=nil, 0x12000, &(0x7f0000000180)=""/39)

4.677244471s ago: executing program 0 (id=1615):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0)

4.624868501s ago: executing program 0 (id=1616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xf, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
truncate(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)

4.55659326s ago: executing program 0 (id=1617):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x125000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r1, 0x10, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x5}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0xa5}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x7}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x40}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x7f}, @NL80211_ATTR_P2P_CTWINDOW={0x5}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40800}, 0x4008000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
syz_usb_connect(0x0, 0x6b, &(0x7f0000000c80)=ANY=[@ANYBLOB="1201000385352608f20446b76e8e01020305090259000104e9000909049300000e0100ff01a530112406060405080004000500061f01000d092403055ff7ffffffffffff02020005cbad09"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

4.187595178s ago: executing program 4 (id=1624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0x40046208, 0x0)

4.187322068s ago: executing program 1 (id=1625):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40801}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r8=>r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r9)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYRES32, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r5, @ANYRES16=r0, @ANYRES16=r9, @ANYRES8=r8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES8=r7, @ANYRES8=r2, @ANYRES8, @ANYRES8=r11], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

3.117384804s ago: executing program 1 (id=1632):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback, 0x1}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r1, 0x0, &(0x7f0000000000)=0xfff) (async)
sched_setscheduler(r1, 0x0, &(0x7f0000000000)=0xfff)
sendmmsg$inet6(r0, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001780)="c1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000001880)='4', 0x1}], 0x1}}], 0x2, 0xc081) (async)
sendmmsg$inet6(r0, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001780)="c1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000001880)='4', 0x1}], 0x1}}], 0x2, 0xc081)

3.117072994s ago: executing program 1 (id=1633):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40801}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r8=>r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r9)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYRES32, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r5, @ANYRES16=r0, @ANYRES16=r9, @ANYRES8=r8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES8=r7, @ANYRES8=r2, @ANYRES8, @ANYRES8=r11], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

3.047390223s ago: executing program 3 (id=1634):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x88e5, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @local}, @address_reply={0x2a, 0x0, 0x0, 0x4}}}}}, 0x0)

2.26111798s ago: executing program 2 (id=1635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f0000000200)=""/166}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000d40)={[{@init_itable_val={'init_itable', 0x3d, 0x6}}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@nouid32}, {@commit={'commit', 0x3d, 0x100000001}}, {@nomblk_io_submit}, {}]}, 0x45, 0x7b1, &(0x7f0000001140)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r3, &(0x7f0000000400)={&(0x7f0000000340), 0x14, &(0x7f00000003c0)={&(0x7f0000000380)="4801f15b23f509890aeee9cba159114a3db7cc", 0x13}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000c0)

2.2463875s ago: executing program 1 (id=1636):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40801}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r8=>r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r9)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYRES32, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r5, @ANYRES16=r0, @ANYRES16=r9, @ANYRES8=r8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES8=r7, @ANYRES8=r2, @ANYRES8, @ANYRES8=r11], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

2.217252779s ago: executing program 4 (id=1637):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c00110000000000000000000000000000000000fe8000000000000000000000000000bbac14142100000000000000000000000020010000000000000000000000000000000000000000000000000a"], 0xec}}, 0x0)

2.20679834s ago: executing program 3 (id=1638):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xf, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
truncate(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)

2.158184719s ago: executing program 4 (id=1639):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="7a0af8ff75257025bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x16, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp_prespec={0x44, 0x4, 0xc0, 0x3, 0x1}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x80}, 0x20000}, {@dev={0xac, 0x14, 0x14, 0x15}}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop]}}}}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$NLBL_MGMT_C_PROTOCOLS(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000009c0)={0x14, 0x0, 0x400, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r7}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r8 = dup(r3)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_NMI(r9, 0xae9a)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={0x0, 0x3, 0x10}, 0xc)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000500)={r1, r10}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)

2.134353509s ago: executing program 3 (id=1640):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x88e5, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @local}, @address_reply={0x2a, 0x0, 0x0, 0x4}}}}}, 0x0) (fail_nth: 3)

1.679167927s ago: executing program 3 (id=1641):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x83})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1200000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000a9000000000000000200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0xd28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.524908927s ago: executing program 0 (id=1642):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/36, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000220001"], 0x1c}], 0x1}, 0x0)
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x6c, r0, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9b3, <r1=>0x0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
preadv(r3, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/159, 0x9f}], 0x1, 0x105, 0x97e)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000090, &(0x7f0000000680), 0x0, 0x51b, &(0x7f0000000100)="$eJzs3d9rLFcdAPDvTLL3pvembqoitWAttnJv0bt709g2iGh90aeCWt9jTDYhZDcbspt6E4pN8T8QQcEnn3wR/AME6YN/gBQK+iI+iIoieqsPgtqRmZ2luZvdJNp0N81+PnCy58yv7zmz7NmZ2ZOZAKbWExHxQkTMRMTTEVEtp6dlWskLR73l3rr/ylqeksiyl/6aRFJO628rL89GxM3eKjEXEV/7csQ3k5NxOweH26vNZmOvLNe7rd165+DwzlZrdbOx2dhZWlp8bvn55WeX72ald9XOhX7mx1/6/M8//a3frfz59rfzan3uI1GJgXZcpF7TK8W+6Mv30d57EWwCZsr2VCZdEQAAziU/xv9gRHyiOP6vxkxxNDdgZhI1AwAAAC5K9oX5+HcSkQEAAABXVhoR85GktXIswHyk6bXy2sCH40babHe6n9po7++s5/MiFqKSbmw1G3fLscILUUny8mI5xrZffmagvBQRj0TE96oPFeXaWru5PuFrHwAAADAtbg6c//+jmhb5sw35PwEAAADg8loYWQAAAACuCqf8AAAAcPUNnv+73z8AAABcKV958cU8Zf3nX6+/fLC/3X75znqjs11r7a/V1tp7u7XNdnuzuGdf66ztNdvt3c/Ezv69erfR6dY7B4crrfb+Tndl64FHYAMAAABj9MjHX/91EhFHn32oSFHeBxDgAX+YdAWAi2SoH0wvd/GG6VWZdAWAiUvOmG/wDgAAvP/d+ujJ3//7z/93bQCuNmN9AGD6+P0fplfFCECYWrPlNYAP9IrXRy038vf/X543UpZFvFE9PsX1RQAAGK/5IiVprTwPmI80rdUiHo5IF6KSbGw1G3fL84NfVSvX8/JisWZy5phhAAAAAAAAAAAAAAAAAAAAAAAAAKAny5LIAAAAgCstIv1TUtzNP+JW9an5wesD15J/VuOPZeGHL33/3mq3u7eYT/9b8SyvaxHR/UE5/ZmRjw8DAAAALlpyNHJW7zy9fF0ca60AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmAJv3X9lrZ/GGfcvX4yIhWHxZ2OueJ2LSkTc+HsSs8fWSyJi5gLiH70WEY8Oi5/E21n2apS1GBb/IpwWf6HYNcPjpxFx84LqANPq9bz/eWHY5y+NJ4rX4Z+/2TK9W6P7v7SM/GjRzw3rfx4+sbXW0BiPvfnTei9XORn/tYjHZof3P/3+NxkR/8kTW/tXlmUn43/j64eHo9qf/Sji1tDvn+SBWPVua7feOTi8s9Va3WxsNnaWlhafW35++dnlu/WNrWaj/Ds0xnc/9rO3R8XP239jSPzf/qbX/57W/qdGbXTAf968d/9DveyJNyCPf/vJod+/czEiflp+932yzOfzb/XzR738cY//5I3HT2v/+oj9f9b7f/uc7X/6q9/5/TkXBQDGoHNwuL3abDb2TsnMnWOZ92PmF3OXohr/YyZ7tffOXZb6/L+Z/Gj1nSn9Vl2Cih3LZGOJdb04nj/vWtfG1PaJdksAAMB74J2D/knXBAAAAAAAAAAAAAAAAAAAAKbXOG6lNhjzaDJNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41X8DAAD//54w3GM=")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a)

1.425153616s ago: executing program 4 (id=1643):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/36, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000220001"], 0x1c}], 0x1}, 0x0)
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x6c, r0, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9b3, <r1=>0x0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
preadv(r3, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/159, 0x9f}], 0x1, 0x105, 0x97e)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000090, &(0x7f0000000680), 0x0, 0x51b, &(0x7f0000000100)="$eJzs3d9rLFcdAPDvTLL3pvembqoitWAttnJv0bt709g2iGh90aeCWt9jTDYhZDcbspt6E4pN8T8QQcEnn3wR/AME6YN/gBQK+iI+iIoieqsPgtqRmZ2luZvdJNp0N81+PnCy58yv7zmz7NmZ2ZOZAKbWExHxQkTMRMTTEVEtp6dlWskLR73l3rr/ylqeksiyl/6aRFJO628rL89GxM3eKjEXEV/7csQ3k5NxOweH26vNZmOvLNe7rd165+DwzlZrdbOx2dhZWlp8bvn55WeX72ald9XOhX7mx1/6/M8//a3frfz59rfzan3uI1GJgXZcpF7TK8W+6Mv30d57EWwCZsr2VCZdEQAAziU/xv9gRHyiOP6vxkxxNDdgZhI1AwAAAC5K9oX5+HcSkQEAAABXVhoR85GktXIswHyk6bXy2sCH40babHe6n9po7++s5/MiFqKSbmw1G3fLscILUUny8mI5xrZffmagvBQRj0TE96oPFeXaWru5PuFrHwAAADAtbg6c//+jmhb5sw35PwEAAADg8loYWQAAAACuCqf8AAAAcPUNnv+73z8AAABcKV958cU8Zf3nX6+/fLC/3X75znqjs11r7a/V1tp7u7XNdnuzuGdf66ztNdvt3c/Ezv69erfR6dY7B4crrfb+Tndl64FHYAMAAABj9MjHX/91EhFHn32oSFHeBxDgAX+YdAWAi2SoH0wvd/GG6VWZdAWAiUvOmG/wDgAAvP/d+ujJ3//7z/93bQCuNmN9AGD6+P0fplfFCECYWrPlNYAP9IrXRy038vf/X543UpZFvFE9PsX1RQAAGK/5IiVprTwPmI80rdUiHo5IF6KSbGw1G3fL84NfVSvX8/JisWZy5phhAAAAAAAAAAAAAAAAAAAAAAAAAKAny5LIAAAAgCstIv1TUtzNP+JW9an5wesD15J/VuOPZeGHL33/3mq3u7eYT/9b8SyvaxHR/UE5/ZmRjw8DAAAALlpyNHJW7zy9fF0ca60AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmAJv3X9lrZ/GGfcvX4yIhWHxZ2OueJ2LSkTc+HsSs8fWSyJi5gLiH70WEY8Oi5/E21n2apS1GBb/IpwWf6HYNcPjpxFx84LqANPq9bz/eWHY5y+NJ4rX4Z+/2TK9W6P7v7SM/GjRzw3rfx4+sbXW0BiPvfnTei9XORn/tYjHZof3P/3+NxkR/8kTW/tXlmUn43/j64eHo9qf/Sji1tDvn+SBWPVua7feOTi8s9Va3WxsNnaWlhafW35++dnlu/WNrWaj/Ds0xnc/9rO3R8XP239jSPzf/qbX/57W/qdGbXTAf968d/9DveyJNyCPf/vJod+/czEiflp+932yzOfzb/XzR738cY//5I3HT2v/+oj9f9b7f/uc7X/6q9/5/TkXBQDGoHNwuL3abDb2TsnMnWOZ92PmF3OXohr/YyZ7tffOXZb6/L+Z/Gj1nSn9Vl2Cih3LZGOJdb04nj/vWtfG1PaJdksAAMB74J2D/knXBAAAAAAAAAAAAAAAAAAAAKbXOG6lNhjzaDJNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41X8DAAD//54w3GM=")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a)

1.346025486s ago: executing program 1 (id=1644):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
truncate(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)

1.191179195s ago: executing program 2 (id=1645):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000091137070c9f348250000000000000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40801}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r8=>r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r9)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYRES32, @ANYBLOB="24002d80"], 0x64}}, 0x0)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r5, @ANYRES16=r0, @ANYRES16=r9, @ANYRES8=r8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES8=r7, @ANYRES8=r2, @ANYRES8, @ANYRES8=r11], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

1.116925535s ago: executing program 1 (id=1646):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/36, 0x24)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x40, r0, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9b3, <r1=>0x0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
preadv(r3, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/159, 0x9f}], 0x1, 0x105, 0x97e)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000090, &(0x7f0000000680), 0x0, 0x51b, &(0x7f0000000100)="$eJzs3d9rLFcdAPDvTLL3pvembqoitWAttnJv0bt709g2iGh90aeCWt9jTDYhZDcbspt6E4pN8T8QQcEnn3wR/AME6YN/gBQK+iI+iIoieqsPgtqRmZ2luZvdJNp0N81+PnCy58yv7zmz7NmZ2ZOZAKbWExHxQkTMRMTTEVEtp6dlWskLR73l3rr/ylqeksiyl/6aRFJO628rL89GxM3eKjEXEV/7csQ3k5NxOweH26vNZmOvLNe7rd165+DwzlZrdbOx2dhZWlp8bvn55WeX72ald9XOhX7mx1/6/M8//a3frfz59rfzan3uI1GJgXZcpF7TK8W+6Mv30d57EWwCZsr2VCZdEQAAziU/xv9gRHyiOP6vxkxxNDdgZhI1AwAAAC5K9oX5+HcSkQEAAABXVhoR85GktXIswHyk6bXy2sCH40babHe6n9po7++s5/MiFqKSbmw1G3fLscILUUny8mI5xrZffmagvBQRj0TE96oPFeXaWru5PuFrHwAAADAtbg6c//+jmhb5sw35PwEAAADg8loYWQAAAACuCqf8AAAAcPUNnv+73z8AAABcKV958cU8Zf3nX6+/fLC/3X75znqjs11r7a/V1tp7u7XNdnuzuGdf66ztNdvt3c/Ezv69erfR6dY7B4crrfb+Tndl64FHYAMAAABj9MjHX/91EhFHn32oSFHeBxDgAX+YdAWAi2SoH0wvd/GG6VWZdAWAiUvOmG/wDgAAvP/d+ujJ3//7z/93bQCuNmN9AGD6+P0fplfFCECYWrPlNYAP9IrXRy038vf/X543UpZFvFE9PsX1RQAAGK/5IiVprTwPmI80rdUiHo5IF6KSbGw1G3fL84NfVSvX8/JisWZy5phhAAAAAAAAAAAAAAAAAAAAAAAAAKAny5LIAAAAgCstIv1TUtzNP+JW9an5wesD15J/VuOPZeGHL33/3mq3u7eYT/9b8SyvaxHR/UE5/ZmRjw8DAAAALlpyNHJW7zy9fF0ca60AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmAJv3X9lrZ/GGfcvX4yIhWHxZ2OueJ2LSkTc+HsSs8fWSyJi5gLiH70WEY8Oi5/E21n2apS1GBb/IpwWf6HYNcPjpxFx84LqANPq9bz/eWHY5y+NJ4rX4Z+/2TK9W6P7v7SM/GjRzw3rfx4+sbXW0BiPvfnTei9XORn/tYjHZof3P/3+NxkR/8kTW/tXlmUn43/j64eHo9qf/Sji1tDvn+SBWPVua7feOTi8s9Va3WxsNnaWlhafW35++dnlu/WNrWaj/Ds0xnc/9rO3R8XP239jSPzf/qbX/57W/qdGbXTAf968d/9DveyJNyCPf/vJod+/czEiflp+932yzOfzb/XzR738cY//5I3HT2v/+oj9f9b7f/uc7X/6q9/5/TkXBQDGoHNwuL3abDb2TsnMnWOZ92PmF3OXohr/YyZ7tffOXZb6/L+Z/Gj1nSn9Vl2Cih3LZGOJdb04nj/vWtfG1PaJdksAAMB74J2D/knXBAAAAAAAAAAAAAAAAAAAAKbXOG6lNhjzaDJNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41X8DAAD//54w3GM=")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a)

1.057569535s ago: executing program 3 (id=1647):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0x40046208, 0x0)

629.866482ms ago: executing program 0 (id=1648):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40801}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r8=>r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r9)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r9)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r10, @ANYRES32, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r5, @ANYRES16=r0, @ANYRES16=r9, @ANYRES8=r8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES8=r7, @ANYRES8=r2, @ANYRES8, @ANYRES8=r11], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x10)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

266.735131ms ago: executing program 2 (id=1649):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f00000002c0)=0xffff, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000d00)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x9c, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0xe22, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "9b92fc056f07d114fe3b41c776904545fb44d8e5dc0e57fdbba583dbc1bf026f", "ba38149afe78e80f44a98eddddbf2b6f237458668eb2461a95cd9a215310bae58679f26df35b2d9306a4a2e1dc85e86f", "6ba2c77aea3ef00f0ac8f0e3066b25082e39f5fb07fb432ca8f22890", {"e79710a9e57f1011496e538064796900", "f9d98c0072c691ce00"}}}}}}}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000200), r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000006"], 0x48)
r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
setns(r5, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='workqueue_queue_work\x00', r6, 0x0, 0x10000}, 0x18)
write$cgroup_int(r2, &(0x7f0000000000)=0x700, 0x12)

172.078411ms ago: executing program 2 (id=1650):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xf, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
truncate(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)

76.93498ms ago: executing program 2 (id=1651):
bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

10.25977ms ago: executing program 2 (id=1652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000d40)={[{@init_itable_val={'init_itable', 0x3d, 0x6}}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@nouid32}, {@commit={'commit', 0x3d, 0x100000001}}, {@nomblk_io_submit}, {}]}, 0x45, 0x7b1, &(0x7f0000001140)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r6, &(0x7f0000000400)={&(0x7f0000000340), 0x14, &(0x7f00000003c0)={&(0x7f0000000380)="4801f15b23f509890aeee9cba15911", 0xf}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000c0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x23, &(0x7f0000000280))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0x40046208, 0x0)

1.44522ms ago: executing program 3 (id=1653):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f0000000540)={[{@jqfmt_vfsv0}]}, 0x1, 0x439, &(0x7f0000000100)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xa0, 0x0, 0x2, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x9}, @NLBL_MGMT_A_DOMAIN={0xf, 0x1, 'jqfmt=vfsv0'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, 'ext4\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8000}, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x100)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000000000)=""/9, 0x9}], 0x1)
fallocate(r1, 0x11, 0x0, 0x7ff)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000000c0)=<r2=>0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
dup3(r5, r4, 0x0)
sched_setscheduler(r2, 0x3, &(0x7f0000000580)=0x6)

0s ago: executing program 4 (id=1654):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r1, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @random="4d74e99b4b5f"}, 0x14)
bind$bt_l2cap(r0, &(0x7f0000000000), 0xe)
listen(r0, 0x1)

kernel console output (not intermixed with test programs):

d: No such file or directory
[  732.227731][ T1017] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  732.356903][ T6553] loop1: detected capacity change from 0 to 2048
[  732.433673][ T6553] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  732.457689][ T1017] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  732.466268][ T1017] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  732.476588][ T1017] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  733.362259][ T1017] usb 5-1: config 1 has no interface number 1
[  733.368237][ T1017] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  733.371110][ T6564] syz.0.1285[6564] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  733.386118][ T6564] syz.0.1285[6564] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  733.437651][ T1017] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  733.487725][ T6566] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1283'.
[  733.661533][ T6568] loop2: detected capacity change from 0 to 1024
[  733.712035][ T1017] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.721863][ T6568] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  733.730864][  T616] EXT4-fs (loop1): unmounting filesystem.
[  733.751251][ T1017] usb 5-1: Product: syz
[  733.788589][ T1017] usb 5-1: Manufacturer: syz
[  733.910524][ T1017] usb 5-1: SerialNumber: syz
[  734.043055][  T617] EXT4-fs (loop4): unmounting filesystem.
[  734.055298][ T1017] usb 5-1: USB disconnect, device number 7
[  735.155283][ T3793] udevd[3793]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  735.183487][ T1019] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  735.198551][ T1019] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  735.279359][ T1019] EXT4-fs (loop2): This should not happen!! Data will be lost
[  735.279359][ T1019] 
[  735.354352][ T1019] EXT4-fs (loop2): Total free blocks count 0
[  735.511066][ T1019] EXT4-fs (loop2): Free/Dirty block details
[  735.658067][ T1019] EXT4-fs (loop2): free_blocks=68451041280
[  735.758187][ T1019] EXT4-fs (loop2): dirty_blocks=4560
[  735.829133][ T1019] EXT4-fs (loop2): Block reservation details
[  736.002913][ T1019] EXT4-fs (loop2): i_reserved_data_blocks=285
[  736.076354][ T6603] loop4: detected capacity change from 0 to 2048
[  736.101874][ T6603] EXT4-fs: Ignoring removed mblk_io_submit option
[  736.118653][ T6603] ext2: Bad value for 'commit'
[  736.127874][ T1019] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  736.973106][ T6622] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  737.011796][ T6624] loop0: detected capacity change from 0 to 2048
[  737.024836][ T6609] loop2: detected capacity change from 0 to 8192
[  737.070342][ T6624] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  737.199111][  T102]  loop2: p1 < > p2 p3 < p5 p6 > p4
[  737.204137][  T102] loop2: partition table partially beyond EOD, truncated
[  737.219577][  T102] loop2: p1 start 277760 is beyond EOD, truncated
[  738.129990][  T102] loop2: p2 start 6684676 is beyond EOD, truncated
[  738.148697][  T102] loop2: p5 start 6684676 is beyond EOD, truncated
[  738.171325][ T6636] loop3: detected capacity change from 0 to 512
[  738.267414][ T6638] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1297'.
[  738.485960][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  738.492929][ T3796] udevd[3796]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  738.496736][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory
[  738.524325][  T614] EXT4-fs (loop0): unmounting filesystem.
[  738.573147][ T6636] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  738.582207][ T6636] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  738.669162][ T6651] loop0: detected capacity change from 0 to 1024
[  738.691226][ T6651] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  739.199297][ T6658] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1303'.
[  739.919699][ T6665] loop2: detected capacity change from 0 to 2048
[  739.929405][ T6665] EXT4-fs: Ignoring removed mblk_io_submit option
[  739.936468][ T6665] ext2: Bad value for 'commit'
[  740.016445][ T3793] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  740.094651][ T2596] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  740.286068][ T2596] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  740.300216][ T2596] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  740.333919][ T2596] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  740.378637][ T2596] usb 4-1: config 1 has no interface number 1
[  740.405375][ T2596] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  740.588061][  T614] EXT4-fs (loop0): unmounting filesystem.
[  740.595651][ T2596] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  741.345870][ T2596] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.353699][ T2596] usb 4-1: Product: syz
[  741.357898][ T2596] usb 4-1: Manufacturer: syz
[  741.369185][ T2596] usb 4-1: SerialNumber: syz
[  741.400439][ T2596] usb 4-1: can't set config #1, error -71
[  741.416596][  T615] EXT4-fs (loop3): unmounting filesystem.
[  741.429081][ T2596] usb 4-1: USB disconnect, device number 8
[  741.436101][ T6689] loop1: detected capacity change from 0 to 1024
[  742.721248][ T6700] loop3: detected capacity change from 0 to 2048
[  742.728870][ T6689] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  742.783271][ T6700] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  743.413116][ T6716] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1312'.
[  743.690844][ T6719] loop4: detected capacity change from 0 to 2048
[  743.697979][  T615] EXT4-fs (loop3): unmounting filesystem.
[  743.760857][ T6719] EXT4-fs: Ignoring removed mblk_io_submit option
[  743.781313][ T6719] ext2: Bad value for 'commit'
[  743.813739][ T6723] loop3: detected capacity change from 0 to 2048
[  743.834307][ T6723] EXT4-fs: Ignoring removed mblk_io_submit option
[  743.840729][ T6723] ext2: Bad value for 'commit'
[  743.841994][    T8] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  743.871702][ T6726] loop0: detected capacity change from 0 to 2048
[  743.936796][    T8] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  743.945304][ T6726] EXT4-fs: Ignoring removed mblk_io_submit option
[  743.949239][    T8] EXT4-fs (loop1): This should not happen!! Data will be lost
[  743.949239][    T8] 
[  743.965210][    T8] EXT4-fs (loop1): Total free blocks count 0
[  743.983634][ T6726] ext2: Bad value for 'commit'
[  744.028602][    T8] EXT4-fs (loop1): Free/Dirty block details
[  744.034484][    T8] EXT4-fs (loop1): free_blocks=68451041280
[  744.040162][    T8] EXT4-fs (loop1): dirty_blocks=15776
[  744.045392][    T8] EXT4-fs (loop1): Block reservation details
[  744.051379][    T8] EXT4-fs (loop1): i_reserved_data_blocks=986
[  744.067644][  T648] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  745.211906][ T6735] loop0: detected capacity change from 0 to 1024
[  745.259500][ T6735] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  745.425007][ T1178] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  745.674126][ T1178] usb 4-1: Using ep0 maxpacket: 8
[  745.680347][ T1178] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  745.707039][ T1178] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  745.723114][ T6747] loop2: detected capacity change from 0 to 1024
[  745.724938][ T1178] usb 4-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  745.754985][ T1178] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.806288][ T1178] usb 4-1: config 0 descriptor??
[  745.901955][ T6747] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  745.977983][ T6747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6747 comm=syz.2.1322
[  746.039783][ T1347] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  746.056749][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  746.091229][ T1347] EXT4-fs (loop0): This should not happen!! Data will be lost
[  746.091229][ T1347] 
[  746.112741][ T1347] EXT4-fs (loop0): Total free blocks count 0
[  746.126804][ T1347] EXT4-fs (loop0): Free/Dirty block details
[  746.137142][ T1347] EXT4-fs (loop0): free_blocks=68451041280
[  746.150396][ T1347] EXT4-fs (loop0): dirty_blocks=16384
[  746.161253][ T1347] EXT4-fs (loop0): Block reservation details
[  746.173655][ T1347] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  746.210679][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  746.223933][ T6733] netlink: 'syz.3.1319': attribute type 11 has an invalid length.
[  746.234848][ T6733] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1319'.
[  746.255630][ T1178] lenovo 0003:17EF:6062.000C: unknown main item tag 0x0
[  746.267554][ T1178] lenovo 0003:17EF:6062.000C: unknown main item tag 0x0
[  746.287255][ T1178] lenovo 0003:17EF:6062.000C: unknown main item tag 0x0
[  746.318529][ T1178] lenovo 0003:17EF:6062.000C: unknown main item tag 0x0
[  746.332627][ T1178] lenovo 0003:17EF:6062.000C: unknown main item tag 0x0
[  746.344638][ T1178] lenovo 0003:17EF:6062.000C: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.3-1/input0
[  746.474370][ T1178] usb 4-1: USB disconnect, device number 9
[  746.524885][ T6762] loop4: detected capacity change from 0 to 2048
[  746.626542][ T6762] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  747.719203][ T6780] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1326'.
[  747.810925][ T6778] loop0: detected capacity change from 0 to 1024
[  747.936155][ T6783] loop1: detected capacity change from 0 to 1024
[  747.943082][  T617] EXT4-fs (loop4): unmounting filesystem.
[  747.953303][ T1347] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  747.984391][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  747.989258][ T6778] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  747.996779][ T1347] EXT4-fs (loop2): This should not happen!! Data will be lost
[  747.996779][ T1347] 
[  748.006392][ T6783] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  748.014569][ T1347] EXT4-fs (loop2): Total free blocks count 0
[  748.028568][ T1347] EXT4-fs (loop2): Free/Dirty block details
[  748.086801][ T1347] EXT4-fs (loop2): free_blocks=68451041280
[  748.219499][ T1347] EXT4-fs (loop2): dirty_blocks=8544
[  748.221405][ T6795] loop3: detected capacity change from 0 to 512
[  748.234461][ T1347] EXT4-fs (loop2): Block reservation details
[  748.265979][ T6783] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6783 comm=syz.1.1329
[  748.274962][ T1347] EXT4-fs (loop2): i_reserved_data_blocks=534
[  748.301327][ T1019] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  748.334540][ T6795] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.1331: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  748.573469][ T6795] EXT4-fs error (device loop3): ext4_quota_enable:6982: comm syz.3.1331: Bad quota inode: 3, type: 0
[  748.584556][ T6795] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  748.599784][ T6795] EXT4-fs (loop3): mount failed
[  748.611962][ T6803] loop2: detected capacity change from 0 to 1024
[  748.661679][ T1019] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  748.685180][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  748.697671][ T1019] EXT4-fs (loop0): This should not happen!! Data will be lost
[  748.697671][ T1019] 
[  748.711466][ T1019] EXT4-fs (loop0): Total free blocks count 0
[  748.717557][ T1019] EXT4-fs (loop0): Free/Dirty block details
[  748.723364][ T1019] EXT4-fs (loop0): free_blocks=68451041280
[  748.729819][ T1019] EXT4-fs (loop0): dirty_blocks=7712
[  748.735325][ T1019] EXT4-fs (loop0): Block reservation details
[  748.742049][ T6803] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  748.758571][ T1019] EXT4-fs (loop0): i_reserved_data_blocks=482
[  748.803741][ T6808] ovl_get_inode: 2 callbacks suppressed
[  748.803755][ T6808] overlayfs: failed to get inode (-116)
[  748.829854][ T6808] overlayfs: failed to get inode (-116)
[  748.833542][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  748.836468][ T6808] overlayfs: failed to get inode (-116)
[  748.854409][ T6808] overlayfs: failed to get inode (-116)
[  749.047580][ T1019] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  749.090999][ T6811] loop4: detected capacity change from 0 to 2048
[  749.097272][ T1019] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  749.109808][ T6811] EXT4-fs: Ignoring removed mblk_io_submit option
[  749.125261][ T1019] EXT4-fs (loop1): This should not happen!! Data will be lost
[  749.125261][ T1019] 
[  749.135177][ T6811] ext2: Bad value for 'commit'
[  749.143025][ T1019] EXT4-fs (loop1): Total free blocks count 0
[  749.154430][ T1019] EXT4-fs (loop1): Free/Dirty block details
[  749.161992][ T1019] EXT4-fs (loop1): free_blocks=68451041280
[  749.167801][ T1019] EXT4-fs (loop1): dirty_blocks=16384
[  749.173018][ T1019] EXT4-fs (loop1): Block reservation details
[  749.195213][ T1019] EXT4-fs (loop1): i_reserved_data_blocks=1024
[  749.249497][ T1019] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  749.272208][ T6813] loop0: detected capacity change from 0 to 8192
[  749.335292][ T6813]  loop0: p1 < > p2 p3 < p5 p6 > p4
[  749.343683][ T6813] loop0: partition table partially beyond EOD, truncated
[  749.364273][ T6813] loop0: p1 start 277760 is beyond EOD, truncated
[  749.374977][ T6813] loop0: p2 start 6684676 is beyond EOD, truncated
[  749.385824][ T6813] loop0: p5 start 6684676 is beyond EOD, truncated
[  749.439958][ T6813] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  749.594805][ T6821] loop0: detected capacity change from 0 to 256
[  750.341677][ T6821] FAT-fs (loop0): Unrecognized mount option "utf8=t=cp932" or missing value
[  750.358244][  T648] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  750.557495][  T648] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  750.569842][  T648] EXT4-fs (loop2): This should not happen!! Data will be lost
[  750.569842][  T648] 
[  750.579244][  T648] EXT4-fs (loop2): Total free blocks count 0
[  751.174659][  T648] EXT4-fs (loop2): Free/Dirty block details
[  751.205131][  T648] EXT4-fs (loop2): free_blocks=68451041280
[  751.571261][  T648] EXT4-fs (loop2): dirty_blocks=15952
[  751.593479][  T648] EXT4-fs (loop2): Block reservation details
[  751.611467][ T6841] loop3: detected capacity change from 0 to 2048
[  751.619659][  T648] EXT4-fs (loop2): i_reserved_data_blocks=997
[  751.656733][ T6841] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  751.668636][  T648] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  751.821960][ T6845] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6845 comm=syz.1.1343
[  752.835483][ T6855] loop1: detected capacity change from 0 to 512
[  752.956023][ T6856] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1341'.
[  753.114445][  T615] EXT4-fs (loop3): unmounting filesystem.
[  753.126185][ T6855] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.1343: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  753.593938][ T6855] EXT4-fs error (device loop1): ext4_quota_enable:6982: comm syz.1.1343: Bad quota inode: 3, type: 0
[  753.685225][ T6855] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  753.716195][ T6855] EXT4-fs (loop1): mount failed
[  753.793176][ T6872] loop2: detected capacity change from 0 to 1024
[  753.963562][ T6872] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  754.014394][ T6887] device vlan2 entered promiscuous mode
[  754.045569][ T6872] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6872 comm=syz.2.1346
[  754.754103][  T648] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  754.769346][  T648] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  754.781681][  T648] EXT4-fs (loop2): This should not happen!! Data will be lost
[  754.781681][  T648] 
[  754.800397][  T648] EXT4-fs (loop2): Total free blocks count 0
[  754.810049][  T648] EXT4-fs (loop2): Free/Dirty block details
[  754.815986][  T648] EXT4-fs (loop2): free_blocks=68451041280
[  754.821676][  T648] EXT4-fs (loop2): dirty_blocks=12240
[  754.840641][ T6896] loop3: detected capacity change from 0 to 8192
[  754.846931][  T648] EXT4-fs (loop2): Block reservation details
[  754.852758][  T648] EXT4-fs (loop2): i_reserved_data_blocks=765
[  754.915715][  T648] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  754.935557][ T6896]  loop3: p1 p2 p3 p4[EZD]
[  754.940218][ T6896] loop3: p1 size 16128 extends beyond EOD, truncated
[  755.727147][ T6901] loop1: detected capacity change from 0 to 1024
[  755.759718][ T6896] loop3: p3 start 458783 is beyond EOD, truncated
[  755.804657][ T6896] loop3: p4 size 65536 extends beyond EOD, truncated
[  755.909219][ T6901] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  755.966180][ T6901] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6901 comm=syz.1.1354
[  756.004028][ T6917] loop0: detected capacity change from 0 to 1024
[  756.015291][ T3796] udevd[3796]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  756.026437][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  756.039760][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  756.220268][ T6917] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  756.265108][ T1178] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  756.643830][ T1178] usb 4-1: Using ep0 maxpacket: 8
[  756.650038][ T1178] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  756.719270][ T1347] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  756.724998][ T1178] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  756.734539][ T1347] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  756.754967][ T1178] usb 4-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  756.756276][ T1347] EXT4-fs (loop1): This should not happen!! Data will be lost
[  756.756276][ T1347] 
[  756.774011][ T1178] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.786802][ T1178] usb 4-1: config 0 descriptor??
[  757.058224][ T1347] EXT4-fs (loop1): Total free blocks count 0
[  757.068177][ T1347] EXT4-fs (loop1): Free/Dirty block details
[  757.077055][ T1347] EXT4-fs (loop1): free_blocks=68451041280
[  757.086817][ T1347] EXT4-fs (loop1): dirty_blocks=16384
[  757.095093][ T1347] EXT4-fs (loop1): Block reservation details
[  757.104025][ T1347] EXT4-fs (loop1): i_reserved_data_blocks=1024
[  757.110100][  T707] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  757.132921][ T1347] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  757.147280][    T8] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  757.162445][    T8] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  757.174723][    T8] EXT4-fs (loop0): This should not happen!! Data will be lost
[  757.174723][    T8] 
[  757.184407][    T8] EXT4-fs (loop0): Total free blocks count 0
[  757.190367][    T8] EXT4-fs (loop0): Free/Dirty block details
[  757.196625][    T8] EXT4-fs (loop0): free_blocks=68451041280
[  757.202277][    T8] EXT4-fs (loop0): dirty_blocks=9456
[  757.207585][    T8] EXT4-fs (loop0): Block reservation details
[  757.213404][    T8] EXT4-fs (loop0): i_reserved_data_blocks=591
[  757.230631][    T8] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  757.251505][ T6920] netlink: 'syz.3.1356': attribute type 11 has an invalid length.
[  757.264981][ T6920] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1356'.
[  757.295018][  T707] usb 3-1: Using ep0 maxpacket: 8
[  757.300085][ T1178] lenovo 0003:17EF:6062.000D: unknown main item tag 0x0
[  757.308545][  T707] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  757.310174][ T1178] lenovo 0003:17EF:6062.000D: unknown main item tag 0x0
[  757.326363][ T1178] lenovo 0003:17EF:6062.000D: unknown main item tag 0x0
[  757.333129][ T1178] lenovo 0003:17EF:6062.000D: unknown main item tag 0x0
[  757.338866][  T707] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  757.340243][ T1178] lenovo 0003:17EF:6062.000D: unknown main item tag 0x0
[  757.350590][  T707] usb 3-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  757.359336][ T6936] loop1: detected capacity change from 0 to 2048
[  757.365244][  T707] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.372335][ T1178] lenovo 0003:17EF:6062.000D: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.3-1/input0
[  757.390952][ T6936] EXT4-fs: Ignoring removed mblk_io_submit option
[  757.397442][ T6936] ext2: Bad value for 'commit'
[  757.411887][ T6938] loop0: detected capacity change from 0 to 512
[  757.416294][  T707] usb 3-1: config 0 descriptor??
[  757.426987][ T6938] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  757.437106][ T6938] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  757.553831][ T6621] usb 4-1: USB disconnect, device number 10
[  757.855441][ T6926] netlink: 'syz.2.1350': attribute type 11 has an invalid length.
[  757.867388][ T6926] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1350'.
[  757.872550][ T2596] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  757.886159][  T707] lenovo 0003:17EF:6062.000E: unknown main item tag 0x0
[  757.892992][  T707] lenovo 0003:17EF:6062.000E: unknown main item tag 0x0
[  757.899811][  T707] lenovo 0003:17EF:6062.000E: unknown main item tag 0x0
[  757.906563][  T707] lenovo 0003:17EF:6062.000E: unknown main item tag 0x0
[  757.913284][  T707] lenovo 0003:17EF:6062.000E: unknown main item tag 0x0
[  757.920670][  T707] lenovo 0003:17EF:6062.000E: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.2-1/input0
[  758.066441][ T2596] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  758.076318][ T2596] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  758.086485][ T2596] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  758.095461][ T2596] usb 1-1: config 1 has no interface number 1
[  758.105746][ T2596] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  758.119917][ T6621] usb 3-1: USB disconnect, device number 7
[  758.127349][ T2596] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  758.148455][ T2596] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.164728][ T2596] usb 1-1: Product: syz
[  758.169708][ T2596] usb 1-1: Manufacturer: syz
[  758.174175][ T2596] usb 1-1: SerialNumber: syz
[  758.304397][ T6954] loop1: detected capacity change from 0 to 256
[  758.311540][ T6954] FAT-fs (loop1): Unrecognized mount option "utf8=t=cp932" or missing value
[  758.383161][ T6938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1360'.
[  758.482996][ T2596] usb 1-1: USB disconnect, device number 10
[  759.325414][ T3793] udevd[3793]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  759.690159][ T6977] loop4: detected capacity change from 0 to 8192
[  759.814637][ T6977]  loop4: p1 p2 p3 p4[EZD]
[  759.819560][ T6977] loop4: p1 size 16128 extends beyond EOD, truncated
[  759.834103][ T6977] loop4: p3 start 458783 is beyond EOD, truncated
[  759.849754][ T6977] loop4: p4 size 65536 extends beyond EOD, truncated
[  759.898282][ T3796] udevd[3796]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  761.305124][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  761.316931][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  761.422425][ T7003] loop2: detected capacity change from 0 to 1024
[  761.449081][  T614] EXT4-fs (loop0): unmounting filesystem.
[  761.466883][ T7003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  761.482911][ T7005] loop4: detected capacity change from 0 to 8192
[  761.778329][ T7005]  loop4: p1 < > p2 p3 < p5 p6 > p4
[  761.782199][ T7016] loop0: detected capacity change from 0 to 1024
[  761.793553][ T7005] loop4: partition table partially beyond EOD, truncated
[  761.815788][ T7005] loop4: p1 start 277760 is beyond EOD, truncated
[  761.822623][ T7005] loop4: p2 start 6684676 is beyond EOD, truncated
[  761.834160][ T7005] loop4: p5 start 6684676 is beyond EOD, truncated
[  761.857470][ T7016] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  761.867515][ T7015] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  761.885677][  T102]  loop4: p1 < > p2 p3 < p5 p6 > p4
[  761.893013][  T102] loop4: partition table partially beyond EOD, truncated
[  761.897880][ T7016] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7016 comm=syz.0.1371
[  761.900447][  T102] loop4: p1 start 277760 is beyond EOD, truncated
[  761.920754][  T102] loop4: p2 start 6684676 is beyond EOD, truncated
[  761.946882][  T102] loop4: p5 start 6684676 is beyond EOD, truncated
[  762.088399][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  762.089957][ T3797] udevd[3797]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[  762.126541][ T3796] udevd[3796]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  762.152231][ T7021] loop4: detected capacity change from 0 to 2048
[  762.163454][ T7021] EXT4-fs: Ignoring removed mblk_io_submit option
[  762.172904][ T7021] ext2: Bad value for 'commit'
[  762.403781][ T1347] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  762.444991][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  762.474930][ T1347] EXT4-fs (loop2): This should not happen!! Data will be lost
[  762.474930][ T1347] 
[  762.484432][ T1347] EXT4-fs (loop2): Total free blocks count 0
[  762.499621][ T1347] EXT4-fs (loop2): Free/Dirty block details
[  762.510102][ T1347] EXT4-fs (loop2): free_blocks=68451041280
[  762.516012][ T1347] EXT4-fs (loop2): dirty_blocks=3264
[  762.521142][ T1347] EXT4-fs (loop2): Block reservation details
[  762.527175][ T1347] EXT4-fs (loop2): i_reserved_data_blocks=204
[  762.542885][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1200 with error 28
[  762.644967][ T2596] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  762.671034][ T1347] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  762.702218][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  763.011643][ T7042] loop3: detected capacity change from 0 to 1024
[  763.038908][ T1347] EXT4-fs (loop0): This should not happen!! Data will be lost
[  763.038908][ T1347] 
[  763.060146][ T7042] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  763.068550][ T1347] EXT4-fs (loop0): Total free blocks count 0
[  763.078281][ T1347] EXT4-fs (loop0): Free/Dirty block details
[  763.087886][ T1347] EXT4-fs (loop0): free_blocks=68451041280
[  763.095313][ T7042] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7042 comm=syz.3.1380
[  763.104186][ T1347] EXT4-fs (loop0): dirty_blocks=7248
[  763.107640][ T2596] usb 2-1: Using ep0 maxpacket: 8
[  763.112648][ T1347] EXT4-fs (loop0): Block reservation details
[  763.122639][ T2596] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  763.123357][ T1347] EXT4-fs (loop0): i_reserved_data_blocks=453
[  763.145279][ T2596] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  763.155726][ T2596] usb 2-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  763.164538][  T648] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  763.251458][ T2596] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.291528][ T2596] usb 2-1: config 0 descriptor??
[  763.405238][ T7048] loop0: detected capacity change from 0 to 1024
[  763.449627][ T7048] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  763.597280][ T7053] loop2: detected capacity change from 0 to 1024
[  763.702824][ T7053] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  763.731364][ T7031] netlink: 'syz.1.1377': attribute type 11 has an invalid length.
[  763.752380][ T7031] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1377'.
[  763.793246][ T2596] lenovo 0003:17EF:6062.000F: unknown main item tag 0x0
[  763.821067][ T2596] lenovo 0003:17EF:6062.000F: unknown main item tag 0x0
[  763.861516][ T2596] lenovo 0003:17EF:6062.000F: unknown main item tag 0x0
[  763.918221][ T2596] lenovo 0003:17EF:6062.000F: unknown main item tag 0x0
[  763.962266][ T2596] lenovo 0003:17EF:6062.000F: unknown main item tag 0x0
[  764.009900][ T2596] lenovo 0003:17EF:6062.000F: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.1-1/input0
[  764.048025][ T2596] usb 2-1: USB disconnect, device number 11
[  764.233678][  T279] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  764.274992][  T279] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  764.294933][  T279] EXT4-fs (loop3): This should not happen!! Data will be lost
[  764.294933][  T279] 
[  764.314916][  T279] EXT4-fs (loop3): Total free blocks count 0
[  764.321000][  T279] EXT4-fs (loop3): Free/Dirty block details
[  764.329991][ T1347] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  764.345145][  T279] EXT4-fs (loop3): free_blocks=68451041280
[  764.350773][  T279] EXT4-fs (loop3): dirty_blocks=6592
[  764.356321][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  764.368817][  T279] EXT4-fs (loop3): Block reservation details
[  764.374610][  T279] EXT4-fs (loop3): i_reserved_data_blocks=412
[  764.384988][ T1347] EXT4-fs (loop0): This should not happen!! Data will be lost
[  764.384988][ T1347] 
[  764.410688][  T279] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  764.423306][ T1347] EXT4-fs (loop0): Total free blocks count 0
[  764.429386][ T1347] EXT4-fs (loop0): Free/Dirty block details
[  764.435357][ T1347] EXT4-fs (loop0): free_blocks=68451041280
[  764.440997][ T1347] EXT4-fs (loop0): dirty_blocks=16384
[  764.485251][ T1347] EXT4-fs (loop0): Block reservation details
[  764.501203][ T1347] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  764.591253][ T7064] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1384'.
[  764.622886][ T7063] overlayfs: failed to get inode (-116)
[  764.813120][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  764.816095][ T7063] overlayfs: failed to get inode (-116)
[  764.845110][ T7063] overlayfs: failed to get inode (-116)
[  764.856804][ T7063] overlayfs: failed to get inode (-116)
[  764.930540][ T1347] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  764.952263][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  764.961037][ T7071] overlayfs: failed to get inode (-116)
[  764.964918][ T1347] EXT4-fs (loop2): This should not happen!! Data will be lost
[  764.964918][ T1347] 
[  764.989616][ T7071] overlayfs: failed to get inode (-116)
[  764.995743][ T7071] overlayfs: failed to get inode (-116)
[  765.001613][ T7071] overlayfs: failed to get inode (-116)
[  765.238481][ T1347] EXT4-fs (loop2): Total free blocks count 0
[  765.264070][ T1347] EXT4-fs (loop2): Free/Dirty block details
[  765.304323][ T1347] EXT4-fs (loop2): free_blocks=68451041280
[  765.310169][ T1347] EXT4-fs (loop2): dirty_blocks=11936
[  765.319719][ T1347] EXT4-fs (loop2): Block reservation details
[  765.325863][ T1347] EXT4-fs (loop2): i_reserved_data_blocks=746
[  765.340320][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  765.340332][   T28] audit: type=1400 audit(1734789623.323:267): avc:  denied  { ioctl } for  pid=7077 comm="syz.3.1388" path="socket:[39718]" dev="sockfs" ino=39718 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  765.380280][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  767.032224][ T7109] loop3: detected capacity change from 0 to 512
[  767.047879][ T7109] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  767.056788][ T7109] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  767.155751][ T7115] loop0: detected capacity change from 0 to 1024
[  767.177159][ T7115] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  767.187500][ T7115] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7115 comm=syz.0.1395
[  768.149941][ T2596] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  768.230589][ T7133] loop1: detected capacity change from 0 to 8192
[  768.305265][ T7133]  loop1: p1 < > p2 p3 < p5 p6 > p4
[  768.310373][ T7133] loop1: partition table partially beyond EOD, truncated
[  768.325171][ T7133] loop1: p1 start 277760 is beyond EOD, truncated
[  768.331426][ T7133] loop1: p2 start 6684676 is beyond EOD, truncated
[  768.344263][ T7133] loop1: p5 start 6684676 is beyond EOD, truncated
[  768.411655][ T7140] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1399'.
[  768.634373][ T7139] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  768.648947][ T1019] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  768.664141][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  768.684847][ T2596] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  768.693447][ T2596] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  768.704253][ T1019] EXT4-fs (loop0): This should not happen!! Data will be lost
[  768.704253][ T1019] 
[  768.714132][ T2596] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  768.723336][ T1019] EXT4-fs (loop0): Total free blocks count 0
[  768.729172][ T2596] usb 4-1: config 1 has no interface number 1
[  768.745986][ T1019] EXT4-fs (loop0): Free/Dirty block details
[  768.748110][ T7146] loop2: detected capacity change from 0 to 2048
[  768.751693][ T1019] EXT4-fs (loop0): free_blocks=68451041280
[  768.751713][ T1019] EXT4-fs (loop0): dirty_blocks=3392
[  768.751724][ T1019] EXT4-fs (loop0): Block reservation details
[  768.751732][ T1019] EXT4-fs (loop0): i_reserved_data_blocks=212
[  768.755126][ T2596] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  768.763249][ T7146] EXT4-fs: Ignoring removed mblk_io_submit option
[  768.765192][ T2596] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  768.768967][ T7146] ext2: Bad value for 'commit'
[  768.781530][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1332 with error 28
[  768.825707][ T2596] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.833547][ T2596] usb 4-1: Product: syz
[  768.838140][ T2596] usb 4-1: Manufacturer: syz
[  768.847919][ T2596] usb 4-1: SerialNumber: syz
[  768.943418][   T28] audit: type=1400 audit(1734789626.923:268): avc:  denied  { read } for  pid=7151 comm="syz.0.1400" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  768.966664][   T28] audit: type=1400 audit(1734789626.933:269): avc:  denied  { open } for  pid=7151 comm="syz.0.1400" path="/dev/ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  768.972185][ T7152] loop0: detected capacity change from 0 to 256
[  768.997772][   T28] audit: type=1400 audit(1734789626.933:270): avc:  denied  { ioctl } for  pid=7151 comm="syz.0.1400" path="/dev/ptp0" dev="devtmpfs" ino=260 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  769.806112][ T7109] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1393'.
[  769.841910][   T28] audit: type=1400 audit(1734789627.823:271): avc:  denied  { mount } for  pid=7151 comm="syz.0.1400" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  769.869510][ T2596] usb 4-1: USB disconnect, device number 11
[  770.028981][ T7165] loop1: detected capacity change from 0 to 16
[  770.231146][ T7165] erofs: (device loop1): mounted with root inode @ nid 36.
[  770.243461][ T7165] syz.1.1405[7165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  770.243547][ T7165] syz.1.1405[7165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  770.418977][ T7169] FAULT_INJECTION: forcing a failure.
[  770.418977][ T7169] name failslab, interval 1, probability 0, space 0, times 1
[  770.442577][ T7169] CPU: 0 PID: 7169 Comm: syz.1.1405 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  770.453630][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  770.463517][ T7169] Call Trace:
[  770.466649][ T7169]  <TASK>
[  770.469435][ T7169]  dump_stack_lvl+0x151/0x1b7
[  770.473928][ T7169]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  770.479225][ T7169]  ? __switch_to+0x62c/0x1190
[  770.483741][ T7169]  ? find_lock_lowest_rq+0x75/0x480
[  770.488777][ T7169]  dump_stack+0x15/0x18
[  770.492765][ T7169]  should_fail_ex+0x3d0/0x520
[  770.497281][ T7169]  __should_failslab+0xaf/0xf0
[  770.501874][ T7169]  ? __get_vm_area_node+0x129/0x370
[  770.506910][ T7169]  should_failslab+0x9/0x20
[  770.511250][ T7169]  __kmem_cache_alloc_node+0x3d/0x2a0
[  770.516458][ T7169]  ? finish_task_switch+0x167/0x7b0
[  770.521491][ T7169]  ? requeue_task_rt+0x410/0x410
[  770.526265][ T7169]  ? __get_vm_area_node+0x129/0x370
[  770.531302][ T7169]  kmalloc_node_trace+0x26/0xb0
[  770.534814][ T7171] loop2: detected capacity change from 0 to 1024
[  770.535987][ T7169]  __get_vm_area_node+0x129/0x370
[  770.536023][ T7169]  __vmalloc_node_range+0x338/0x1560
[  770.552131][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.557516][ T7169]  ? __kasan_check_read+0x11/0x20
[  770.557613][   T28] audit: type=1400 audit(1734789628.533:272): avc:  denied  { unmount } for  pid=614 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  770.562369][ T7169]  ? selinux_capable+0x1f2/0x430
[  770.586673][ T7169]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[  770.592577][ T7169]  ? irqentry_exit+0x30/0x40
[  770.596998][ T7169]  ? vmap+0x2b0/0x2b0
[  770.600823][ T7169]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  770.606287][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.611670][ T7169]  ? bpf_prog_load_check_attach+0x107/0x2b0
[  770.617396][ T7169]  ? bpf_prog_load+0x7e9/0x1bf0
[  770.622082][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.627461][ T7169]  __vmalloc+0x7a/0x90
[  770.631369][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.636754][ T7169]  bpf_prog_alloc_no_stats+0x3e/0x400
[  770.641967][ T7169]  ? security_capable+0x87/0xb0
[  770.646646][ T7169]  bpf_prog_alloc+0x22/0x1c0
[  770.651072][ T7169]  bpf_prog_load+0x84a/0x1bf0
[  770.655592][ T7169]  ? map_freeze+0x3a0/0x3a0
[  770.659928][ T7169]  ? selinux_bpf+0xcb/0x100
[  770.664261][ T7169]  ? security_bpf+0x82/0xb0
[  770.668603][ T7169]  __sys_bpf+0x52c/0x7f0
[  770.672683][ T7169]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  770.677895][ T7169]  ? fpregs_restore_userregs+0x130/0x290
[  770.683359][ T7169]  __x64_sys_bpf+0x7c/0x90
[  770.687611][ T7169]  x64_sys_call+0x87f/0x9a0
[  770.691951][ T7169]  do_syscall_64+0x3b/0xb0
[  770.696203][ T7169]  ? clear_bhb_loop+0x55/0xb0
[  770.700723][ T7169]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  770.706450][ T7169] RIP: 0033:0x7f0f6b785d29
[  770.710696][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.730140][ T7169] RSP: 002b:00007f0f6c65a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  770.738388][ T7169] RAX: ffffffffffffffda RBX: 00007f0f6b976160 RCX: 00007f0f6b785d29
[  770.746194][ T7169] RDX: 0000000000000094 RSI: 0000000020000980 RDI: 0000000000000005
[  770.754006][ T7169] RBP: 00007f0f6c65a090 R08: 0000000000000000 R09: 0000000000000000
[  770.761819][ T7169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.769631][ T7169] R13: 0000000000000000 R14: 00007f0f6b976160 R15: 00007ffe24990148
[  770.777445][ T7169]  </TASK>
[  770.780502][ T7169] syz.1.1405: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0
[  770.796537][ T7169] CPU: 0 PID: 7169 Comm: syz.1.1405 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  770.807709][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  770.817605][ T7169] Call Trace:
[  770.820725][ T7169]  <TASK>
[  770.823504][ T7169]  dump_stack_lvl+0x151/0x1b7
[  770.828024][ T7169]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  770.833312][ T7169]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  770.838953][ T7169]  dump_stack+0x15/0x18
[  770.842944][ T7169]  warn_alloc+0x21a/0x3a0
[  770.847111][ T7169]  ? should_failslab+0x9/0x20
[  770.851625][ T7169]  ? zone_watermark_ok_safe+0x270/0x270
[  770.857005][ T7169]  ? kmalloc_node_trace+0x3d/0xb0
[  770.861867][ T7169]  ? __get_vm_area_node+0x361/0x370
[  770.866903][ T7169]  __vmalloc_node_range+0x35c/0x1560
[  770.872020][ T7169]  ? __kasan_check_read+0x11/0x20
[  770.876883][ T7169]  ? selinux_capable+0x1f2/0x430
[  770.881654][ T7169]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[  770.887557][ T7169]  ? irqentry_exit+0x30/0x40
[  770.891982][ T7169]  ? vmap+0x2b0/0x2b0
[  770.895804][ T7169]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  770.901269][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.906647][ T7169]  ? bpf_prog_load_check_attach+0x107/0x2b0
[  770.912374][ T7169]  ? bpf_prog_load+0x7e9/0x1bf0
[  770.917062][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.922446][ T7169]  __vmalloc+0x7a/0x90
[  770.926351][ T7169]  ? bpf_prog_alloc_no_stats+0x3e/0x400
[  770.931731][ T7169]  bpf_prog_alloc_no_stats+0x3e/0x400
[  770.936939][ T7169]  ? security_capable+0x87/0xb0
[  770.941633][ T7169]  bpf_prog_alloc+0x22/0x1c0
[  770.946054][ T7169]  bpf_prog_load+0x84a/0x1bf0
[  770.950568][ T7169]  ? map_freeze+0x3a0/0x3a0
[  770.954912][ T7169]  ? selinux_bpf+0xcb/0x100
[  770.959245][ T7169]  ? security_bpf+0x82/0xb0
[  770.963589][ T7169]  __sys_bpf+0x52c/0x7f0
[  770.967667][ T7169]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  770.972878][ T7169]  ? fpregs_restore_userregs+0x130/0x290
[  770.978351][ T7169]  __x64_sys_bpf+0x7c/0x90
[  770.982592][ T7169]  x64_sys_call+0x87f/0x9a0
[  770.986932][ T7169]  do_syscall_64+0x3b/0xb0
[  770.991185][ T7169]  ? clear_bhb_loop+0x55/0xb0
[  770.995704][ T7169]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  771.001424][ T7169] RIP: 0033:0x7f0f6b785d29
[  771.005683][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.025122][ T7169] RSP: 002b:00007f0f6c65a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  771.033364][ T7169] RAX: ffffffffffffffda RBX: 00007f0f6b976160 RCX: 00007f0f6b785d29
[  771.041176][ T7169] RDX: 0000000000000094 RSI: 0000000020000980 RDI: 0000000000000005
[  771.048985][ T7169] RBP: 00007f0f6c65a090 R08: 0000000000000000 R09: 0000000000000000
[  771.056800][ T7169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.064609][ T7169] R13: 0000000000000000 R14: 00007f0f6b976160 R15: 00007ffe24990148
[  771.072453][ T7169]  </TASK>
[  771.075574][ T7169] Mem-Info:
[  771.078532][ T7169] active_anon:12942 inactive_anon:2 isolated_anon:0
[  771.078532][ T7169]  active_file:19404 inactive_file:2174 isolated_file:0
[  771.078532][ T7169]  unevictable:0 dirty:250 writeback:0
[  771.078532][ T7169]  slab_reclaimable:13449 slab_unreclaimable:69060
[  771.078532][ T7169]  mapped:37377 shmem:9036 pagetables:630
[  771.078532][ T7169]  sec_pagetables:0 bounce:0
[  771.078532][ T7169]  kernel_misc_reclaimable:0
[  771.078532][ T7169]  free:1497742 free_pcp:18557 free_cma:0
[  771.123916][ T7169] Node 0 active_anon:51768kB inactive_anon:8kB active_file:77616kB inactive_file:8696kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:149508kB dirty:1000kB writeback:0kB shmem:36144kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4984kB pagetables:2520kB sec_pagetables:0kB all_unreclaimable? no
[  771.155982][ T7169] DMA32 free:2966484kB boost:0kB min:62552kB low:78188kB high:93824kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2971540kB mlocked:0kB bounce:0kB free_pcp:5056kB local_pcp:5056kB free_cma:0kB
[  771.184047][ T7169] lowmem_reserve[]: 0 3932 3932 3932
[  771.189309][ T7169] Normal free:3024484kB boost:0kB min:84900kB low:106124kB high:127348kB reserved_highatomic:0KB active_anon:51768kB inactive_anon:8kB active_file:77616kB inactive_file:8696kB unevictable:0kB writepending:1000kB present:5242880kB managed:4026400kB mlocked:0kB bounce:0kB free_pcp:69168kB local_pcp:49512kB free_cma:0kB
[  771.218914][ T7169] lowmem_reserve[]: 0 0 0 0
[  771.223328][ T7169] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 722*4096kB (M) = 2966484kB
[  771.238986][ T7169] Normal: 25*4kB (UME) 16*8kB (ME) 2*16kB (ME) 11*32kB (UM) 332*64kB (UM) 130*128kB (UME) 24*256kB (UME) 30*512kB (UME) 13*1024kB (M) 3*2048kB (UM) 719*4096kB (M) = 3024484kB
[  771.256542][ T7169] 30642 total pagecache pages
[  771.261050][ T7169] 2 pages in swap cache
[  771.265075][ T7169] Free swap  = 124984kB
[  771.269019][ T7169] Total swap = 124996kB
[  771.273012][ T7169] 2097051 pages RAM
[  771.276684][ T7169] 0 pages HighMem/MovableOnly
[  771.281282][ T7169] 347566 pages reserved
[  771.285320][ T7169] 0 pages cma reserved
[  772.129894][  T615] EXT4-fs (loop3): unmounting filesystem.
[  772.152613][ T7183] loop0: detected capacity change from 0 to 1024
[  772.199671][ T7183] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  772.221058][ T7183] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7183 comm=syz.0.1410
[  772.261845][ T7171] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  772.421324][ T7171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7171 comm=syz.2.1406
[  773.137674][ T1019] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  773.164938][ T2596] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  773.196037][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  773.224818][ T1019] EXT4-fs (loop0): This should not happen!! Data will be lost
[  773.224818][ T1019] 
[  773.244401][ T1019] EXT4-fs (loop0): Total free blocks count 0
[  773.256835][ T1019] EXT4-fs (loop0): Free/Dirty block details
[  773.267073][ T1019] EXT4-fs (loop0): free_blocks=68451041280
[  773.295463][ T1019] EXT4-fs (loop0): dirty_blocks=16384
[  773.300665][ T1019] EXT4-fs (loop0): Block reservation details
[  773.336841][ T1019] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  773.355031][ T2596] usb 2-1: Using ep0 maxpacket: 32
[  773.364737][ T2596] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 249, changing to 7
[  773.376219][ T2596] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 66, changing to 7
[  773.387553][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  773.413037][ T1019] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  773.416159][ T2596] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  773.427807][ T1019] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  773.448898][ T1019] EXT4-fs (loop2): This should not happen!! Data will be lost
[  773.448898][ T1019] 
[  773.458483][ T1019] EXT4-fs (loop2): Total free blocks count 0
[  773.464268][ T1019] EXT4-fs (loop2): Free/Dirty block details
[  773.470196][ T1019] EXT4-fs (loop2): free_blocks=68451041280
[  773.475865][ T1019] EXT4-fs (loop2): dirty_blocks=16384
[  773.476097][ T2596] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.481010][ T1019] EXT4-fs (loop2): Block reservation details
[  773.481022][ T1019] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  773.492669][ T1019] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  773.513193][ T2596] usb 2-1: Product: 倊
[  773.517491][ T2596] usb 2-1: Manufacturer: ь
[  773.521806][ T2596] usb 2-1: SerialNumber: Ⰺ
[  773.547118][ T7212] loop3: detected capacity change from 0 to 1024
[  773.581576][ T7216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7216 comm=syz.4.1418
[  773.600030][ T7212] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  773.793905][ T7217] loop4: detected capacity change from 0 to 512
[  773.838031][ T7217] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.1418: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  773.856532][ T7217] EXT4-fs error (device loop4): ext4_quota_enable:6982: comm syz.4.1418: Bad quota inode: 3, type: 0
[  773.872788][  T615] EXT4-fs (loop3): unmounting filesystem.
[  773.884940][ T7217] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  773.955161][ T7217] EXT4-fs (loop4): mount failed
[  773.981051][ T7226] loop3: detected capacity change from 0 to 1024
[  773.992490][   T28] audit: type=1400 audit(1734789631.973:273): avc:  denied  { relabelfrom } for  pid=7189 comm="syz.1.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  773.995335][ T7228] loop2: detected capacity change from 0 to 2048
[  774.012312][   T28] audit: type=1400 audit(1734789631.973:274): avc:  denied  { relabelto } for  pid=7189 comm="syz.1.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  774.048365][ T7228] EXT4-fs: Ignoring removed mblk_io_submit option
[  774.054706][ T7228] ext2: Bad value for 'commit'
[  774.080277][ T7231] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1414'.
[  774.371358][ T7226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  775.238042][ T6256] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  775.253250][ T6256] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  775.265824][ T6256] EXT4-fs (loop3): This should not happen!! Data will be lost
[  775.265824][ T6256] 
[  775.275503][ T6256] EXT4-fs (loop3): Total free blocks count 0
[  775.281420][ T6256] EXT4-fs (loop3): Free/Dirty block details
[  775.294928][ T6256] EXT4-fs (loop3): free_blocks=68451041280
[  775.306729][ T6256] EXT4-fs (loop3): dirty_blocks=16384
[  775.318461][ T6256] EXT4-fs (loop3): Block reservation details
[  775.332295][ T2596] usb 2-1: 2:1: invalid format type 0x1001 is detected, processed as PCM
[  775.335144][ T6256] EXT4-fs (loop3): i_reserved_data_blocks=1024
[  775.346624][ T2596] usb 2-1: 2:1 : sample bitwidth 11 in over sample bytes 1
[  775.353640][ T2596] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  775.366158][ T6256] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  775.379994][ T2596] usb 2-1: USB disconnect, device number 12
[  775.447701][ T7251] loop2: detected capacity change from 0 to 1024
[  775.472803][ T7249] loop1: detected capacity change from 0 to 512
[  775.494417][ T7249] EXT4-fs: Ignoring removed i_version option
[  775.512398][ T7253] loop4: detected capacity change from 0 to 512
[  775.527103][ T7249] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  775.544577][ T7251] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  775.556860][ T7251] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7251 comm=syz.2.1424
[  775.594467][ T7253] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  775.606104][ T7249] EXT4-fs (loop1): 1 truncate cleaned up
[  775.611585][ T7249] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  775.620339][ T7253] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  775.621457][   T28] audit: type=1400 audit(1734789633.603:275): avc:  denied  { remount } for  pid=7248 comm="syz.1.1423" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  775.636074][ T7249] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  775.812754][   T28] audit: type=1400 audit(1734789633.793:276): avc:  denied  { mounton } for  pid=7248 comm="syz.1.1423" path="/316/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  775.856375][ T7249] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7249 comm=syz.1.1423
[  775.887120][   T28] audit: type=1400 audit(1734789633.843:277): avc:  denied  { unmount } for  pid=615 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  775.907782][ T7261] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  775.916365][ T7265] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.923232][ T7265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  775.944944][   T28] audit: type=1400 audit(1734789633.893:278): avc:  denied  { create } for  pid=7264 comm="syz.3.1426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  775.984938][ T2596] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  775.985183][   T28] audit: type=1400 audit(1734789633.903:279): avc:  denied  { ioctl } for  pid=7264 comm="syz.3.1426" path="socket:[39896]" dev="sockfs" ino=39896 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  776.166017][ T2596] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  776.178036][ T2596] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  776.197693][ T2596] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  776.222064][ T2596] usb 5-1: config 1 has no interface number 1
[  776.231573][  T648] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  776.251779][ T2596] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  776.271441][  T648] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  776.278924][ T2596] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  776.293855][  T648] EXT4-fs (loop2): This should not happen!! Data will be lost
[  776.293855][  T648] 
[  776.305514][ T2596] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  776.314017][  T648] EXT4-fs (loop2): Total free blocks count 0
[  776.322087][ T2596] usb 5-1: Product: syz
[  776.324102][  T648] EXT4-fs (loop2): Free/Dirty block details
[  776.330462][ T2596] usb 5-1: Manufacturer: syz
[  776.341621][ T2596] usb 5-1: SerialNumber: syz
[  776.345398][  T648] EXT4-fs (loop2): free_blocks=68451041280
[  776.354368][  T648] EXT4-fs (loop2): dirty_blocks=16384
[  776.372555][  T648] EXT4-fs (loop2): Block reservation details
[  776.378640][  T648] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  776.411152][  T279] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  776.445500][  T616] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /316/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  776.486917][  T616] EXT4-fs (loop1): unmounting filesystem.
[  776.512196][ T7273] loop1: detected capacity change from 0 to 512
[  776.547676][ T7273] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  776.557025][ T7253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1425'.
[  776.562998][ T7273] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  776.615061][ T2596] usb 5-1: USB disconnect, device number 8
[  776.864968][ T6621] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  777.256052][ T6621] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  777.269388][ T6621] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  777.298096][  T617] EXT4-fs (loop4): unmounting filesystem.
[  777.303728][ T6621] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  777.314384][ T6621] usb 2-1: config 1 has no interface number 1
[  777.320781][ T6621] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  777.340052][ T6621] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  777.624995][ T6621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.633741][ T6621] usb 2-1: Product: syz
[  777.637683][ T6621] usb 2-1: Manufacturer: syz
[  777.642076][ T6621] usb 2-1: SerialNumber: syz
[  777.662386][   T28] audit: type=1400 audit(1734789635.643:280): avc:  denied  { read write } for  pid=7296 comm="syz.0.1434" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  777.763531][   T28] audit: type=1400 audit(1734789635.673:281): avc:  denied  { open } for  pid=7296 comm="syz.0.1434" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  777.786877][   T28] audit: type=1400 audit(1734789635.673:282): avc:  denied  { create } for  pid=7296 comm="syz.0.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  777.875144][ T7273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1430'.
[  777.897238][ T7305] loop0: detected capacity change from 0 to 16
[  777.910171][   T28] audit: type=1400 audit(1734789635.873:283): avc:  denied  { ioctl } for  pid=7296 comm="syz.0.1434" path="socket:[39921]" dev="sockfs" ino=39921 ioctlcmd=0x48de scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  778.119132][ T7305] erofs: (device loop0): mounted with root inode @ nid 36.
[  778.402275][ T6621] usb 2-1: USB disconnect, device number 13
[  778.434370][ T7311] loop3: detected capacity change from 0 to 2048
[  778.440863][ T7311] EXT4-fs: Ignoring removed mblk_io_submit option
[  778.447427][ T7311] ext2: Bad value for 'commit'
[  778.524255][   T28] audit: type=1400 audit(1734789636.503:284): avc:  denied  { unmount } for  pid=614 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  778.615629][ T3793] udevd[3793]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  779.374819][  T616] EXT4-fs (loop1): unmounting filesystem.
[  780.204950][ T3002] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  780.485038][ T3002] usb 2-1: Using ep0 maxpacket: 32
[  780.524252][ T3002] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  780.820982][ T3002] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.672243][ T7354] loop0: detected capacity change from 0 to 8192
[  781.725447][ T7354]  loop0: p1 p2 p3 p4[EZD]
[  781.730128][ T7354] loop0: p1 size 16128 extends beyond EOD, truncated
[  781.746851][ T7354] loop0: p3 start 458783 is beyond EOD, truncated
[  781.763302][ T7354] loop0: p4 size 65536 extends beyond EOD, truncated
[  781.875537][  T614] __loop_clr_fd: partition scan of loop0 failed (rc=-16)
[  781.882742][ T3793] I/O error, dev loop0, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  781.905010][ T3793] I/O error, dev loop0, sector 8064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  781.917812][ T3002] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  781.928471][ T3002] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.949842][ T3793] Buffer I/O error on dev loop0p1, logical block 880, async page read
[  781.985061][  T707] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  782.008712][ T3002] usb 2-1: config 0 descriptor??
[  782.022108][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  782.027652][ T7371] loop0: detected capacity change from 0 to 8192
[  782.033257][ T3797] udevd[3797]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  782.049476][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  782.077834][ T7371]  loop0: p1 p2 p3 p4[EZD]
[  782.083829][ T7371] loop0: p1 size 16128 extends beyond EOD, truncated
[  782.133125][ T7371] loop0: p3 start 458783 is beyond EOD, truncated
[  782.153246][ T7371] loop0: p4 size 65536 extends beyond EOD, truncated
[  782.360414][  T102]  loop0: p1 p2 p3 p4[EZD]
[  782.365506][  T102] loop0: p1 size 16128 extends beyond EOD, truncated
[  782.373108][ T3002] usbhid 2-1:0.0: can't add hid device: -71
[  782.379741][ T3002] usbhid: probe of 2-1:0.0 failed with error -71
[  782.386942][ T3002] usb 2-1: USB disconnect, device number 14
[  782.407576][  T102] loop0: p3 start 458783 is beyond EOD, truncated
[  782.415542][ T7381] loop1: detected capacity change from 0 to 2048
[  782.416944][  T102] loop0: p4 size 65536 extends beyond EOD, truncated
[  782.429101][ T7381] EXT4-fs: Ignoring removed mblk_io_submit option
[  782.435730][ T7381] ext2: Bad value for 'commit'
[  782.456033][  T707] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  782.468107][  T707] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.540926][  T707] usb 5-1: config 0 descriptor??
[  782.586314][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  782.602478][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  782.956584][ T3796] udevd[3796]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  782.978993][   T28] audit: type=1400 audit(1734789640.963:285): avc:  denied  { setopt } for  pid=7363 comm="syz.4.1448" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  783.004218][ T3002] usb 5-1: USB disconnect, device number 9
[  783.019356][ T3793] udevd[3793]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  783.030248][ T3821] udevd[3821]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  783.108833][ T3797] udevd[3797]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  783.645717][ T7402] FAULT_INJECTION: forcing a failure.
[  783.645717][ T7402] name failslab, interval 1, probability 0, space 0, times 0
[  783.658234][ T7402] CPU: 0 PID: 7402 Comm: syz.1.1455 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  783.669249][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  783.679143][ T7402] Call Trace:
[  783.682263][ T7402]  <TASK>
[  783.685058][ T7402]  dump_stack_lvl+0x151/0x1b7
[  783.689560][ T7402]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  783.694851][ T7402]  dump_stack+0x15/0x18
[  783.698841][ T7402]  should_fail_ex+0x3d0/0x520
[  783.703358][ T7402]  __should_failslab+0xaf/0xf0
[  783.707957][ T7402]  ? __se_sys_mount+0x156/0x3b0
[  783.712643][ T7402]  should_failslab+0x9/0x20
[  783.716979][ T7402]  __kmem_cache_alloc_node+0x3d/0x2a0
[  783.722190][ T7402]  ? _copy_from_user+0x90/0xc0
[  783.726787][ T7402]  ? __se_sys_mount+0x156/0x3b0
[  783.731475][ T7402]  kmalloc_trace+0x2a/0xa0
[  783.735730][ T7402]  __se_sys_mount+0x156/0x3b0
[  783.740241][ T7402]  ? __this_cpu_preempt_check+0x13/0x20
[  783.745624][ T7402]  ? __x64_sys_mount+0xd0/0xd0
[  783.750221][ T7402]  __x64_sys_mount+0xbf/0xd0
[  783.754647][ T7402]  x64_sys_call+0x49d/0x9a0
[  783.758985][ T7402]  do_syscall_64+0x3b/0xb0
[  783.763240][ T7402]  ? clear_bhb_loop+0x55/0xb0
[  783.767755][ T7402]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  783.773483][ T7402] RIP: 0033:0x7f0f6b785d29
[  783.777739][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.797174][ T7402] RSP: 002b:00007f0f6c69c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  783.805430][ T7402] RAX: ffffffffffffffda RBX: 00007f0f6b975fa0 RCX: 00007f0f6b785d29
[  783.813230][ T7402] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[  783.821042][ T7402] RBP: 00007f0f6c69c090 R08: 0000000020000400 R09: 0000000000000000
[  783.828853][ T7402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.836671][ T7402] R13: 0000000000000000 R14: 00007f0f6b975fa0 R15: 00007ffe24990148
[  783.844492][ T7402]  </TASK>
[  785.284969][ T7423] overlayfs: failed to get inode (-116)
[  785.290480][ T7423] overlayfs: failed to get inode (-116)
[  785.300351][ T7423] overlayfs: failed to get inode (-116)
[  785.305989][ T7423] overlayfs: failed to get inode (-116)
[  785.318580][ T7424] loop0: detected capacity change from 0 to 1024
[  785.348283][ T7424] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  785.351599][ T7431] loop2: detected capacity change from 0 to 1024
[  785.372690][ T7431] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  785.728900][ T7440] device vlan2 entered promiscuous mode
[  785.831814][ T7447] loop4: detected capacity change from 0 to 2048
[  785.862685][ T7447] EXT4-fs: Ignoring removed mblk_io_submit option
[  785.922334][ T7447] ext2: Bad value for 'commit'
[  786.443139][  T279] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  786.464154][ T7458] loop3: detected capacity change from 0 to 2048
[  786.479557][ T7458] EXT4-fs: Ignoring removed mblk_io_submit option
[  786.489376][  T279] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  786.490007][ T7458] ext2: Bad value for 'commit'
[  786.521865][  T279] EXT4-fs (loop0): This should not happen!! Data will be lost
[  786.521865][  T279] 
[  786.542036][  T279] EXT4-fs (loop0): Total free blocks count 0
[  786.562250][  T279] EXT4-fs (loop0): Free/Dirty block details
[  786.568013][  T279] EXT4-fs (loop0): free_blocks=68451041280
[  786.577883][  T279] EXT4-fs (loop0): dirty_blocks=16384
[  786.590809][  T279] EXT4-fs (loop0): Block reservation details
[  786.654866][  T279] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  786.676814][    T8] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  786.691575][  T279] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  786.735305][  T279] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  786.749942][  T279] EXT4-fs (loop2): This should not happen!! Data will be lost
[  786.749942][  T279] 
[  786.793486][  T279] EXT4-fs (loop2): Total free blocks count 0
[  786.807611][  T279] EXT4-fs (loop2): Free/Dirty block details
[  786.818100][  T279] EXT4-fs (loop2): free_blocks=68451041280
[  786.823875][  T279] EXT4-fs (loop2): dirty_blocks=16384
[  786.829428][  T279] EXT4-fs (loop2): Block reservation details
[  786.835986][  T279] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  786.858621][    T8] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  786.907388][ T7468] loop0: detected capacity change from 0 to 256
[  787.219857][ T7468] FAT-fs (loop0): Unrecognized mount option "time_offsrt=0xfffffffffffffbb5" or missing value
[  787.294720][   T28] audit: type=1326 audit(1734789645.273:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7465 comm="syz.0.1468" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7fabe0985d29 code=0x0
[  787.356035][ T7475] loop0: detected capacity change from 0 to 2048
[  787.372268][ T7475] EXT4-fs: Ignoring removed mblk_io_submit option
[  787.378828][ T7475] ext2: Bad value for 'commit'
[  787.429023][ T3793] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  787.475010][   T28] audit: type=1400 audit(1734789645.453:287): avc:  denied  { read } for  pid=7481 comm="syz.3.1473" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  787.536356][   T28] audit: type=1400 audit(1734789645.453:288): avc:  denied  { open } for  pid=7481 comm="syz.3.1473" path="/dev/uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  788.399649][ T7490] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  788.407490][   T28] audit: type=1400 audit(1734789645.453:289): avc:  denied  { ioctl } for  pid=7481 comm="syz.3.1473" path="/dev/uinput" dev="devtmpfs" ino=258 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  788.435422][ T7490] audit: out of memory in audit_log_start
[  788.469452][ T7496] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1475'.
[  788.480870][   T28] audit: type=1400 audit(1734789646.383:290): avc:  denied  { create } for  pid=7489 comm="syz.1.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  788.513003][   T28] audit: type=1400 audit(1734789646.383:291): avc:  denied  { bind } for  pid=7489 comm="syz.1.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  788.557537][   T28] audit: type=1400 audit(1734789646.383:292): avc:  denied  { listen } for  pid=7489 comm="syz.1.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  788.588688][   T28] audit: type=1400 audit(1734789646.383:293): avc:  denied  { connect } for  pid=7489 comm="syz.1.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  788.599323][ T7496] loop2: detected capacity change from 0 to 256
[  788.609946][   T28] audit: type=1400 audit(1734789646.573:294): avc:  denied  { ioctl } for  pid=7495 comm="syz.2.1475" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=41736 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  788.641875][ T7504] device vlan2 entered promiscuous mode
[  788.693995][ T7496] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  788.819364][ T7509] overlayfs: failed to get inode (-116)
[  788.825072][ T7509] overlayfs: failed to get inode (-116)
[  788.830475][ T7509] overlayfs: failed to get inode (-116)
[  788.844391][ T7511] overlayfs: failed to get inode (-116)
[  788.855491][ T7511] overlayfs: failed to get inode (-116)
[  788.861228][ T7509] overlayfs: failed to get inode (-116)
[  788.933814][ T7513] loop2: detected capacity change from 0 to 2048
[  788.937950][ T7515] loop3: detected capacity change from 0 to 2048
[  788.947993][ T7513] EXT4-fs: Ignoring removed mblk_io_submit option
[  788.964436][ T7513] ext2: Bad value for 'commit'
[  788.982263][ T7515] EXT4-fs: Ignoring removed mblk_io_submit option
[  789.003079][ T7515] ext2: Bad value for 'commit'
[  791.341000][ T7548] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7548 comm=syz.0.1489
[  791.893946][ T7548] loop0: detected capacity change from 0 to 512
[  791.908396][ T7554] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1491'.
[  791.925607][ T7559] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7559 comm=syz.3.1490
[  791.943175][ T7548] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #3: comm syz.0.1489: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  791.961337][ T7548] EXT4-fs error (device loop0): ext4_quota_enable:6982: comm syz.0.1489: Bad quota inode: 3, type: 0
[  791.972491][ T7548] EXT4-fs warning (device loop0): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  791.987429][ T7548] EXT4-fs (loop0): mount failed
[  792.008932][   T28] audit: type=1400 audit(1734789649.993:295): avc:  denied  { setattr } for  pid=7553 comm="syz.1.1491" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  792.126739][ T7559] loop3: detected capacity change from 0 to 512
[  792.152885][ T7559] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.1490: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  792.205836][ T7559] EXT4-fs error (device loop3): ext4_quota_enable:6982: comm syz.3.1490: Bad quota inode: 3, type: 0
[  792.219214][ T7559] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  792.237983][ T7559] EXT4-fs (loop3): mount failed
[  792.353452][ T7570] loop4: detected capacity change from 0 to 2048
[  792.386350][ T7570] EXT4-fs: Ignoring removed mblk_io_submit option
[  792.416370][ T7570] ext2: Bad value for 'commit'
[  792.434828][ T7575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1495'.
[  792.448497][ T7575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1495'.
[  792.501669][ T7580] loop1: detected capacity change from 0 to 512
[  792.589263][ T7581] device vlan2 entered promiscuous mode
[  792.916272][ T7592] FAULT_INJECTION: forcing a failure.
[  792.916272][ T7592] name failslab, interval 1, probability 0, space 0, times 0
[  793.123665][ T7592] CPU: 0 PID: 7592 Comm: syz.1.1499 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  793.134798][ T7592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  793.144697][ T7592] Call Trace:
[  793.147813][ T7592]  <TASK>
[  793.150593][ T7592]  dump_stack_lvl+0x151/0x1b7
[  793.155104][ T7592]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  793.160400][ T7592]  ? release_sock+0x163/0x1b0
[  793.164922][ T7592]  dump_stack+0x15/0x18
[  793.168902][ T7592]  should_fail_ex+0x3d0/0x520
[  793.173418][ T7592]  __should_failslab+0xaf/0xf0
[  793.178016][ T7592]  should_failslab+0x9/0x20
[  793.182443][ T7592]  kmem_cache_alloc_node+0x42/0x330
[  793.187480][ T7592]  ? __alloc_skb+0xcc/0x2d0
[  793.191816][ T7592]  __alloc_skb+0xcc/0x2d0
[  793.196072][ T7592]  netlink_sendmsg+0x7a6/0xd30
[  793.200675][ T7592]  ? netlink_getsockopt+0x540/0x540
[  793.205708][ T7592]  ? security_socket_sendmsg+0x82/0xb0
[  793.211000][ T7592]  ? netlink_getsockopt+0x540/0x540
[  793.216031][ T7592]  ____sys_sendmsg+0x5d3/0x9a0
[  793.220654][ T7592]  ? __sys_sendmsg_sock+0x40/0x40
[  793.225497][ T7592]  __sys_sendmsg+0x2a9/0x390
[  793.229920][ T7592]  ? ____sys_sendmsg+0x9a0/0x9a0
[  793.234707][ T7592]  ? fpregs_restore_userregs+0x130/0x290
[  793.240165][ T7592]  __x64_sys_sendmsg+0x7f/0x90
[  793.244862][ T7592]  x64_sys_call+0x16a/0x9a0
[  793.249201][ T7592]  do_syscall_64+0x3b/0xb0
[  793.253448][ T7592]  ? clear_bhb_loop+0x55/0xb0
[  793.257963][ T7592]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  793.263691][ T7592] RIP: 0033:0x7f0f6b785d29
[  793.267943][ T7592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.287385][ T7592] RSP: 002b:00007f0f6c69c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  793.295633][ T7592] RAX: ffffffffffffffda RBX: 00007f0f6b975fa0 RCX: 00007f0f6b785d29
[  793.303443][ T7592] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  793.311254][ T7592] RBP: 00007f0f6c69c090 R08: 0000000000000000 R09: 0000000000000000
[  793.319066][ T7592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  793.326881][ T7592] R13: 0000000000000000 R14: 00007f0f6b975fa0 R15: 00007ffe24990148
[  793.334691][ T7592]  </TASK>
[  793.354835][ T7601] loop0: detected capacity change from 0 to 2048
[  793.367502][ T7601] EXT4-fs: Ignoring removed mblk_io_submit option
[  793.373840][ T7601] ext2: Bad value for 'commit'
[  793.470285][ T3793] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  794.995073][   T28] audit: type=1400 audit(1734789652.983:296): avc:  denied  { remount } for  pid=7618 comm="syz.2.1505" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  794.996753][ T7617] loop1: detected capacity change from 0 to 512
[  795.071332][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1506'.
[  795.088266][ T7625] FAULT_INJECTION: forcing a failure.
[  795.088266][ T7625] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  795.143136][ T7625] CPU: 0 PID: 7625 Comm: syz.3.1507 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  795.154350][ T7625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  795.164245][ T7625] Call Trace:
[  795.167364][ T7625]  <TASK>
[  795.170140][ T7625]  dump_stack_lvl+0x151/0x1b7
[  795.174654][ T7625]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  795.179947][ T7625]  ? stack_trace_save+0x113/0x1c0
[  795.184812][ T7625]  dump_stack+0x15/0x18
[  795.188799][ T7625]  should_fail_ex+0x3d0/0x520
[  795.193836][ T7625]  should_fail+0xb/0x10
[  795.197828][ T7625]  should_fail_usercopy+0x1a/0x20
[  795.202685][ T7625]  _copy_to_user+0x1e/0x90
[  795.206940][ T7625]  simple_read_from_buffer+0xc7/0x150
[  795.212149][ T7625]  proc_fail_nth_read+0x1a3/0x210
[  795.217011][ T7625]  ? proc_fault_inject_write+0x390/0x390
[  795.222475][ T7625]  ? fsnotify_perm+0x269/0x5b0
[  795.227162][ T7625]  ? security_file_permission+0x86/0xb0
[  795.232543][ T7625]  ? proc_fault_inject_write+0x390/0x390
[  795.238012][ T7625]  vfs_read+0x26c/0xae0
[  795.242004][ T7625]  ? htab_map_hash+0x356/0x7e0
[  795.246609][ T7625]  ? kernel_read+0x1f0/0x1f0
[  795.251029][ T7625]  ? mutex_lock+0xb1/0x1e0
[  795.255286][ T7625]  ? bit_wait_io_timeout+0x120/0x120
[  795.260407][ T7625]  ? __fdget_pos+0x2e2/0x390
[  795.264831][ T7625]  ? ksys_read+0x77/0x2c0
[  795.268998][ T7625]  ksys_read+0x199/0x2c0
[  795.273079][ T7625]  ? vfs_write+0xed0/0xed0
[  795.277329][ T7625]  __x64_sys_read+0x7b/0x90
[  795.281670][ T7625]  x64_sys_call+0x28/0x9a0
[  795.285923][ T7625]  do_syscall_64+0x3b/0xb0
[  795.290173][ T7625]  ? clear_bhb_loop+0x55/0xb0
[  795.294686][ T7625]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  795.300414][ T7625] RIP: 0033:0x7f77a978473c
[  795.304671][ T7625] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  795.324110][ T7625] RSP: 002b:00007f77aa647030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  795.332356][ T7625] RAX: ffffffffffffffda RBX: 00007f77a9975fa0 RCX: 00007f77a978473c
[  795.340165][ T7625] RDX: 000000000000000f RSI: 00007f77aa6470a0 RDI: 0000000000000006
[  795.347978][ T7625] RBP: 00007f77aa647090 R08: 0000000000000000 R09: 0000000000000000
[  795.355792][ T7625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.363602][ T7625] R13: 0000000000000000 R14: 00007f77a9975fa0 R15: 00007ffec3b87b78
[  795.371418][ T7625]  </TASK>
[  795.378903][ T7617] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  795.392139][ T7617] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  795.458226][ T7632] loop0: detected capacity change from 0 to 1024
[  795.486707][   T28] audit: type=1400 audit(1734789653.473:297): avc:  denied  { bind } for  pid=7634 comm="syz.3.1510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  795.487068][ T7632] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  795.506351][ T7635] Unsupported ieee802154 address type: 0
[  795.553724][ T7639] device vlan2 entered promiscuous mode
[  795.571103][   T28] audit: type=1400 audit(1734789653.553:298): avc:  denied  { map } for  pid=7634 comm="syz.3.1510" path="/proc/1047/map_files" dev="proc" ino=43053 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  795.714935][   T19] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  795.891076][ T7635] loop3: detected capacity change from 0 to 40427
[  795.901475][ T7635] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  795.908035][ T7635] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  795.917249][   T19] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  795.926492][   T19] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  795.936627][   T19] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  795.950049][   T19] usb 2-1: config 1 has no interface number 1
[  795.956401][   T19] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  795.970115][ T7635] F2FS-fs (loop3): Found nat_bits in checkpoint
[  795.977369][   T19] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  795.999484][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.016445][   T19] usb 2-1: Product: syz
[  796.023922][   T19] usb 2-1: Manufacturer: syz
[  796.037429][   T19] usb 2-1: SerialNumber: syz
[  796.060676][ T7635] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  796.071535][ T7635] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  796.131053][  T615] syz-executor: attempt to access beyond end of device
[  796.131053][  T615] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  796.251072][ T7617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1503'.
[  796.297946][   T19] usb 2-1: USB disconnect, device number 15
[  796.308535][ T3793] udevd[3793]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  796.312395][ T7645] loop3: detected capacity change from 0 to 2048
[  796.348697][ T7647] loop2: detected capacity change from 0 to 1024
[  796.356264][ T7645] EXT4-fs: Ignoring removed mblk_io_submit option
[  796.362764][ T7645] ext2: Bad value for 'commit'
[  796.376461][ T7647] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  796.388206][ T1347] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  796.412704][ T7647] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7647 comm=syz.2.1513
[  796.433263][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  796.445721][ T1347] EXT4-fs (loop0): This should not happen!! Data will be lost
[  796.445721][ T1347] 
[  796.456190][ T1347] EXT4-fs (loop0): Total free blocks count 0
[  796.462039][ T1347] EXT4-fs (loop0): Free/Dirty block details
[  796.469410][ T1347] EXT4-fs (loop0): free_blocks=68451041280
[  796.475732][ T1347] EXT4-fs (loop0): dirty_blocks=16320
[  796.481160][ T1347] EXT4-fs (loop0): Block reservation details
[  796.489064][ T1347] EXT4-fs (loop0): i_reserved_data_blocks=1020
[  796.558829][ T1347] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  797.096104][  T616] EXT4-fs (loop1): unmounting filesystem.
[  797.150713][ T7661] loop0: detected capacity change from 0 to 2048
[  797.157343][ T7661] EXT4-fs: Ignoring removed mblk_io_submit option
[  797.163668][ T7661] ext2: Bad value for 'commit'
[  798.456590][   T28] audit: type=1400 audit(1734789656.443:299): avc:  denied  { watch watch_reads } for  pid=7673 comm="syz.1.1517" path="/333" dev="tmpfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  798.654931][   T28] audit: type=1400 audit(1734789656.563:300): avc:  denied  { append } for  pid=7677 comm="syz.4.1518" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  798.705413][  T279] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  798.733368][  T279] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  798.760654][  T279] EXT4-fs (loop2): This should not happen!! Data will be lost
[  798.760654][  T279] 
[  798.780385][  T279] EXT4-fs (loop2): Total free blocks count 0
[  798.792833][  T279] EXT4-fs (loop2): Free/Dirty block details
[  798.811520][  T279] EXT4-fs (loop2): free_blocks=68451041280
[  798.823700][  T279] EXT4-fs (loop2): dirty_blocks=5216
[  798.834367][  T279] EXT4-fs (loop2): Block reservation details
[  798.847032][  T279] EXT4-fs (loop2): i_reserved_data_blocks=326
[  798.883034][  T279] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  799.093781][ T7688] loop2: detected capacity change from 0 to 2048
[  799.132414][ T7688] EXT4-fs: Ignoring removed mblk_io_submit option
[  799.169062][   T28] audit: type=1400 audit(1734789657.153:301): avc:  denied  { write } for  pid=7689 comm="syz.4.1521" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  799.195003][ T7688] ext2: Bad value for 'commit'
[  799.195609][ T7690] random: crng reseeded on system resumption
[  799.235055][   T28] audit: type=1400 audit(1734789657.183:302): avc:  denied  { open } for  pid=7689 comm="syz.4.1521" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  799.257746][ T7693] loop4: detected capacity change from 0 to 512
[  799.328873][ T7692] loop0: detected capacity change from 0 to 8192
[  799.348145][ T7693] EXT4-fs: Ignoring removed bh option
[  799.354207][ T7686] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1520'.
[  799.373442][ T7693] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  799.383071][ T7686] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1520'.
[  799.392026][ T7692]  loop0: p1 < > p2 p3 < p5 p6 > p4
[  799.397139][ T7692] loop0: partition table partially beyond EOD, truncated
[  799.406559][ T7692] loop0: p1 start 277760 is beyond EOD, truncated
[  799.415059][ T7692] loop0: p2 start 6684676 is beyond EOD, truncated
[  799.434521][   T28] audit: type=1400 audit(1734789657.413:303): avc:  denied  { ioctl } for  pid=7689 comm="syz.4.1521" path="/dev/snapshot" dev="devtmpfs" ino=91 ioctlcmd=0x941f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  799.439107][ T7692] loop0: p5 start 6684676 is beyond EOD, 
[  799.487649][ T7699] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  799.488008][ T7692] truncated
[  799.510532][  T102]  loop0: p1 < > p2 p3 < p5 p6 > p4
[  799.515703][  T102] loop0: partition table partially beyond EOD, truncated
[  799.522664][  T102] loop0: p1 start 277760 is beyond EOD, truncated
[  799.529643][  T102] loop0: p2 start 6684676 is beyond EOD, truncated
[  799.536960][  T102] loop0: p5 start 6684676 is beyond EOD, truncated
[  799.684404][ T7704] loop3: detected capacity change from 0 to 2048
[  799.695406][ T7704] EXT4-fs: Ignoring removed mblk_io_submit option
[  799.702831][ T7704] ext2: Bad value for 'commit'
[  799.724967][  T707] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  800.274105][  T707] usb 5-1: device descriptor read/64, error -71
[  801.904994][  T707] usb 5-1: device descriptor read/64, error -71
[  801.919556][ T7732] loop2: detected capacity change from 0 to 2048
[  801.959523][ T7732] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  802.484974][  T638] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  802.938743][  T618] EXT4-fs (loop2): unmounting filesystem.
[  802.964978][  T638] usb 2-1: Using ep0 maxpacket: 8
[  802.971060][  T638] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  802.994933][  T638] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  803.004531][  T638] usb 2-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  803.014387][ T7747] loop4: detected capacity change from 0 to 1024
[  803.020626][  T638] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.021475][  T638] usb 2-1: config 0 descriptor??
[  803.072524][   T28] audit: type=1400 audit(1734789661.053:304): avc:  denied  { write } for  pid=7753 comm="syz.2.1535" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  803.073510][ T7754] input: syz1 as /devices/virtual/input/input5
[  803.102159][ T7747] EXT4-fs: Invalid want_extra_isize 2417
[  803.123110][   T28] audit: type=1400 audit(1734789661.083:305): avc:  denied  { mounton } for  pid=7744 comm="syz.4.1533" path="/306/file0" dev="tmpfs" ino=1902 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  803.152022][   T28] audit: type=1400 audit(1734789661.103:306): avc:  denied  { create } for  pid=7755 comm="syz.0.1536" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  803.313032][ T7760] loop2: detected capacity change from 0 to 512
[  803.362771][ T7759] loop4: detected capacity change from 0 to 2048
[  803.372368][ T7760] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  803.381762][ T7760] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  803.392542][ T7760] EXT4-fs (loop2): unmounting filesystem.
[  803.425273][ T7759] EXT4-fs: Ignoring removed mblk_io_submit option
[  803.446474][ T7759] ext2: Bad value for 'commit'
[  803.542898][ T7764] loop3: detected capacity change from 0 to 2048
[  803.573884][ T7764] EXT4-fs: Ignoring removed mblk_io_submit option
[  803.593987][ T7764] ext2: Bad value for 'commit'
[  804.235288][ T7739] netlink: 'syz.1.1532': attribute type 11 has an invalid length.
[  804.244776][ T7739] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1532'.
[  804.258406][  T638] lenovo 0003:17EF:6062.0010: unknown main item tag 0x0
[  804.265315][  T638] lenovo 0003:17EF:6062.0010: unknown main item tag 0x0
[  804.272108][  T638] lenovo 0003:17EF:6062.0010: unknown main item tag 0x0
[  804.279948][  T638] lenovo 0003:17EF:6062.0010: unknown main item tag 0x0
[  804.292683][   T28] audit: type=1400 audit(1734789662.273:307): avc:  denied  { create } for  pid=7753 comm="syz.2.1535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  804.293080][  T638] lenovo 0003:17EF:6062.0010: unknown main item tag 0x0
[  804.320895][  T638] lenovo 0003:17EF:6062.0010: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.1-1/input0
[  804.332918][   T28] audit: type=1400 audit(1734789662.303:308): avc:  denied  { connect } for  pid=7753 comm="syz.2.1535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  804.354767][   T28] audit: type=1400 audit(1734789662.313:309): avc:  denied  { create } for  pid=7773 comm="syz.3.1540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  804.374115][   T28] audit: type=1400 audit(1734789662.313:310): avc:  denied  { read } for  pid=7773 comm="syz.3.1540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  804.398072][ T7777] device vlan2 entered promiscuous mode
[  804.509697][  T638] usb 2-1: USB disconnect, device number 16
[  804.639973][ T7789] loop2: detected capacity change from 0 to 256
[  804.646422][ T7789] FAT-fs (loop2): Unrecognized mount option "utf8=t=cp932" or missing value
[  805.277180][ T7804] loop3: detected capacity change from 0 to 2048
[  805.317797][ T7804] EXT4-fs: Ignoring removed mblk_io_submit option
[  805.332403][ T7804] ext2: Bad value for 'commit'
[  805.338712][ T7806] loop1: detected capacity change from 0 to 2048
[  805.353983][ T7806] EXT4-fs: Ignoring removed mblk_io_submit option
[  805.360556][ T7806] ext2: Bad value for 'commit'
[  805.464451][   T28] audit: type=1400 audit(1734789663.443:311): avc:  denied  { create } for  pid=7808 comm="syz.4.1551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  805.486984][   T28] audit: type=1400 audit(1734789663.473:312): avc:  denied  { bind } for  pid=7808 comm="syz.4.1551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  805.507498][   T28] audit: type=1400 audit(1734789663.473:313): avc:  denied  { read } for  pid=7808 comm="syz.4.1551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  805.665182][ T7800] loop0: detected capacity change from 0 to 512
[  805.684962][ T7800] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  806.036657][ T7819] loop2: detected capacity change from 0 to 2048
[  806.057605][ T7819] EXT4-fs: Ignoring removed mblk_io_submit option
[  806.064526][ T7819] ext2: Bad value for 'commit'
[  806.081426][ T7828] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7828 comm=syz.1.1555
[  806.160028][ T7831] loop0: detected capacity change from 0 to 1024
[  806.229829][ T7831] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  806.231365][ T7829] loop1: detected capacity change from 0 to 512
[  806.259780][ T7831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7831 comm=syz.0.1556
[  806.364160][ T7829] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.1555: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  806.623941][ T7829] EXT4-fs error (device loop1): ext4_quota_enable:6982: comm syz.1.1555: Bad quota inode: 3, type: 0
[  806.725133][ T7829] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  806.736914][ T7844] device vlan2 entered promiscuous mode
[  807.476064][ T7829] EXT4-fs (loop1): mount failed
[  809.212750][  T648] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  809.812950][  T648] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  809.833715][  T648] EXT4-fs (loop0): This should not happen!! Data will be lost
[  809.833715][  T648] 
[  809.849475][  T648] EXT4-fs (loop0): Total free blocks count 0
[  809.904613][  T648] EXT4-fs (loop0): Free/Dirty block details
[  809.906789][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.923704][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.935325][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.944198][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.952882][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.961659][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.970929][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  809.987014][  T648] EXT4-fs (loop0): free_blocks=68451041280
[  810.030499][  T648] EXT4-fs (loop0): dirty_blocks=3920
[  810.044321][  T648] EXT4-fs (loop0): Block reservation details
[  810.058466][  T648] EXT4-fs (loop0): i_reserved_data_blocks=245
[  810.151297][  T648] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1868 with error 28
[  810.223832][ T7886] loop1: detected capacity change from 0 to 1024
[  810.291921][ T7886] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  810.359548][ T7891] loop0: detected capacity change from 0 to 256
[  810.366130][ T7886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7886 comm=syz.1.1566
[  810.408204][ T7891] FAT-fs (loop0): Unrecognized mount option "utf8=t=cp932" or missing value
[  810.754022][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1567'.
[  810.763172][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1567'.
[  810.794335][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1567'.
[  811.973032][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  811.973050][   T28] audit: type=1400 audit(1734789669.953:317): avc:  denied  { set_context_mgr } for  pid=7900 comm="syz.2.1568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  812.054925][   T28] audit: type=1400 audit(1734789669.983:318): avc:  denied  { write } for  pid=7900 comm="syz.2.1568" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  812.081010][ T7905] ovl_get_inode: 2 callbacks suppressed
[  812.081029][ T7905] overlayfs: failed to get inode (-116)
[  812.102103][ T7905] overlayfs: failed to get inode (-116)
[  812.109766][ T7905] overlayfs: failed to get inode (-116)
[  812.124929][   T28] audit: type=1400 audit(1734789669.993:319): avc:  denied  { map } for  pid=7900 comm="syz.2.1568" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  812.139609][ T7905] overlayfs: failed to get inode (-116)
[  812.156710][ T7907] overlayfs: failed to resolve './file2': -2
[  812.196751][   T28] audit: type=1400 audit(1734789670.073:320): avc:  denied  { call } for  pid=7900 comm="syz.2.1568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  812.236372][ T7909] FAULT_INJECTION: forcing a failure.
[  812.236372][ T7909] name failslab, interval 1, probability 0, space 0, times 0
[  812.249063][ T7909] CPU: 0 PID: 7909 Comm: syz.2.1571 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  812.260167][ T7909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  812.270059][ T7909] Call Trace:
[  812.273185][ T7909]  <TASK>
[  812.275961][ T7909]  dump_stack_lvl+0x151/0x1b7
[  812.280473][ T7909]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  812.285770][ T7909]  ? release_sock+0x163/0x1b0
[  812.290290][ T7909]  dump_stack+0x15/0x18
[  812.294278][ T7909]  should_fail_ex+0x3d0/0x520
[  812.298787][ T7909]  __should_failslab+0xaf/0xf0
[  812.303390][ T7909]  should_failslab+0x9/0x20
[  812.307727][ T7909]  kmem_cache_alloc_node+0x42/0x330
[  812.312762][ T7909]  ? __alloc_skb+0xcc/0x2d0
[  812.317114][ T7909]  __alloc_skb+0xcc/0x2d0
[  812.321274][ T7909]  netlink_sendmsg+0x7a6/0xd30
[  812.325870][ T7909]  ? netlink_getsockopt+0x540/0x540
[  812.330900][ T7909]  ? security_socket_sendmsg+0x82/0xb0
[  812.336195][ T7909]  ? netlink_getsockopt+0x540/0x540
[  812.341227][ T7909]  ____sys_sendmsg+0x5d3/0x9a0
[  812.345832][ T7909]  ? __sys_sendmsg_sock+0x40/0x40
[  812.350697][ T7909]  __sys_sendmsg+0x2a9/0x390
[  812.355116][ T7909]  ? ____sys_sendmsg+0x9a0/0x9a0
[  812.359893][ T7909]  ? __kasan_check_write+0x14/0x20
[  812.364926][ T7909]  ? mutex_unlock+0xb2/0x260
[  812.369356][ T7909]  ? __kasan_check_write+0x14/0x20
[  812.374303][ T7909]  ? __ia32_sys_read+0x90/0x90
[  812.378900][ T7909]  ? debug_smp_processor_id+0x17/0x20
[  812.384105][ T7909]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  812.390005][ T7909]  __x64_sys_sendmsg+0x7f/0x90
[  812.394608][ T7909]  x64_sys_call+0x16a/0x9a0
[  812.398946][ T7909]  do_syscall_64+0x3b/0xb0
[  812.403198][ T7909]  ? clear_bhb_loop+0x55/0xb0
[  812.407711][ T7909]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  812.413441][ T7909] RIP: 0033:0x7f5cded85d29
[  812.417694][ T7909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  812.437136][ T7909] RSP: 002b:00007f5cdfb54038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  812.445378][ T7909] RAX: ffffffffffffffda RBX: 00007f5cdef75fa0 RCX: 00007f5cded85d29
[  812.453192][ T7909] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006
[  812.461005][ T7909] RBP: 00007f5cdfb54090 R08: 0000000000000000 R09: 0000000000000000
[  812.468814][ T7909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.476622][ T7909] R13: 0000000000000000 R14: 00007f5cdef75fa0 R15: 00007ffcbe3ae658
[  812.484439][ T7909]  </TASK>
[  812.503946][ T7912] device vlan2 entered promiscuous mode
[  812.514537][  T648] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  812.531305][  T648] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  812.539105][   T28] audit: type=1400 audit(1734789670.513:321): avc:  denied  { bind } for  pid=7913 comm="syz.0.1573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  812.544072][  T648] EXT4-fs (loop1): This should not happen!! Data will be lost
[  812.544072][  T648] 
[  812.573080][  T648] EXT4-fs (loop1): Total free blocks count 0
[  812.579321][  T648] EXT4-fs (loop1): Free/Dirty block details
[  812.583323][   T28] audit: type=1400 audit(1734789670.553:322): avc:  denied  { name_bind } for  pid=7913 comm="syz.0.1573" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  812.585290][  T648] EXT4-fs (loop1): free_blocks=68451041280
[  812.612384][  T648] EXT4-fs (loop1): dirty_blocks=16384
[  812.621358][  T648] EXT4-fs (loop1): Block reservation details
[  812.629496][   T28] audit: type=1400 audit(1734789670.553:323): avc:  denied  { node_bind } for  pid=7913 comm="syz.0.1573" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  812.631449][  T648] EXT4-fs (loop1): i_reserved_data_blocks=1024
[  812.685738][   T28] audit: type=1400 audit(1734789670.573:324): avc:  denied  { connect } for  pid=7913 comm="syz.0.1573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  812.688176][  T648] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  812.737553][   T28] audit: type=1400 audit(1734789670.593:325): avc:  denied  { write } for  pid=7913 comm="syz.0.1573" path="socket:[43553]" dev="sockfs" ino=43553 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  812.870342][   T28] audit: type=1400 audit(1734789670.593:326): avc:  denied  { ioctl } for  pid=7913 comm="syz.0.1573" path="socket:[43553]" dev="sockfs" ino=43553 ioctlcmd=0x5429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  813.322221][ T7926] loop3: detected capacity change from 0 to 2048
[  813.344648][ T7926] EXT4-fs: Ignoring removed mblk_io_submit option
[  813.352593][ T7926] ext2: Bad value for 'commit'
[  813.404833][ T7917] loop0: detected capacity change from 0 to 40427
[  813.418931][ T3793] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  813.774746][ T7917] F2FS-fs (loop0): invalid crc value
[  813.836555][ T7917] F2FS-fs (loop0): Found nat_bits in checkpoint
[  813.922300][ T7917] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  814.030573][  T614] syz-executor: attempt to access beyond end of device
[  814.030573][  T614] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  814.495401][ T7952] overlayfs: failed to resolve './file2': -2
[  814.672083][ T7965] loop3: detected capacity change from 0 to 16
[  814.678232][ T7966] loop0: detected capacity change from 0 to 256
[  814.686214][ T7965] erofs: (device loop3): mounted with root inode @ nid 36.
[  814.694152][ T7966] FAT-fs (loop0): Unrecognized mount option "utf8=t=cp932" or missing value
[  815.131494][ T7973] x_tables: duplicate underflow at hook 4
[  815.136602][ T3793] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  815.147748][ T7975] loop2: detected capacity change from 0 to 1024
[  815.185858][ T7975] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  815.213687][ T7975] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7975 comm=syz.2.1587
[  817.415372][ T8000] overlayfs: failed to resolve './file2': -2
[  817.439478][ T1347] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  817.474148][ T8002] loop4: detected capacity change from 0 to 1024
[  817.480608][ T1347] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1916 with error 28
[  817.722845][ T1347] EXT4-fs (loop2): This should not happen!! Data will be lost
[  817.722845][ T1347] 
[  817.728164][ T8002] EXT4-fs: Ignoring removed orlov option
[  817.732622][ T1347] EXT4-fs (loop2): Total free blocks count 0
[  817.743812][ T1347] EXT4-fs (loop2): Free/Dirty block details
[  817.746948][ T8002] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  817.749855][ T1347] EXT4-fs (loop2): free_blocks=68451041280
[  818.117964][ T1347] EXT4-fs (loop2): dirty_blocks=1920
[  818.123214][ T1347] EXT4-fs (loop2): Block reservation details
[  818.129232][ T1347] EXT4-fs (loop2): i_reserved_data_blocks=120
[  818.328918][  T618] EXT4-fs (loop2): unmounting filesystem.
[  818.392442][  T617] EXT4-fs (loop4): unmounting filesystem.
[  818.399148][ T8028] loop3: detected capacity change from 0 to 1024
[  818.449675][ T8031] loop2: detected capacity change from 0 to 256
[  818.456213][ T8031] FAT-fs (loop2): Unrecognized mount option "utf8=t=cp932" or missing value
[  818.474500][ T8028] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  818.699426][ T3793] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  819.175124][ T8051] FAULT_INJECTION: forcing a failure.
[  819.175124][ T8051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  819.292475][  T279] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  819.302850][ T8051] CPU: 0 PID: 8051 Comm: syz.2.1601 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  819.318172][ T8051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  819.324288][  T279] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  819.328063][ T8051] Call Trace:
[  819.328070][ T8051]  <TASK>
[  819.328078][ T8051]  dump_stack_lvl+0x151/0x1b7
[  819.328106][ T8051]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  819.356026][ T8051]  dump_stack+0x15/0x18
[  819.360011][ T8051]  should_fail_ex+0x3d0/0x520
[  819.364524][ T8051]  should_fail+0xb/0x10
[  819.368513][ T8051]  should_fail_usercopy+0x1a/0x20
[  819.372598][  T279] EXT4-fs (loop3): This should not happen!! Data will be lost
[  819.372598][  T279] 
[  819.373368][ T8051]  strncpy_from_user+0x24/0x2b0
[  819.373398][ T8051]  __se_sys_request_key+0x9f/0x3b0
[  819.392468][ T8051]  ? __this_cpu_preempt_check+0x13/0x20
[  819.397849][ T8051]  ? __x64_sys_request_key+0xb0/0xb0
[  819.400100][  T279] EXT4-fs (loop3): Total free blocks count 0
[  819.402968][ T8051]  ? debug_smp_processor_id+0x17/0x20
[  819.414095][ T8051]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  819.419375][  T279] EXT4-fs (loop3): Free/Dirty block details
[  819.419996][ T8051]  __x64_sys_request_key+0x9b/0xb0
[  819.430677][ T8051]  x64_sys_call+0x687/0x9a0
[  819.433422][  T279] EXT4-fs (loop3): free_blocks=68451041280
[  819.435020][ T8051]  do_syscall_64+0x3b/0xb0
[  819.435046][ T8051]  ? clear_bhb_loop+0x55/0xb0
[  819.449423][ T8051]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  819.449521][  T279] EXT4-fs (loop3): dirty_blocks=6160
[  819.455147][ T8051] RIP: 0033:0x7f5cded85d29
[  819.455167][ T8051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.455185][ T8051] RSP: 002b:00007f5cdfb12038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  819.455207][ T8051] RAX: ffffffffffffffda RBX: 00007f5cdef76160 RCX: 00007f5cded85d29
[  819.455222][ T8051] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040
[  819.455236][ T8051] RBP: 00007f5cdfb12090 R08: 0000000000000000 R09: 0000000000000000
[  819.455249][ T8051] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  819.455263][ T8051] R13: 0000000000000000 R14: 00007f5cdef76160 R15: 00007ffcbe3ae658
[  819.455282][ T8051]  </TASK>
[  819.557294][  T279] EXT4-fs (loop3): Block reservation details
[  819.563091][  T279] EXT4-fs (loop3): i_reserved_data_blocks=385
[  819.585646][  T279] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  819.989118][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  819.989134][   T28] audit: type=1400 audit(1734789677.973:334): avc:  denied  { setopt } for  pid=8071 comm="syz.4.1609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  820.031640][   T28] audit: type=1400 audit(1734789677.973:335): avc:  denied  { bind } for  pid=8071 comm="syz.4.1609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  820.098470][   T28] audit: type=1400 audit(1734789677.973:336): avc:  denied  { name_bind } for  pid=8071 comm="syz.4.1609" src=20005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  820.176079][ T8090] loop4: detected capacity change from 0 to 2048
[  820.204219][   T28] audit: type=1400 audit(1734789677.973:337): avc:  denied  { node_bind } for  pid=8071 comm="syz.4.1609" saddr=2001::2 src=20005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  820.204532][ T8090] EXT4-fs: Ignoring removed mblk_io_submit option
[  820.609123][ T8090] ext2: Bad value for 'commit'
[  820.848574][   T28] audit: type=1400 audit(1734789678.833:338): avc:  denied  { create } for  pid=8112 comm="syz.3.1619" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  820.876006][   T28] audit: type=1400 audit(1734789678.853:339): avc:  denied  { connect } for  pid=8112 comm="syz.3.1619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  820.895975][   T28] audit: type=1400 audit(1734789678.853:340): avc:  denied  { write } for  pid=8112 comm="syz.3.1619" laddr=fe80::11 lport=1 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  820.918680][   T28] audit: type=1400 audit(1734789678.863:341): avc:  denied  { create } for  pid=8112 comm="syz.3.1619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  820.941684][ T8113] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  820.951097][   T28] audit: type=1400 audit(1734789678.923:342): avc:  denied  { mounton } for  pid=8112 comm="syz.3.1619" path="/295/file0" dev="tmpfs" ino=1805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  820.974815][ T8113] FAT-fs (loop7): unable to read boot sector
[  821.025783][  T629] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  821.046258][   T28] audit: type=1400 audit(1734789679.033:343): avc:  denied  { unlink } for  pid=615 comm="syz-executor" name="file0" dev="tmpfs" ino=1805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  821.108002][ T8125] __nla_validate_parse: 4 callbacks suppressed
[  821.108018][ T8125] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1623'.
[  821.202859][ T8127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8127 comm=syz.3.1623
[  821.274778][ T8139] loop2: detected capacity change from 0 to 512
[  821.291958][ T8139] EXT4-fs warning (device loop2): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  821.304153][  T629] usb 1-1: Using ep0 maxpacket: 8
[  821.310428][  T629] usb 1-1: unable to get BOS descriptor or descriptor too short
[  821.635963][ T3793] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  821.671910][  T629] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  821.748133][  T629] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config
[  821.770393][  T629] usb 1-1: config 4 has no interface number 0
[  821.783195][  T629] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  822.109987][  T629] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config
[  822.217884][  T629] usb 1-1: config 4 has no interface number 0
[  823.012082][  T629] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  823.038380][  T629] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config
[  823.045219][ T8170] loop2: detected capacity change from 0 to 2048
[  823.074766][ T8170] EXT4-fs: Ignoring removed mblk_io_submit option
[  823.091235][ T8170] ext2: Bad value for 'commit'
[  823.113893][  T629] usb 1-1: config 4 has no interface number 0
[  823.129729][  T629] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  823.137871][  T629] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config
[  823.147872][  T629] usb 1-1: config 4 has no interface number 0
[  823.159145][ T8184] FAULT_INJECTION: forcing a failure.
[  823.159145][ T8184] name failslab, interval 1, probability 0, space 0, times 0
[  823.165030][  T629] usb 1-1: config 4 has an invalid interface number: 147 but max is 0
[  823.206488][  T629] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config
[  823.245280][ T8184] CPU: 1 PID: 8184 Comm: syz.3.1640 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  823.256392][ T8184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  823.266287][ T8184] Call Trace:
[  823.269413][ T8184]  <TASK>
[  823.272188][ T8184]  dump_stack_lvl+0x151/0x1b7
[  823.276703][ T8184]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  823.282006][ T8184]  ? _copy_from_iter+0x1f2/0xe00
[  823.286784][ T8184]  dump_stack+0x15/0x18
[  823.290762][ T8184]  should_fail_ex+0x3d0/0x520
[  823.295282][ T8184]  ? build_skb+0x2c/0x220
[  823.299440][ T8184]  __should_failslab+0xaf/0xf0
[  823.304051][ T8184]  should_failslab+0x9/0x20
[  823.308467][ T8184]  kmem_cache_alloc+0x3b/0x320
[  823.313070][ T8184]  build_skb+0x2c/0x220
[  823.317148][ T8184]  ? skb_page_frag_refill+0x229/0x3b0
[  823.322356][ T8184]  tun_get_user+0x1c0e/0x3a90
[  823.326874][ T8184]  ? tun_do_read+0x2000/0x2000
[  823.331466][ T8184]  ? ref_tracker_alloc+0x31d/0x450
[  823.336415][ T8184]  ? ref_tracker_dir_print+0x160/0x160
[  823.341713][ T8184]  ? avc_policy_seqno+0x1b/0x70
[  823.346401][ T8184]  ? tun_get+0xe9/0x120
[  823.350390][ T8184]  tun_chr_write_iter+0x129/0x210
[  823.355257][ T8184]  vfs_write+0xaf6/0xed0
[  823.359331][ T8184]  ? __kasan_slab_free+0x11/0x20
[  823.364106][ T8184]  ? file_end_write+0x1c0/0x1c0
[  823.368790][ T8184]  ? __fget_files+0x2cb/0x330
[  823.373308][ T8184]  ? __fdget_pos+0x204/0x390
[  823.377731][ T8184]  ? ksys_write+0x77/0x2c0
[  823.381982][ T8184]  ksys_write+0x199/0x2c0
[  823.386168][ T8184]  ? __ia32_sys_read+0x90/0x90
[  823.390749][ T8184]  ? debug_smp_processor_id+0x17/0x20
[  823.395959][ T8184]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  823.401858][ T8184]  __x64_sys_write+0x7b/0x90
[  823.406286][ T8184]  x64_sys_call+0x2f/0x9a0
[  823.410536][ T8184]  do_syscall_64+0x3b/0xb0
[  823.414789][ T8184]  ? clear_bhb_loop+0x55/0xb0
[  823.419304][ T8184]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  823.425046][ T8184] RIP: 0033:0x7f77a97847df
[  823.429284][ T8184] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  823.448725][ T8184] RSP: 002b:00007f77aa647000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  823.456972][ T8184] RAX: ffffffffffffffda RBX: 00007f77a9975fa0 RCX: 00007f77a97847df
[  823.464785][ T8184] RDX: 000000000000002a RSI: 0000000020000000 RDI: 00000000000000c8
[  823.472591][ T8184] RBP: 00007f77aa647090 R08: 0000000000000000 R09: 0000000000000000
[  823.480402][ T8184] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  823.488217][ T8184] R13: 0000000000000001 R14: 00007f77a9975fa0 R15: 00007ffec3b87b78
[  823.496037][ T8184]  </TASK>
[  823.504647][  T629] usb 1-1: config 4 has no interface number 0
[  823.512001][  T629] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  823.534028][  T629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.556138][  T629] usb 1-1: Product: syz
[  823.567417][  T629] usb 1-1: Manufacturer: syz
[  823.575560][  T629] usb 1-1: SerialNumber: syz
[  823.747072][  T629] usb 1-1: Found UVC 0.00 device syz (04f2:b746)
[  823.757816][  T629] usb 1-1: No valid video chain found.
[  823.769392][  T629] usb 1-1: USB disconnect, device number 11
[  823.770875][ T8196] loop0: detected capacity change from 0 to 1024
[  823.812201][ T8196] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  824.035570][ T8202] overlayfs: failed to get inode (-116)
[  824.047016][ T8202] overlayfs: failed to get inode (-116)
[  824.055497][ T8202] overlayfs: failed to get inode (-116)
[  824.061055][ T8202] overlayfs: failed to get inode (-116)
[  824.176654][ T8206] loop4: detected capacity change from 0 to 1024
[  824.226071][ T8210] loop1: detected capacity change from 0 to 1024
[  824.517571][ T8210] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  824.546178][ T8206] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  824.680651][ T1019] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  824.723544][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  824.736230][ T1019] EXT4-fs (loop0): This should not happen!! Data will be lost
[  824.736230][ T1019] 
[  824.748159][ T1019] EXT4-fs (loop0): Total free blocks count 0
[  824.754029][ T1019] EXT4-fs (loop0): Free/Dirty block details
[  824.760012][ T1019] EXT4-fs (loop0): free_blocks=68451041280
[  824.767937][ T1019] EXT4-fs (loop0): dirty_blocks=4624
[  824.773196][ T1019] EXT4-fs (loop0): Block reservation details
[  824.782187][ T1019] EXT4-fs (loop0): i_reserved_data_blocks=289
[  824.824130][ T1019] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  825.005367][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  825.005385][   T28] audit: type=1400 audit(1734789682.993:347): avc:  denied  { name_bind } for  pid=8224 comm="syz.2.1649" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  825.219981][ T8233] loop2: detected capacity change from 0 to 2048
[  825.240589][ T8233] EXT4-fs: Ignoring removed mblk_io_submit option
[  825.246913][ T8233] ext2: Bad value for 'commit'
[  825.266725][ T8197] ------------[ cut here ]------------
[  825.272073][ T8197] kernel BUG at fs/buffer.c:2714!
[  825.279134][    T8] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  825.308587][ T8235] loop3: detected capacity change from 0 to 512
[  825.327838][ T8197] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  825.333722][ T8197] CPU: 0 PID: 8197 Comm: kmmpd-loop0 Tainted: G        W          6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  825.345006][ T8197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  825.354899][ T8197] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[  825.360106][ T8197] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 d4 c3 e6 ff e9 b0 fe ff ff e8 8a 50 9f ff 0f 0b e8 83 50 9f ff <0f> 0b e8 7c 50 9f ff 0f 0b e8 75 50 9f ff 0f 0b e8 6e 50 9f ff 0f
[  825.379546][ T8197] RSP: 0018:ffffc9000fe4fc20 EFLAGS: 00010293
[  825.385448][ T8197] RAX: ffffffff81d6362d RBX: 0000000000000000 RCX: ffff88811d235100
[  825.390558][    T8] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  825.393252][ T8197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  825.393268][ T8197] RBP: ffffc9000fe4fc70 R08: ffffffff81d63200 R09: ffffed10200bf26a
[  825.420663][    T8] EXT4-fs (loop4): This should not happen!! Data will be lost
[  825.420663][    T8] 
[  825.421112][ T8197] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  825.438388][ T8197] R13: 1ffff110200bf269 R14: ffff8881005f9348 R15: 0000000000003801
[  825.440301][    T8] EXT4-fs (loop4): Total free blocks count 0
[  825.446316][ T8197] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  825.446333][ T8197] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  825.446346][ T8197] CR2: 000000110c29ad7e CR3: 0000000110c28000 CR4: 00000000003506b0
[  825.446362][ T8197] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  825.446371][ T8197] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  825.446383][ T8197] Call Trace:
[  825.446389][ T8197]  <TASK>
[  825.446397][ T8197]  ? __die_body+0x62/0xb0
[  825.452821][ T8235] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  825.460900][ T8197]  ? die+0x88/0xb0
[  825.460922][ T8197]  ? do_trap+0x103/0x330
[  825.481507][    T8] EXT4-fs (loop4): Free/Dirty block details
[  825.482941][ T8197]  ? notify_die+0x1b0/0x280
[  825.528164][ T8197]  ? submit_bh_wbc+0x4cd/0x4f0
[  825.532764][ T8197]  ? handle_invalid_op+0x95/0xc0
[  825.537535][ T8197]  ? submit_bh_wbc+0x4cd/0x4f0
[  825.542133][ T8197]  ? exc_invalid_op+0x32/0x50
[  825.546647][ T8197]  ? asm_exc_invalid_op+0x1b/0x20
[  825.551510][ T8197]  ? submit_bh_wbc+0xa0/0x4f0
[  825.556024][ T8197]  ? submit_bh_wbc+0x4cd/0x4f0
[  825.560621][ T8197]  ? submit_bh_wbc+0x4cd/0x4f0
[  825.565226][ T8197]  ? __kasan_check_read+0x11/0x20
[  825.570082][ T8197]  submit_bh+0x1d/0x30
[  825.573990][ T8197]  write_mmp_block_thawed+0x3a0/0x570
[  825.579196][ T8197]  ? read_mmp_block+0x7d0/0x7d0
[  825.583880][ T8197]  ? update_process_times+0x1b0/0x1b0
[  825.589092][ T8197]  write_mmp_block+0x12b/0x2a0
[  825.593691][ T8197]  kmmpd+0x263/0xa10
[  825.597426][ T8197]  ? write_mmp_block_thawed+0x570/0x570
[  825.602802][ T8197]  ? __kthread_parkme+0x12d/0x180
[  825.607662][ T8197]  kthread+0x26d/0x300
[  825.611568][ T8197]  ? write_mmp_block_thawed+0x570/0x570
[  825.616949][ T8197]  ? kthread_blkcg+0xd0/0xd0
[  825.621377][ T8197]  ret_from_fork+0x1f/0x30
[  825.625637][ T8197]  </TASK>
[  825.628495][ T8197] Modules linked in:
[  825.637575][ T8197] ---[ end trace 0000000000000000 ]---
[  825.642845][ T8197] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[  825.648213][ T8197] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 d4 c3 e6 ff e9 b0 fe ff ff e8 8a 50 9f ff 0f 0b e8 83 50 9f ff <0f> 0b e8 7c 50 9f ff 0f 0b e8 75 50 9f ff 0f 0b e8 6e 50 9f ff 0f
[  825.667776][ T8197] RSP: 0018:ffffc9000fe4fc20 EFLAGS: 00010293
[  825.673757][ T8197] RAX: ffffffff81d6362d RBX: 0000000000000000 RCX: ffff88811d235100
[  825.681634][ T8197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  825.692975][ T8197] RBP: ffffc9000fe4fc70 R08: ffffffff81d63200 R09: ffffed10200bf26a
[  825.695102][    T8] EXT4-fs (loop4): free_blocks=68451041280
[  825.702359][ T8235] EXT4-fs (loop3): 1 truncate cleaned up
[  825.706715][    T8] EXT4-fs (loop4): dirty_blocks=8992
[  825.717066][    T8] EXT4-fs (loop4): Block reservation details
[  825.722903][    T8] EXT4-fs (loop4): i_reserved_data_blocks=562
[  825.736513][ T8197] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  825.744366][ T8197] R13: 1ffff110200bf269 R14: ffff8881005f9348 R15: 0000000000003801
[  825.752542][ T8197] FS:  0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  825.754171][ T1347] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  825.761372][ T8197] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  825.778132][ T8235] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  825.780410][ T8197] CR2: 00007f5cdfb32f98 CR3: 0000000100a4f000 CR4: 00000000003506a0
[  825.796437][ T8197] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  825.798035][  T647] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, 
[  825.804183][ T8197] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  825.804198][ T8197] Kernel panic - not syncing: Fatal exception
[  825.812599][ T8197] Kernel Offset: disabled
[  825.830435][ T8197] Rebooting in 86400 seconds..