last executing test programs:

25m38.002702264s ago: executing program 32 (id=23):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
iopl(0x3)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f00000000c0)=""/1, 0x1, 0x22, &(0x7f0000000100)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, '\x00', 0x30}}}, 0x24)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f0000000580)='!\x7f\x00\xca\x00\x00\x00\f\x00vt\x00\x01E!\x05\x99\xb7|`', 0x6e93ebbbcc0884f2, 0x61, &(0x7f0000000480)={0x0, 0x2, 0x7})
mq_timedreceive(r1, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x3, 0x220108, 0xb, 0x1}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r2}, 0x38)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0xcc084)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
wait4(0x0, 0x0, 0x1000000, &(0x7f00000005c0))
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
migrate_pages(0x0, 0x5, &(0x7f0000000180)=0x9, &(0x7f0000000080)=0x272)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e5000380ffffff0085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8}, 0x94)

19m35.75765617s ago: executing program 33 (id=669):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
iopl(0x3)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f00000000c0)=""/1, 0x1, 0x22, &(0x7f0000000100)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, '\x00', 0x30}}}, 0x24)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f0000000580)='!\x7f\x00\xca\x00\x00\x00\f\x00vt\x00\x01E!\x05\x99\xb7|`', 0x6e93ebbbcc0884f2, 0x61, &(0x7f0000000480)={0x0, 0x2, 0x7})
mq_timedreceive(r1, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x3, 0x220108, 0xb, 0x1}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r2}, 0x38)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0xcc084)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
wait4(0x0, &(0x7f0000000400), 0x1000000, &(0x7f00000005c0))
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
migrate_pages(0x0, 0x5, &(0x7f0000000180)=0x9, &(0x7f0000000080)=0x272)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x18, 0x7, 0x0, &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8}, 0x94)

19m35.673561595s ago: executing program 34 (id=675):
syz_open_dev$evdev(0x0, 0x0, 0x822b01)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r0, &(0x7f0000002400)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000140)}], 0x1)
io_setup(0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x40, 0x2c, 0xca7, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4, 0x4}, {}, {0x1, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x6, 0xfff1}}]}}]}, 0x40}}, 0x20040054)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)

5m37.456745619s ago: executing program 35 (id=2936):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

5m26.320065395s ago: executing program 5 (id=2969):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x38}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5m20.08607566s ago: executing program 5 (id=2976):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18000000520001192abd70000000000002"], 0x18}, 0x1, 0x0, 0x0, 0x40091}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macsec0\x00'})
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x16810, 0x0, 0x20, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)='hugetlbfs\x00', 0x2014016, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x470282, 0x5c, 0x8}, 0x6d)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x38, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000080)={0x3ff, 0x7, 0x100000, 0x9, 0x0, 0xf, 0x80000002, 0x400000000000}, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a00913a09b51bcb3cc5a05f0a"], 0xfe33)
r3 = socket$kcm(0xa, 0x5, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890c, &(0x7f0000000000))

5m15.738539708s ago: executing program 5 (id=2984):
r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x40000000000001, 0x400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
openat$sysfs(0xffffff9c, &(0x7f0000000300)='/sys/power/resume', 0x8402, 0x37)
io_submit(0x0, 0x1, &(0x7f0000000500)=[0x0])
close(0xffffffffffffffff)
r2 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000380)={&(0x7f0000000180)=[0x0, 0x0, <r3=>0x0], 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x0, 0x3, 0x7})
ioctl$DRM_IOCTL_MODE_GETFB(0xffffffffffffffff, 0xc01c64ad, &(0x7f0000000080)={r3})
ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc038563c, &(0x7f0000000080)={0x1, 0x0, {0x5, 0x100, 0x2, 0x10}})
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000), &(0x7f0000000280)={0x0, 0xfb, 0x9b, 0x1, 0x0, "0ebbbe5d19af69ce76eb97a376acf8af", "c049c18f7aff1e4ab06d7ca2cb5d8860022f05f82dd8e1d0b167f2223e73f75711b4494a4d9ee3ac8218d79e12ea295a1a66ca754345bcb5c11482e51d49f8c6b168e91bb3723cae0f3003b5fdf951dab308a58e311a8b06473457721142a8dc89754671e1a9587264bc0b57f89dee048f24dde2ef14ca6e26cc127adaab2f1e1fda83f13f6b"}, 0x9b, 0x1)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)

5m14.678928709s ago: executing program 5 (id=2986):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x38}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5m11.587157465s ago: executing program 5 (id=2992):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
r1 = memfd_create(&(0x7f0000000080)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ftruncate(r1, 0xdcb)
pread64(r1, &(0x7f00000009c0)=""/239, 0xef, 0x1)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x5)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x408241, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05640, &(0x7f0000000440)={0x1, @pix_mp={0x800, 0x1193fddc, 0x34325258, 0x5, 0xb, [{0x1, 0xbf0e}, {0x4, 0xce83}, {0x5, 0x4}, {0xc2, 0x3}, {0x35, 0x6}, {0x10000, 0x8a9}, {0x1, 0x70}, {0x9, 0x3}], 0x5b, 0x4, 0x7, 0x0, 0x7}})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, 0x0, 0x0)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f29, 0x5, 0x3, 0x40004, 0xfffffffd, 0xb, 0x0, 0x0, 0x81, 0xfffffffc, 0x2, 0xfffffffe, 0x8, 0x1, 0x4, 0x101, 0x8, 0x2b0, 0x9, 0x5, 0x99, 0x400000, 0x80, 0x800, 0x7, 0x2000e69, 0x6, 0x80004, 0xfffffffe, 0x0, 0xfffffff8]})
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000000))

5m9.879546033s ago: executing program 5 (id=2993):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010202001400020077673200000000000000000000000000090001"], 0x4c}, 0x1, 0x40030000000000, 0x0, 0x40084}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x6c00, 0x0, 0x4d080}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r6, 0x9c3fa077fa966179, 0xfffffffd, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x916c, 0x14}}}}}, 0x20}}, 0x4000054)
sendmsg$NL80211_CMD_RELOAD_REGDB(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$unix(0x1, 0x2, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={0x44, r9, 0x1, 0x70bd28, 0x25dfdc00, {{}, {@void, @val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x7ff, 0x56}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40080000}, 0xc, &(0x7f0000000040)={&(0x7f0000000640)={0x20, r6, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x12}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/ipc\x00')
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0xfff, 0x10001, 0xffffffff})

4m56.306332318s ago: executing program 36 (id=2991):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x9, 0x6}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x3cb, 0x1, 0x401}, {0x2, 0x49a, 0x9, 0x4, 0x6, 0x1, 0x2}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8}, 0x8000)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000280)=@xdp={0x2c, 0x7, r8, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)="7cb17231cc0ee9", 0x7}], 0x1}, 0x4)

4m54.739232757s ago: executing program 37 (id=2993):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010202001400020077673200000000000000000000000000090001"], 0x4c}, 0x1, 0x40030000000000, 0x0, 0x40084}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x6c00, 0x0, 0x4d080}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r6, 0x9c3fa077fa966179, 0xfffffffd, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x916c, 0x14}}}}}, 0x20}}, 0x4000054)
sendmsg$NL80211_CMD_RELOAD_REGDB(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$unix(0x1, 0x2, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={0x44, r9, 0x1, 0x70bd28, 0x25dfdc00, {{}, {@void, @val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x7ff, 0x56}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40080000}, 0xc, &(0x7f0000000040)={&(0x7f0000000640)={0x20, r6, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x12}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/ipc\x00')
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0xfff, 0x10001, 0xffffffff})

4m50.133471769s ago: executing program 6 (id=3010):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x90, 0x0, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0xbf02966b0b15d421, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000180)={@fda={0x66646185, 0x1, 0x1, 0x32}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x6}, @fda={0x66646185, 0xa, 0x2, 0x18}}, &(0x7f0000000300)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0})

4m49.094176058s ago: executing program 6 (id=3012):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
r1 = memfd_create(&(0x7f0000000080)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ftruncate(r1, 0xdcb)
r2 = getpgrp(0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x408241, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05640, &(0x7f0000000440)={0x1, @pix_mp={0x800, 0x1193fddc, 0x34325258, 0x5, 0xb, [{0x1, 0xbf0e}, {0x4, 0xce83}, {0x5, 0x4}, {0xc2, 0x3}, {0x35, 0x6}, {0x10000, 0x8a9}, {0x1, 0x70}, {0x9, 0x3}], 0x5b, 0x4, 0x7, 0x0, 0x7}})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, 0x0, 0x0)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f29, 0x5, 0x3, 0x40004, 0xfffffffd, 0xb, 0x0, 0x0, 0x81, 0xfffffffc, 0x2, 0xfffffffe, 0x8, 0x1, 0x4, 0x101, 0x8, 0x2b0, 0x9, 0x5, 0x99, 0x400000, 0x80, 0x800, 0x7, 0x2000e69, 0x6, 0x80004, 0xfffffffe, 0x0, 0xfffffff8]})
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000000))

4m44.816464673s ago: executing program 6 (id=3015):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102384, 0x18ff0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
r3 = dup(r1)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe654, 0x2, 0x4, 0x48, 0xff}, 0x9c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)
fsopen(&(0x7f0000000000)='cgroup\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f000000c3c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(0xffffffffffffffff)

4m41.394026338s ago: executing program 6 (id=3017):
r0 = socket(0x28, 0x5, 0x0)
recvfrom$inet_nvme(r0, 0x0, 0x0, 0x40000002, 0x0, 0x0)
read$hidraw(0xffffffffffffffff, &(0x7f00000002c0)=""/137, 0x89)

4m41.251090736s ago: executing program 8 (id=2958):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f00000002c0))
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, 0x0)
r0 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0\xbc]\x12\xc0D\x9f\x80\x8f\xfe\xf2\xc2)\xccm\xacz\xc1\xad\xe4\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000480))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
openat2$dir(0xffffff9c, 0x0, &(0x7f00000003c0)={0x100100, 0x8, 0x7d}, 0x18)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x3a8, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x370, 0x8, 0x0, 0x1, [{0x78, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0807ee6675c"}]}, {0x2a8, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x9, 0x7, @empty, 0x3}}, @WGPEER_A_ALLOWEDIPS={0x260, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}]}]}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
sendfile(r7, r7, 0x0, 0x40008)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="66923dca343e7c28f9a57ce723713a91e185f20b873b17564a9ae45651d22094dea6daf6450541639a346351489fd749feaaeafdb50f5c37513fc3cf0ff37738ef211385cedc300cf288b6d264048ed3bf53aef2c0bf6776658f25fbb80fb752ac690c897bdfe3f17371ec9a9b03147961b2bdf6acdeb13910cd4f0d744eab8a0ae94620a69e8e30ccb4b7fdfe7aa26ba484a8a85876e930b7f092f5780192731f112837099e43", @ANYRESHEX=r1, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x109202)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/mnt\x00')

4m41.169595921s ago: executing program 6 (id=3018):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
creat(0x0, 0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

4m39.644369958s ago: executing program 6 (id=3019):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18000000520001192abd70000000000002"], 0x18}, 0x1, 0x0, 0x0, 0x40091}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macsec0\x00'})
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x16810, 0x0, 0x20, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)='hugetlbfs\x00', 0x2014016, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x470282, 0x5c, 0x8}, 0x6d)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x38, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000080)={0x3ff, 0x7, 0x100000, 0x9, 0x0, 0xf, 0x80000002, 0x400000000000}, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a00913a09b51bcb3cc5a05f0a"], 0xfe33)
r3 = socket$kcm(0xa, 0x5, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890c, &(0x7f0000000000))

4m34.602854705s ago: executing program 8 (id=3022):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newae={0x5c, 0x1e, 0xff01f7747ae9d38d, 0x70bd2d, 0x25dfdbfc, {{@in=@broadcast, 0x4d4, 0x2, 0x33}, @in6=@loopback, 0xffffffff, 0x3504}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x70bd2c, 0x70bd2b, 0x70bd2a, 0x70bd2c, 0x40}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24004850}, 0x40054)
landlock_restrict_self(0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x9)

4m33.494022219s ago: executing program 8 (id=3024):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
creat(0x0, 0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x143142, 0x43)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

4m31.609850736s ago: executing program 8 (id=3025):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x10, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000091}, 0x20000000)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x6fc84b579dfed949, 0x0)
close(r6)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)

4m22.993210448s ago: executing program 38 (id=3019):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18000000520001192abd70000000000002"], 0x18}, 0x1, 0x0, 0x0, 0x40091}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macsec0\x00'})
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x16810, 0x0, 0x20, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)='hugetlbfs\x00', 0x2014016, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x470282, 0x5c, 0x8}, 0x6d)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x38, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000080)={0x3ff, 0x7, 0x100000, 0x9, 0x0, 0xf, 0x80000002, 0x400000000000}, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a00913a09b51bcb3cc5a05f0a"], 0xfe33)
r3 = socket$kcm(0xa, 0x5, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890c, &(0x7f0000000000))

4m15.942752409s ago: executing program 39 (id=3025):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x10, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000091}, 0x20000000)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x6fc84b579dfed949, 0x0)
close(r6)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)

1m58.300626618s ago: executing program 2 (id=3219):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e21, 0x20000402, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4e23, 0x3, @loopback}}, 0x0, 0x0, 0x3c, 0x0, "0f424a2bc651a9f11381328af8daf6f4bd2827984afeb6b627cea1ba22d1af57aa193c5024c9e8b22a8796a538ed893952a1aa555418ba1b4d0bc0712c028ec32a9bc2fb29b52d39e8626bc90abcc02a"}, 0xd8)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000840), 0x4)
sendmmsg$inet6(r0, &(0x7f0000000dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000)

1m57.972842337s ago: executing program 2 (id=3222):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x14)

1m57.357658023s ago: executing program 2 (id=3228):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000005a40)={0x0, 0x0, &(0x7f0000005a00)={&(0x7f0000005940)={0x18, 0x15, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_OBJ_USERDATA={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x200080c4}, 0x800)

1m57.014601573s ago: executing program 2 (id=3230):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x181000)
close(r0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x533, &(0x7f0000000880)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oC6GKso43bVT1AOWEKlQJ0SNIqbE3VpTdrJVdl9pEwj1zRaISJzjyB3DuiTsXBDcu5YDEDwtUI3EYNLNjZ2Pv2k7j9Vq7n4802vfmjef7Xpx5b+btel8AE+tKRGxHxExEvB8RC+X+pNzi7e6WH/fZzsOV3Z2HK0lk2Xv/TIryfF/0/EzuUnnOuYj4wXcjfpwcjtve3Lq33GjUH5T5xU5zfbG9uXX9bnN5rb5Wv1+r3Vq6dePNm2/UnqA1c0eWvtScKVNf/fQP26/9NK/WfLmntx2nqdv0yn6c3HREfG8YwUZgqmzPzKgrwueSRsTzEfFycf0vxFTx2zzOO6+dQdUAgCHJsoXIFnrzAMC4S4s5sCStlnMB85Gm1Wp3Du+FuJg2Wu3OtTutjfur3bmyy1FJ79xt1G+Uc4WXo5Lk+aUi/ShfO5C/GRHPRcQvZi8U+epKq7E6yhsfAJhglw6M//+Z7Y7/AMCYO/pjMwDAODL+A8DkMf4DwOQx/gPA5OmO/xee9MeyLPvZMKoDAJwBz/8AMHmM/wAwUb7/7rv5lu2W33+9+sHmxr3WB9dX6+171ebGSnWl9WC9utZqrRXf2dM87nyNVmt96fXY+PDyt9bbncX25tbtZmvjfud28b3et+uV4qjtM2gZADDIcy998uckH5HfulBs0bOWQ2WkNQOGLR11BYCRmRp1BYCR6a721WeBPmDsPXrGf+IPAZgegDFx3B3AXL8/EMqyLBtelYAhu/ol8/8wqcr5/2mfAobJc9z8f7E2sDcJYSxNH13sEQDGWJYlJ13zP056IABwvh1xg3/5LO9DgNEZ8P7/8+Xrb8s3B360evCIj4dZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjf9tb/rZbL/M5HmlarEc8UCwBVkjt3G/UbEfFsRPxptjKb55dGXGcA4Gmlf0vK9b+uLrw6/1jRi5f2kzMR8ZNfvffLD5c7nQd/jJhJ/jW7t7/zcbm/dmywuWG0AAA42t44Xbz2PMh/tvNwZW87y/r8/Tvdu4I87u7OTOzux5+O6eJ1LioRcfHfSZnvSnrmLp7G9kcR8cV+7U9ivpgD6d6yHIyfx37mlOJPnSh++lj8tFygOS3/Lb5wCnWBSfNJ3v+83e/6S+NK8dr/+p8reqinV/Z/+alWdos+8FH8vf5vakD/d+WkMV7//Tvd1IXDZR9FfHk6Yi/2bk//sxc/GRD/1RPG/8tXXnx5UFn264ir0T9+b6zFTnN9sb25df1uc3mtvla/X6vdWrp1482bb9QWiznqxcGjwT/euvbsoLK8/RcHxJ87pv1fH3TSA0+5v/nf+z/82hHxv/lKv/hpvHBE/HxM/MbAFj9u+eLvBj535/FXD7c/Ocnv/9oJ43/6161Dy4YDAKPT3ty6t9xo1B9ISJz/RP5f9hxUo2/i22cVayb6F/38le41faAoyz5XrEE9xmnMugHnwf5FHxH/HXVlAAAAAAAAAAAAAACAvs7iL5ZG3UYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADG1/8DAAD//4wA1F8=")
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000540)='.log\x00', 0x1c10c1, 0x9c37611dc13d0db7)
fchown(r1, 0x0, 0xee01)
capset(0x0, 0x0)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
syz_pidfd_open(r2, 0x0)
fchown(r1, 0x0, 0x0)

1m56.175130031s ago: executing program 2 (id=3238):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240), 0x0, 0x1}}, 0x40)

1m55.292950043s ago: executing program 2 (id=3247):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x5, 0xfffff010}, {0x6, 0x0, 0x2}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f00000003c0)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @redirect={0x8, 0x0, 0x0, @loopback, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @multicast1}}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0)

1m54.800774041s ago: executing program 40 (id=3247):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x5, 0xfffff010}, {0x6, 0x0, 0x2}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f00000003c0)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @redirect={0x8, 0x0, 0x0, @loopback, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @multicast1}}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0)

1m21.706305829s ago: executing program 3 (id=3563):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={0x0, 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x20040080)
sendmsg$NFT_BATCH(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb000005000006140000001100", @ANYRES64], 0x3c}, 0x1, 0x0, 0x0, 0x2004c040}, 0xc000)

1m21.334615801s ago: executing program 3 (id=3564):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x11, 0x2, 0x0)
setsockopt(r0, 0x107, 0x65, 0x0, 0x0)

1m21.126327974s ago: executing program 3 (id=3566):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x2204806, &(0x7f00000005c0)=ANY=[@ANYBLOB="636865636b3d7374726963742c636865636b3d72656c61786564006d6f64653d3078303030303030303030303030303030312c4cb28235e144f73e366d61633d6f66662c73657373696f6e3d0178303030a63ee14bb3171775cd8cf77a07303030303030303030303036322c696f63686172736574076d616367726565d6671c6841f1c62d4c44a51f3e6b416d61703d61636f726e2c696f636861727365743d69736f383835392d322c73657373696f6e3d3078303030303030303030303030303035352c73686f776173736f632c6f64653d3078668cd191e9737eedbb666666666666654efd04642dedba78802c73657373696f6e3d3078303030303030303030303030303030622c6673636f6e746578743d73"], 0xfa, 0x69f, &(0x7f0000000f00)="$eJzs3c9v2+Ydx/EP5V+yOwTFNhRBkB9PkhVwsEyR5MaBkQEtR1E2N0kUSHmwgQFF1thFEDndkg5YfOl82Q+gA3berZcddts/MKDn/he7bUCx3QZsBw4kRVmyRMlqHLdZ3y8jEUV++Txfkgq/oSU+EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOXUyuWKpYbX2t4x+Zxa4DcnLE9bW9CtdOLW1H4lK/6jYlEX01kXv328+I34rxu6nD67rGL8UNTha2+8fv9b84Vs/QkJfRGatcFnzw8fP+h2956eInZOMzf/ZVLhFEGbbssLfa9pb7rGC32zsb5evrNVD03da7jhbthxm8YJ3ELHD8yqc8tUNjbWjFva9bdbmzW74WYz732vWi6vmx8upQdaUil0trxGw2ttJjHx4jjmnvn4J2mAazeN2X/U3VublmQcVMlbWBgIqk5rqVquViuVarWyfnfj7r1yeX5kRjlmlfs0EnHmL1q8Ys7u5A28oEJc//9mSQ0V1dK2dmTG/jiqKZCvZs7ynqz+v3nHndjvYP3PqvxF6e3e4ktK6v/V9NnVvPqfk4uRSVYYt8TKmT/bz0KSkdEzPdehHuuBuupqT0/PoG0jc+1MWjmHn025aslTKF+emrKTOaY3x2hD61pXWe9qS3WFMqrLU0OuQu0qVEdu8opyFMiVrY58BTJalaNbMqpoQxtak5Grknbla1stbaomW/+Oomhfj5L9vjYhR2VBlZyApcGg6oSW8ur/Tz9KX6e9+l+m/n9dpa+DpfThs0kxwFdA1Lv+n9G1l5MNAAAAAAB4Gazkt+9W8t79FUmR6l7DLeevsHie2QEAAAAAgLNgKVrSZVnx9b+kK7KmXP8DAAAAAIBXjpXcY2dJWkk+1G8d3wl1ml8CzJ1DigAAAAAA4AUld/5fXZSiZNCKa7Jmuv4HAAAAAACvgN8OjLE/n42xG2Vv6xckhe0l66//XFKwYB21d75jHdjxEvtgrpCEjHwCoFO/ZIV/SAfqTcbrXZSUPHPcy1avt94gmP1xBz/fnzbWvxWcSGBxbrCBEwlc6K1txT2vz/ee6WNdf3so9uFhQcmStJeVutdwS47fuF+RbV8odNydzi+ePPqlFPS3c/9Rd6/03gfdh0kuR/Gso4M4j4+ydP6y2Nt1w7kkD/1c/hulpCtjt3hZ9azL37WaK1bSbznb/jnZB4XjY5S7/cN96te6kR6zGytp7Mphf8T9ePuL8fZXSskhG9r6YME6zqJycsvHHYicLIpJFjfTmJurN9OHLL+4nYJV/O6cVC2NHoOhLKqDWUzfF9a/RvbFpCx6+2ItzuLTuKGcLNZmy2LkiADAl2U/GfUnufMvGcR8pO5m5SE7qX2hujO9ur8zXN0//GNcGdP/Xsz33puY2EtR8Rl91Urq0KKSE+v8pZEzerY19oWics7o5ReobnFffz7+DqRe2iNZ/CeKovuVpN/fn6iqn8QrfJLbb9hId/udDw9+lgyAH3t/7/29J9Xq2nr5rXL5blULyWb0HuZE7QEAjJj+HTtTI6y3dD2NuP7wH2+mU0MV75v9jxSU9J4+UFcPtZB9hcC18a2uDHwM4XZ61aqBq1bzxuv3l6WTsRXdzr2qS2rpQGy1H7ugbJXhSn0cu/aSjwIAAOfrxpQ6PL7+F4fq/22tphGrl8Zedw/X8t7Vcf+SPi+2Mj35d856bwAA8PXgBp9bK53fWEHgtd+tbGxU7M6WawLf+ZEJvNqma7xWxw2cLbu16Zp24Hd8x2+YdqAlr+aGJtxut/2gY+p+YNp+6O0k3/xuel/9HrpNu9XxnLDdcO3QNY7f6thOx9S80DHt7R80vHDLDZKVw7breHXPsTue3zKhvx04bsmY0HUHAr2a2+p4dS+ebJl24DXtYNf82G9sN11Tc0Mn8NodP20w68tr1f2gmTRbUjTzFx0CAPD/6Nnzw8cPut29pycnluNL83TOkXJiRicWxzTIGEEAAHzFHJfrGVYq9qc+jV5KVgAAAAAAAAAAAAAAAAAAAAAAYND0W/pmnFgYd7Og1J/z8wu9OfqVjm8xHGnH0lknNstEYda1slsiDh9/NiF4uT8n2/2DMUfntoF//4b0WjJH6Zz5ccHF/Has6X0tTzi4p5yYi3fQaYO/v5/u0dyYeOHYRUv9YzF/9v8c4oknf8pZFEVRNHn1peF9uDhpA4cn5iU9XXyBQ3D+5yIA5+t/AQAA//+xxzz3")
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x580, 0x0)
getdents(r0, &(0x7f00000002c0)=""/52, 0x34)
getdents64(r0, 0x0, 0x0)

1m20.83877139s ago: executing program 3 (id=3569):
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x22020600)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0xb68, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000008c0)={0x53, 0xfffffffffffffffd, 0x6, 0xc0, @scatter={0x0, 0x0, 0x0}, &(0x7f00000000c0)="444d1f4c50ef", 0x0, 0x200005, 0x1, 0x3, 0x0})

1m20.598464524s ago: executing program 3 (id=3571):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x38, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x204}, [@NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x6}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWTABLE={0x40, 0x0, 0xa, 0x74b53fcc833f5088, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0xfe, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0xfffd, 0x88000}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

1m19.709516406s ago: executing program 3 (id=3578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000420000000600000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c00000004000000040000000180000000000000", @ANYRES32=r0], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r1}, 0x38)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x5dd93000)

1m4.54863909s ago: executing program 41 (id=3578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000420000000600000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c00000004000000040000000180000000000000", @ANYRES32=r0], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r1}, 0x38)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x5dd93000)

4.596817942s ago: executing program 7 (id=4195):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000040), 0x0)
getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4050, &(0x7f0000000000)=0xfd2)

4.373335645s ago: executing program 7 (id=4198):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfffffdfc}])
io_destroy(r2)

4.079220062s ago: executing program 9 (id=4202):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x14)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000000080)='./file0\x00', 0x1ba)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x10, 0xb, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
r6 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000140)={0x80, 0x1})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c000000020601010000000600000000000000000e0003006269746d61703a697000000005de0300000000000900020073797a3100000000240007800c00028008000140640101010c0001800800014080ffffff050014000200000005000500020000000500010006000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4840}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="796100000000000000007e00000008000300af51823c3567", @ANYRES32=0x0], 0x3c}}, 0x4000054)
getpid()
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x10, &(0x7f0000000040)=ANY=[@ANYRES32=r4], 0x1, 0x250, &(0x7f0000000b80)="$eJzs2k9rHHUYB/BnYqUxJd2I/2hB+kMP6mVocvIgkiAtiAFFG6EK0qmZ6JJxN2SWwIrYeNGLB1+CZ/HoTZCKFy+5+Ao8eMslxx7EkXbTNhtWyKJxS/P5XPZhn/0uz/AMw+8wu69888n6Wp2vFb2YyrKYWoztuJXFXEzFXdvx0gtXf332navvvbG0vHzp7ZQuL12ZX0gpnb3w0/ufff/czd6Zd384++Pp2Jn7YHfviz92nt45t/vXlY/bdWrXqdPtpSJd73Z7xfWqTKvtej1P6a2qLOoytTt1uTnUX6u6Gxv9VHRWZ2c2Nsu6TkWnn9bLfup1U2+zn4qPinYn5XmeZmeCf2Plu1tNE3vNo9ciu/vd7O/RiuzxlD2xmD11LXtmOzu31zStyQ7KMbm3/6ZpHvs2zty0/xPlwEN9OqL6amtla2XwOegvrUU7qijjYrTiz7h9m+wb1JdfX750Md0xF19WN/bzN7ZWHhnOz0cr5kbn5wf5NJw/HTMH8wvRiidH5xdG5qfjxecP5PNoxW8fRjeqWI3b2fv5z+dTeu3N5UP583d+BwDwsMnTPSPPb3n+T/1Bfozz4aHz1ak4f2qy105E3f90vaiqclMxTnFh3NT05GeeeHH8N1uTRTwIV3qk4pefX335ARhjv1g8vJ1JP5n4P9xf+lET08c7EAAAAAAAAAAAAEfy371F+PX+Pw61snHeLAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6mvwMAAP//cOvMBw==")
truncate(&(0x7f0000002540)='./file2\x00', 0xe)
umount2(&(0x7f00000003c0)='./file3\x00', 0xb)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000000090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r8, 0x84, 0x8, &(0x7f0000000040)=0x1, 0x4)

3.934225591s ago: executing program 1 (id=4205):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x81ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x38)

2.967869057s ago: executing program 7 (id=4207):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000000)=0x3ff, 0x4)

2.949517948s ago: executing program 9 (id=4208):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25fe8800000000000000000000000001016401010000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000001000080000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000002000000000000000000000000000000000000001000202000000004400050000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x4}, 0x20000010)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @dccp={{0x8, 0x4, 0x0, 0x3d, 0x30, 0x67, 0x0, 0x9, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x7, 0xbd, [@multicast2]}, @generic={0x94, 0x2}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, 0x4, "180f8f", 0x1, "fffb45"}}}}}}, 0x0)

2.857669023s ago: executing program 1 (id=4209):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$bt_hci(r0, 0x84, 0x7f, 0x0, &(0x7f0000000000))

2.724544851s ago: executing program 7 (id=4212):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001422, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x131540, 0x18)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f00000000c0)="ad5787", &(0x7f0000000000)=""/3, 0x2}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x46263, 0x0)

2.686904143s ago: executing program 9 (id=4213):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={<r3=>0x0, 0x0, <r4=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r2, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0000000014"], 0x38, 0x40044}}], 0x1, 0x4)

2.521633243s ago: executing program 1 (id=4214):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="68000000100001002fbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0201000000000000140003006e657464657673696d3000000000000034001680300001802c00"], 0x68}}, 0x24040800)

2.40255285s ago: executing program 9 (id=4217):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141042, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x10044, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r1, @ANYRESHEX=r0])

2.234114959s ago: executing program 0 (id=4219):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x14)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000000080)='./file0\x00', 0x1ba)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x10, 0xb, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
r6 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000140)={0x80, 0x1})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c000000020601010000000600000000000000000e0003006269746d61703a697000000005de0300000000000900020073797a3100000000240007800c00028008000140640101010c0001800800014080ffffff050014000200000005000500020000000500010006000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4840}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="796100000000000000007e00000008000300af51823c3567", @ANYRES32=0x0], 0x3c}}, 0x4000054)
getpid()
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x10, &(0x7f0000000040)=ANY=[@ANYRES32=r4], 0x1, 0x250, &(0x7f0000000b80)="$eJzs2k9rHHUYB/BnYqUxJd2I/2hB+kMP6mVocvIgkiAtiAFFG6EK0qmZ6JJxN2SWwIrYeNGLB1+CZ/HoTZCKFy+5+Ao8eMslxx7EkXbTNhtWyKJxS/P5XPZhn/0uz/AMw+8wu69888n6Wp2vFb2YyrKYWoztuJXFXEzFXdvx0gtXf332navvvbG0vHzp7ZQuL12ZX0gpnb3w0/ufff/czd6Zd384++Pp2Jn7YHfviz92nt45t/vXlY/bdWrXqdPtpSJd73Z7xfWqTKvtej1P6a2qLOoytTt1uTnUX6u6Gxv9VHRWZ2c2Nsu6TkWnn9bLfup1U2+zn4qPinYn5XmeZmeCf2Plu1tNE3vNo9ciu/vd7O/RiuzxlD2xmD11LXtmOzu31zStyQ7KMbm3/6ZpHvs2zty0/xPlwEN9OqL6amtla2XwOegvrUU7qijjYrTiz7h9m+wb1JdfX750Md0xF19WN/bzN7ZWHhnOz0cr5kbn5wf5NJw/HTMH8wvRiidH5xdG5qfjxecP5PNoxW8fRjeqWI3b2fv5z+dTeu3N5UP583d+BwDwsMnTPSPPb3n+T/1Bfozz4aHz1ak4f2qy105E3f90vaiqclMxTnFh3NT05GeeeHH8N1uTRTwIV3qk4pefX335ARhjv1g8vJ1JP5n4P9xf+lET08c7EAAAAAAAAAAAAEfy371F+PX+Pw61snHeLAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6mvwMAAP//cOvMBw==")
truncate(&(0x7f0000002540)='./file2\x00', 0xe)
umount2(&(0x7f00000003c0)='./file3\x00', 0xb)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000000090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r8, 0x84, 0x8, &(0x7f0000000040)=0x1, 0x4)

2.130964645s ago: executing program 1 (id=4220):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x81ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x38)

2.081777179s ago: executing program 9 (id=4221):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xffffffd1, 0x1, 0xffffffff, 0x831a, 0x1, "030000000000000000049dd0ffd76d7fcb0b0e", 0x6, 0x201})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240)=0x10)
ioctl$TIOCSTI(r0, 0x5412, 0x0)

1.159041472s ago: executing program 0 (id=4222):
r0 = socket(0x10, 0x3, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

1.117615004s ago: executing program 1 (id=4223):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x80ab, @empty, 0x1}, 0x1c)
setsockopt$inet_int(r0, 0x0, 0x17, 0x0, 0x0)

1.116752135s ago: executing program 4 (id=4224):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25fe8800000000000000000000000001016401010000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000001000080000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000002000000000000000000000000000000000000001000202000000004400050000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x4}, 0x20000010)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @dccp={{0x8, 0x4, 0x0, 0x3d, 0x30, 0x67, 0x0, 0x9, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x7, 0xbd, [@multicast2]}, @generic={0x94, 0x2}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, 0x4, "180f8f", 0x1, "fffb45"}}}}}}, 0x0)

1.053537879s ago: executing program 7 (id=4225):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$bt_hci(r0, 0x84, 0x7f, 0x0, &(0x7f0000000000))

1.02224227s ago: executing program 4 (id=4226):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000340)={@link_local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev={0xfe, 0x80, '\x00', 0x24}, @mcast1}}}}}}, 0x0)

888.552128ms ago: executing program 9 (id=4227):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b", 0xe)
fcntl$setpipe(r0, 0x407, 0x10)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

848.589021ms ago: executing program 4 (id=4228):
r0 = socket(0x2, 0x3, 0xff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmsg$rds(r0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/23, 0x17}], 0x1, 0x0, 0x0, 0x4c880}, 0x8000)

829.076462ms ago: executing program 0 (id=4229):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)
getsockopt(r0, 0x400000000000003a, 0x1, 0x0, 0x0)

769.573075ms ago: executing program 1 (id=4230):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
write$tun(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="000086dd0001090004"], 0x7a)

769.195235ms ago: executing program 7 (id=4231):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000140)={[{@delalloc}, {@noload}, {@mb_optimize_scan}, {@nodiscard}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x11)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f00000000c0))
openat(r0, &(0x7f0000000000)='./file1\x00', 0x400140, 0x30)

641.245963ms ago: executing program 4 (id=4232):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pread64(r0, &(0x7f0000002280)=""/4096, 0x12, 0xd37)

558.515348ms ago: executing program 0 (id=4233):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newtfilter={0x6c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

277.655174ms ago: executing program 4 (id=4234):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="8403000000020101000000000000000007000004100002800c00028005000100010000001c0002800c000280050001003a0000000c00028005000100010000006000018006"], 0x38c}, 0x1, 0x0, 0x0, 0x800}, 0x20040000)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x40090)
sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x8782559fc2aff2e2, &(0x7f0000000080)=[{&(0x7f0000000040)="0f02000039000511d25a80648c63940d0224fc600b003540280009000200002037153e37eb010280060410000a00", 0x33fe0}], 0x1}, 0x0)

261.343654ms ago: executing program 0 (id=4235):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x6000)
setresuid(0xee01, r1, r1)
ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, 0x0)

83.073855ms ago: executing program 0 (id=4236):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000000c80)={0x2, 0x4e1f, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000cc0)="a10e", 0x2}], 0x1}, 0x800)
sendmmsg$inet6(r0, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="06", 0x1}], 0x1}}], 0x1, 0x44)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000100)=0x975, 0x4)

0s ago: executing program 4 (id=4237):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000a00)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000000)=0x14)
socket(0x40000000015, 0x5, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
unshare(0x22020400)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
socket(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x10000000000, 0x3, 0xfffffffffffffffd, 0x2, 0x7c, 0x1, 0x9}, 0x0, &(0x7f00000002c0)={0x3fd, 0xfffffffffffffffe, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

4][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1532.927386][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1533.029807][T17318] device veth0_vlan entered promiscuous mode
[ 1533.201012][T17318] device veth1_vlan entered promiscuous mode
[ 1533.307256][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1533.330322][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1533.355217][T17318] device veth0_macvtap entered promiscuous mode
[ 1533.368813][T17318] device veth1_macvtap entered promiscuous mode
[ 1533.418612][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.443493][T17795] usb usb7: usbfs: process 17795 (syz.4.3204) did not claim interface 0 before use
[ 1533.454655][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.465789][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.477103][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.488069][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.500398][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.511153][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.522080][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.544345][T17318] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1533.553076][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1533.571574][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1533.598377][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1533.618189][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1533.646607][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.685449][T17797] loop0: detected capacity change from 0 to 1024
[ 1533.695079][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.782388][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.838064][T17797] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1533.839057][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.856585][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.867368][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.877572][T17318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.888171][T17318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.899699][T17318] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1533.925072][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1533.964840][T17804] loop4: detected capacity change from 0 to 1024
[ 1533.993597][T17797] EXT4-fs error (device loop0): ext4_empty_dir:3145: inode #11: block 32: comm syz.0.3205: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=695563, rec_len=0, size=1024 fake=1
[ 1534.013881][T17804] EXT4-fs: Ignoring removed orlov option
[ 1534.021252][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1534.060724][T17318] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.089146][T17318] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.105010][T17804] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1534.127758][T17797] EXT4-fs warning (device loop0): ext4_empty_dir:3147: inode #11: comm syz.0.3205: directory missing '.'
[ 1534.204193][T17318] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.283793][T17318] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.389070][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1534.552998][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1534.624355][T11496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.658015][T11496] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1534.742444][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1534.808934][ T6610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.830404][T17819] usb usb1: usbfs: process 17819 (syz.4.3209) did not claim interface 1 before use
[ 1534.841981][ T6610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1534.849615][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1535.240477][T17824] vivid-004: =================  START STATUS  =================
[ 1535.248373][T17824] vivid-004: Radio HW Seek Mode: Bounded
[ 1535.254094][T17824] vivid-004: Radio Programmable HW Seek: false
[ 1535.260295][T17824] vivid-004: RDS Rx I/O Mode: Block I/O
[ 1535.265905][T17824] vivid-004: Generate RBDS Instead of RDS: false
[ 1535.272289][T17824] vivid-004: RDS Reception: true
[ 1535.277243][T17824] vivid-004: RDS Program Type: 0 inactive
[ 1535.283091][T17824] vivid-004: RDS PS Name:  inactive
[ 1535.288308][T17824] vivid-004: RDS Radio Text:  inactive
[ 1535.293866][T17824] vivid-004: RDS Traffic Announcement: false inactive
[ 1535.300669][T17824] vivid-004: RDS Traffic Program: false inactive
[ 1535.307133][T17824] vivid-004: RDS Music: false inactive
[ 1535.312679][T17824] vivid-004: ==================  END STATUS  ==================
[ 1535.536774][T17832] loop2: detected capacity change from 0 to 512
[ 1535.560632][T17831] loop1: detected capacity change from 0 to 1024
[ 1535.614161][T17834] loop9: detected capacity change from 0 to 1024
[ 1535.675882][T17834] EXT4-fs: Ignoring removed oldalloc option
[ 1535.696152][T17832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1535.712086][T17834] EXT4-fs: Ignoring removed bh option
[ 1535.726347][T17831] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1535.747162][T17832] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1535.808263][T17834] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1535.865907][T17834] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1535.991542][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1536.174347][T17308] EXT4-fs (loop2): unmounting filesystem.
[ 1536.653405][T17864] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1536.730561][    C1] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1537.049324][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1537.136354][T17874] loop1: detected capacity change from 0 to 512
[ 1537.232092][T17874] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1537.288330][T17874] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1537.290093][T17874] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 1537.324210][T17874] EXT4-fs (loop1): 1 truncate cleaned up
[ 1537.324242][T17874] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1537.378901][T17886] loop9: detected capacity change from 0 to 1024
[ 1537.403269][T17870] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.3223: corrupted in-inode xattr
[ 1537.540626][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1537.623450][T17886] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1537.681113][T17897] loop2: detected capacity change from 0 to 512
[ 1537.788198][T17898] loop0: detected capacity change from 0 to 2048
[ 1537.796166][T17897] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1537.861690][T17897] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1537.890942][T17898] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1538.000689][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1538.020884][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1538.260428][T17915] netlink: 'syz.0.3235': attribute type 9 has an invalid length.
[ 1538.308489][T17915] netlink: 'syz.0.3235': attribute type 1 has an invalid length.
[ 1538.337178][T17915] netlink: 303 bytes leftover after parsing attributes in process `syz.0.3235'.
[ 1538.386748][T17308] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[ 1538.452438][T17308] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[ 1538.582404][   T27] audit: type=1326 audit(1770580869.894:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17923 comm="syz.9.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1538.676286][   T27] audit: type=1326 audit(1770580869.894:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17923 comm="syz.9.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1538.728958][   T27] audit: type=1326 audit(1770580869.954:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17923 comm="syz.9.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1538.869662][   T27] audit: type=1326 audit(1770580869.954:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17923 comm="syz.9.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1538.977636][   T27] audit: type=1326 audit(1770580869.954:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17923 comm="syz.9.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1539.097749][T17308] EXT4-fs (loop2): unmounting filesystem.
[ 1539.140039][T17937] loop0: detected capacity change from 0 to 1024
[ 1539.319416][T17937] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1539.485357][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1539.750008][T17955] program syz.0.3249 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1540.544001][T17978] netlink: 148 bytes leftover after parsing attributes in process `syz.9.3260'.
[ 1540.565148][T17981] loop4: detected capacity change from 0 to 512
[ 1540.594408][ T4284] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1540.602068][T17978] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[ 1540.618164][ T4281] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1540.628723][T17981] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1540.628912][ T4281] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1540.652381][ T4281] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1540.660197][ T4281] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1540.668858][ T4281] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1540.731973][T17981] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[ 1541.039988][T17993] loop4: detected capacity change from 0 to 128
[ 1541.168378][T17993] FAT-fs (loop4): bread failed, FSINFO block (sector = 19532)
[ 1541.261764][T17979] chnl_net:caif_netlink_parms(): no params data found
[ 1541.340169][T18003] tipc: Started in network mode
[ 1541.361026][T18003] tipc: Node identity ac1414aa, cluster identity 4711
[ 1541.420630][T18003] tipc: Enabled bearer <udp:s>, priority 10
[ 1541.494567][T18009] loop1: detected capacity change from 0 to 512
[ 1541.525109][T18009] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1541.591936][T18009] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[ 1541.624452][T17979] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.632128][T17979] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1541.640477][T17979] device bridge_slave_0 entered promiscuous mode
[ 1541.651067][T17979] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.658475][T17979] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1541.667477][T17979] device bridge_slave_1 entered promiscuous mode
[ 1541.694999][T17979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1541.708056][T17979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1541.713308][T18009] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[ 1541.748611][T17979] team0: Port device team_slave_0 added
[ 1541.757133][T17979] team0: Port device team_slave_1 added
[ 1541.780761][T17979] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.797038][T17979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1541.823813][T17979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1541.837087][T17979] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1541.844644][T17979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1541.886837][T18009] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[ 1541.921979][T18009] System zones: 0-2, 18-18, 34-35
[ 1541.966432][T18009] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1541.978206][T17979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1542.148475][T17979] device hsr_slave_0 entered promiscuous mode
[ 1542.186738][T17979] device hsr_slave_1 entered promiscuous mode
[ 1542.197007][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1542.227383][T17979] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1542.242894][T18026] loop4: detected capacity change from 0 to 512
[ 1542.249921][T17979] Cannot create hsr debugfs directory
[ 1542.357838][T18026] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1542.390695][T18026] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1542.537115][T11010] tipc: Node number set to 2886997162
[ 1542.608784][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1542.742340][T15371] Bluetooth: hci0: command 0x0409 tx timeout
[ 1542.789204][T18020] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1542.802914][T18020] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1542.848849][T18020] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1542.874178][T18020] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1542.887357][T18042] loop9: detected capacity change from 0 to 512
[ 1542.894449][T18020] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1542.924634][T18020] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1542.950824][T18020] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1542.962362][T18020] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1543.041246][T18020] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1543.066822][T18042] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1543.072798][T18020] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1543.122541][T18020] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1543.135986][T18020] Bluetooth: hci5: Suspend notifier action (1) failed: -4
[ 1543.144687][T18020] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1543.150768][T18020] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1543.168598][T18020] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[ 1543.191173][T18048] loop4: detected capacity change from 0 to 512
[ 1543.218775][T18042] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3277: Allocating blocks 41-42 which overlap fs metadata
[ 1543.237717][T18048] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1543.251388][T18042] Quota error (device loop9): write_blk: dquota write failed
[ 1543.260890][T18042] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[ 1543.270497][T18042] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3277: Allocating blocks 41-42 which overlap fs metadata
[ 1543.286458][T18042] Quota error (device loop9): write_blk: dquota write failed
[ 1543.295860][T18042] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1543.306644][T18042] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3277: Failed to acquire dquot type 1
[ 1543.319493][T18042] EXT4-fs error (device loop9): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1543.340412][T18042] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3277: corrupted inode contents
[ 1543.353532][T18048] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1543.384485][T18042] EXT4-fs error (device loop9): ext4_dirty_inode:6137: inode #12: comm syz.9.3277: mark_inode_dirty error
[ 1543.407726][T18042] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3277: corrupted inode contents
[ 1543.463029][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1543.469643][T18042] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #12: comm syz.9.3277: mark_inode_dirty error
[ 1543.523554][T18042] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3277: corrupted inode contents
[ 1543.608793][T18042] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[ 1543.644853][T18042] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3277: corrupted inode contents
[ 1543.696674][T18042] EXT4-fs error (device loop9): ext4_truncate:4318: inode #12: comm syz.9.3277: mark_inode_dirty error
[ 1543.721511][T18060] loop4: detected capacity change from 0 to 128
[ 1543.733030][T18042] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[ 1543.786388][T18042] EXT4-fs (loop9): 1 truncate cleaned up
[ 1543.795857][T18060] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1543.812192][T18042] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1544.062827][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1544.181924][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1544.324212][T18074] loop9: detected capacity change from 0 to 164
[ 1544.662986][T17979] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1544.700671][T17979] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1544.728717][T17979] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1544.770425][T17979] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1544.911838][ T4284] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1544.982045][ T4284] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1545.104006][T17979] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1545.138421][T18098] loop4: detected capacity change from 0 to 8192
[ 1545.152395][ T4284] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1545.170382][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1545.179507][T18103] loop1: detected capacity change from 0 to 256
[ 1545.189535][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1545.210140][T18103] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1545.221940][ T4284] Bluetooth: hci0: command 0x040f tx timeout
[ 1545.241363][T17979] 8021q: adding VLAN 0 to HW filter on device team0
[ 1545.301199][   T27] audit: type=1800 audit(1770580876.614:8): pid=18103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3293" name="file1" dev="loop1" ino=1048633 res=0 errno=0
[ 1545.327230][T18103] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[ 1545.338818][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1545.365056][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1545.381866][T18103] FAT-fs (loop1): Filesystem has been set read-only
[ 1545.404476][   T27] audit: type=1800 audit(1770580876.724:9): pid=18098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3291" name="file0" dev="loop4" ino=1048636 res=0 errno=0
[ 1545.426080][ T4648] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1545.433266][ T4648] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1545.467491][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1545.511529][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1545.552780][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1545.592467][ T4648] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.599640][ T4648] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1545.679073][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1545.707218][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1545.743614][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1545.782460][ T4284] Bluetooth: hci3: command 0x1003 tx timeout
[ 1545.800606][T15371] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1545.854733][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1545.952201][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.958564][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.014908][T18116] loop4: detected capacity change from 0 to 164
[ 1546.024912][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1546.040635][T18117] loop0: detected capacity change from 0 to 512
[ 1546.057824][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1546.089078][T18117] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1546.089611][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1546.221643][T17979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1546.259223][T18117] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[ 1546.274146][T15371] Bluetooth: hci1: command 0x0406 tx timeout
[ 1546.370756][T17979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1546.404212][T18117] EXT4-fs (loop0): Remounting filesystem read-only
[ 1546.424585][T18117] Quota error (device loop0): write_blk: dquota write failed
[ 1546.443552][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1546.458524][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1546.467765][T18117] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5
[ 1546.498280][T18117] Quota error (device loop0): write_blk: dquota write failed
[ 1546.513719][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1546.537931][T18117] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1546.552996][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1546.596110][T18117] EXT4-fs error (device loop0): ext4_acquire_dquot:6835: comm syz.0.3298: Failed to acquire dquot type 1
[ 1546.608044][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1546.712000][T18117] EXT4-fs (loop0): Remounting filesystem read-only
[ 1546.747870][T18117] EXT4-fs (loop0): 1 truncate cleaned up
[ 1546.797456][T18117] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1546.982014][ T4284] Bluetooth: hci4: command 0x0406 tx timeout
[ 1547.061990][ T4284] Bluetooth: hci2: command 0x0406 tx timeout
[ 1547.070173][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1547.223191][ T4284] Bluetooth: hci5: command 0x0406 tx timeout
[ 1547.302346][ T4284] Bluetooth: hci0: command 0x0419 tx timeout
[ 1547.465299][T17979] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1547.520337][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1547.552085][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1547.605249][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1547.635361][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1547.703185][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1547.735128][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1547.763538][T17979] device veth0_vlan entered promiscuous mode
[ 1547.772535][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1547.813148][T18170] loop4: detected capacity change from 0 to 128
[ 1547.834741][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1547.918257][T17979] device veth1_vlan entered promiscuous mode
[ 1548.015330][T18176] netlink: 'syz.1.3319': attribute type 13 has an invalid length.
[ 1548.043204][T18176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3319'.
[ 1548.084583][T18176] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1548.093897][T18176] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1548.103067][T18176] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1548.111870][T18176] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1548.150957][T18176] netlink: 'syz.1.3319': attribute type 13 has an invalid length.
[ 1548.201937][T18176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3319'.
[ 1548.211116][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1548.242397][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1548.275235][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1548.295930][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1548.335305][T17979] device veth0_macvtap entered promiscuous mode
[ 1548.352004][ T4284] Bluetooth: hci1: command 0x0406 tx timeout
[ 1548.422606][T17979] device veth1_macvtap entered promiscuous mode
[ 1548.556349][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1548.603308][ T6610] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1548.649736][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1548.717254][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1548.758274][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1548.785242][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1548.816946][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1548.831762][T18202] loop1: detected capacity change from 0 to 512
[ 1548.849260][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1548.875896][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1548.901999][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1548.907523][T18202] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1548.921959][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1548.941857][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.022874][T17979] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1549.034233][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1549.066418][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1549.132562][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.197822][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.252316][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.280485][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.300394][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.342803][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.362018][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.382171][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.388626][ T4284] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1549.397598][T17979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.422775][T18216] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3330'.
[ 1549.449070][T17979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.499867][T17979] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1549.546340][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1549.596758][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1549.643134][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1549.675585][T17979] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.700996][T17979] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.727376][T17979] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.761893][T17979] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.998209][ T4457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.041023][ T4457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.090002][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1550.141566][T18232] loop4: detected capacity change from 0 to 512
[ 1550.149555][ T4297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.167425][ T4297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.207357][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1550.222898][T18232] EXT4-fs: Ignoring removed orlov option
[ 1550.279659][T18232] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1550.380270][T18232] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1550.453088][T18237] netlink: 'syz.9.3337': attribute type 9 has an invalid length.
[ 1550.460961][T18237] netlink: 399 bytes leftover after parsing attributes in process `syz.9.3337'.
[ 1550.462199][T18232] EXT4-fs error (device loop4): ext4_iget_extra_inode:4756: inode #15: comm syz.4.3336: corrupted in-inode xattr
[ 1550.521643][T18232] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.3336: couldn't read orphan inode 15 (err -117)
[ 1550.599943][T18232] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1550.940491][T18252] loop9: detected capacity change from 0 to 128
[ 1550.967510][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1551.032805][T18252] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1551.457803][T18265] loop4: detected capacity change from 0 to 164
[ 1551.464885][ T4284] Bluetooth: hci0: command 0x0406 tx timeout
[ 1551.539259][T18265] iso9660: Corrupted directory entry in block 2 of inode 1792
[ 1551.668556][T18267] device geneve2 entered promiscuous mode
[ 1552.064463][T18279] netlink: 48 bytes leftover after parsing attributes in process `syz.9.3351'.
[ 1552.557899][T18296] loop0: detected capacity change from 0 to 512
[ 1552.664079][T18296] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1552.747499][T18296] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1552.806024][T18296] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #12: comm syz.0.3358: corrupted xattr block 6
[ 1552.889457][T18308] loop1: detected capacity change from 0 to 512
[ 1552.939920][T18308] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1552.974648][T18308] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[ 1552.991085][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1553.049815][T18308] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[ 1553.070461][T18308] System zones: 0-2, 18-18, 34-35
[ 1553.105577][T18308] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1553.155001][T18300] loop3: detected capacity change from 0 to 8192
[ 1553.164395][T18308] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[ 1553.173783][T18313] loop9: detected capacity change from 0 to 512
[ 1553.248345][T18313] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1553.276033][T18308] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[ 1553.328421][T18313] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1553.334215][T18308] EXT4-fs (loop1): re-mounted. Quota mode: none.
[ 1553.482450][T18308] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.3362: bg 0: block 353: padding at end of block bitmap is not set
[ 1553.499546][T18313] EXT4-fs (loop9): shut down requested (1)
[ 1553.627335][T18308] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6181: Corrupt filesystem
[ 1553.686823][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1553.886806][T18330] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3368'.
[ 1553.917900][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1554.740803][T18357] loop1: detected capacity change from 0 to 512
[ 1554.912831][T18357] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1555.021765][T18357] EXT4-fs (loop1): Online resizing not supported with sparse_super2
[ 1555.153242][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1555.467170][T18385] loop3: detected capacity change from 0 to 512
[ 1555.484003][T18384] loop9: detected capacity change from 0 to 512
[ 1555.838129][T18396] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3393'.
[ 1557.854124][T18456] loop3: detected capacity change from 0 to 512
[ 1557.861490][T18456] EXT4-fs: Ignoring removed orlov option
[ 1558.022338][T18456] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1558.105473][T18456] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1558.273354][T18456] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.3417: corrupted in-inode xattr
[ 1558.339811][T18456] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.3417: couldn't read orphan inode 15 (err -117)
[ 1558.432274][T18456] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1558.638910][T18479] loop9: detected capacity change from 0 to 512
[ 1558.710746][T17979] EXT4-fs (loop3): unmounting filesystem.
[ 1558.730303][T18479] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1558.843069][T18479] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3424: Allocating blocks 41-42 which overlap fs metadata
[ 1558.901691][T18479] Quota error (device loop9): write_blk: dquota write failed
[ 1558.938376][T18479] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[ 1558.978282][T18479] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3424: Allocating blocks 41-42 which overlap fs metadata
[ 1559.010892][T18479] Quota error (device loop9): write_blk: dquota write failed
[ 1559.081283][T18479] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1559.095074][ T4297] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1559.134711][T18479] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3424: Failed to acquire dquot type 1
[ 1559.149063][T18479] EXT4-fs error (device loop9): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1559.164302][T18479] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3424: corrupted inode contents
[ 1559.176950][T18479] EXT4-fs error (device loop9): ext4_dirty_inode:6137: inode #12: comm syz.9.3424: mark_inode_dirty error
[ 1559.196992][T18495] loop1: detected capacity change from 0 to 128
[ 1559.210568][T18495] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1559.218080][T18479] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3424: corrupted inode contents
[ 1559.320519][T18479] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #12: comm syz.9.3424: mark_inode_dirty error
[ 1559.387676][T18479] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3424: corrupted inode contents
[ 1559.411078][T18479] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[ 1559.487982][T18479] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3424: corrupted inode contents
[ 1559.534598][T18479] EXT4-fs error (device loop9): ext4_truncate:4318: inode #12: comm syz.9.3424: mark_inode_dirty error
[ 1559.582873][T18479] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[ 1559.660696][T18508] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3433'.
[ 1559.673273][T18508] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3433'.
[ 1559.744049][T18508] loop1: detected capacity change from 0 to 128
[ 1559.756707][T18508] FAT-fs (loop1): Unrecognized mount option "" or missing value
[ 1559.837746][T18479] EXT4-fs (loop9): 1 truncate cleaned up
[ 1559.898625][T18508] option changes via remount are deprecated (pid=18503 comm=syz.1.3433)
[ 1559.907581][T18508] cgroup: option or name mismatch, new: 0x10 "", old: 0x0 ""
[ 1559.946058][T18479] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1560.584462][T18508] infiniband !yz!: set active
[ 1560.589690][T18508] infiniband !yz!: added team_slave_0
[ 1560.596462][T18508] rdma_rxe: unable to create cq
[ 1560.601970][T18508] infiniband !yz!: Couldn't create ib_mad CQ
[ 1560.608657][T18508] infiniband !yz!: Couldn't open port 1
[ 1560.634675][T18508] RDS/IB: !yz!: added
[ 1560.639691][T18508] smc: adding ib device !yz! with port count 1
[ 1560.646278][T18508] smc:    ib device !yz! port 1 has pnetid 
[ 1560.695687][T18512] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3435'.
[ 1560.740268][T18512] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3435'.
[ 1560.814999][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1560.893674][T18512] device erspan0 entered promiscuous mode
[ 1560.972271][T18512] device gretap0 entered promiscuous mode
[ 1561.006539][ T4612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[ 1561.105435][T18519] loop9: detected capacity change from 0 to 512
[ 1561.142215][ T4284] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1561.158082][T18519] EXT4-fs: Ignoring removed orlov option
[ 1561.181298][T18519] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[ 1561.254322][T18519] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1561.344761][T18519] EXT4-fs error (device loop9): ext4_iget_extra_inode:4756: inode #15: comm syz.9.3436: corrupted in-inode xattr
[ 1561.442654][T18519] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.3436: couldn't read orphan inode 15 (err -117)
[ 1561.581956][T18519] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1561.877795][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1562.105547][T18540] loop1: detected capacity change from 0 to 512
[ 1562.177898][T18540] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1562.285019][T18540] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.3446: Allocating blocks 41-42 which overlap fs metadata
[ 1562.299672][T18540] Quota error (device loop1): write_blk: dquota write failed
[ 1562.307650][T18540] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[ 1562.318450][T18540] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.3446: Allocating blocks 41-42 which overlap fs metadata
[ 1562.333134][T18540] Quota error (device loop1): write_blk: dquota write failed
[ 1562.340771][T18540] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1562.351284][T18540] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3446: Failed to acquire dquot type 1
[ 1562.368570][T18540] EXT4-fs error (device loop1): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1562.386487][T18540] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3446: corrupted inode contents
[ 1562.404878][T18540] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #12: comm syz.1.3446: mark_inode_dirty error
[ 1562.426025][T18540] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3446: corrupted inode contents
[ 1562.480422][T18540] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #12: comm syz.1.3446: mark_inode_dirty error
[ 1562.515929][T18540] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3446: corrupted inode contents
[ 1562.561984][T18540] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[ 1562.588121][T18540] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3446: corrupted inode contents
[ 1562.650047][T18540] EXT4-fs error (device loop1): ext4_truncate:4318: inode #12: comm syz.1.3446: mark_inode_dirty error
[ 1562.716195][T18540] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[ 1562.782481][T18540] EXT4-fs (loop1): 1 truncate cleaned up
[ 1562.799039][T18540] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1563.039226][T18563] loop4: detected capacity change from 0 to 512
[ 1563.058249][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1563.126292][T18563] EXT4-fs: Ignoring removed orlov option
[ 1563.167804][T18563] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1563.240266][T18563] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1563.258405][T18567] loop0: detected capacity change from 0 to 1024
[ 1563.335174][T18563] EXT4-fs error (device loop4): ext4_iget_extra_inode:4756: inode #15: comm syz.4.3454: corrupted in-inode xattr
[ 1563.352232][T18577] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3459'.
[ 1563.422068][T18563] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.3454: couldn't read orphan inode 15 (err -117)
[ 1563.435343][T18567] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1563.485785][T18563] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1563.520971][T18567] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: comm syz.0.3455: inode #5: comm syz.0.3455: iget: illegal inode #
[ 1563.632507][T18567] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.3455: error while reading EA inode 5 err=-117
[ 1563.679582][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1563.844431][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1563.878758][T18592] loop4: detected capacity change from 0 to 164
[ 1564.766687][T18616] loop0: detected capacity change from 0 to 512
[ 1564.815406][T18616] EXT4-fs: Ignoring removed orlov option
[ 1564.848376][T18616] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 1564.884705][T18616] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1564.943280][T18616] EXT4-fs error (device loop0): ext4_iget_extra_inode:4756: inode #15: comm syz.0.3473: corrupted in-inode xattr
[ 1565.010311][T18616] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.3473: couldn't read orphan inode 15 (err -117)
[ 1565.068282][T18625] netlink: 'syz.4.3476': attribute type 9 has an invalid length.
[ 1565.088455][T18616] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1565.130014][T18625] netlink: 'syz.4.3476': attribute type 1 has an invalid length.
[ 1565.158566][T18625] netlink: 303 bytes leftover after parsing attributes in process `syz.4.3476'.
[ 1565.204573][T18633] loop1: detected capacity change from 0 to 164
[ 1565.423128][T17047] EXT4-fs (loop0): unmounting filesystem.
[ 1565.489289][T18643] loop4: detected capacity change from 0 to 512
[ 1565.613821][T18643] EXT4-fs: Ignoring removed nobh option
[ 1565.659505][T18643] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1565.716144][T18648] loop0: detected capacity change from 0 to 256
[ 1565.744884][T18643] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1565.766300][T18643] EXT4-fs (loop4): 1 truncate cleaned up
[ 1565.781886][T18643] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1566.030574][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1566.197454][T18662] loop4: detected capacity change from 0 to 512
[ 1566.270330][T18662] ext4: Unknown parameter 'fscontext'
[ 1566.597766][T18674] loop1: detected capacity change from 0 to 512
[ 1566.630618][T18675] loop4: detected capacity change from 0 to 164
[ 1566.642922][T18674] EXT4-fs: Ignoring removed orlov option
[ 1566.750287][T18674] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1566.815919][T18674] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1566.877642][T18674] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.3493: corrupted in-inode xattr
[ 1566.943352][T18674] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3493: couldn't read orphan inode 15 (err -117)
[ 1566.974509][T18674] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1566.977396][T18683] tipc: Failed to obtain node identity
[ 1567.063779][T18683] tipc: Enabling of bearer <ib:vlan1> rejected, failed to enable media
[ 1567.211519][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1567.699713][T18710] loop9: detected capacity change from 0 to 128
[ 1567.790471][T18715] netlink: 'syz.1.3509': attribute type 9 has an invalid length.
[ 1567.798427][T18714] loop0: detected capacity change from 0 to 164
[ 1567.822140][T18715] netlink: 'syz.1.3509': attribute type 1 has an invalid length.
[ 1567.829947][T18715] netlink: 303 bytes leftover after parsing attributes in process `syz.1.3509'.
[ 1567.865875][T18710] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1567.942463][T18710] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1568.059144][T18710] EXT4-fs error (device loop9): ext4_append:79: inode #2: comm syz.9.3505: Logical block already allocated
[ 1568.131716][T18710] EXT4-fs (loop9): Remounting filesystem read-only
[ 1568.339565][T18730] loop1: detected capacity change from 0 to 512
[ 1568.372965][T18730] EXT4-fs: Ignoring removed orlov option
[ 1568.392176][T18731] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3514'.
[ 1568.417679][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1568.438347][T18730] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1568.539094][T18730] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1568.615189][T18739] loop9: detected capacity change from 0 to 512
[ 1568.626595][T18739] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1568.669358][T18730] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.3513: corrupted in-inode xattr
[ 1568.706787][T18739] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[ 1568.719942][T18730] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3513: couldn't read orphan inode 15 (err -117)
[ 1568.742439][T18739] EXT4-fs (loop9): Remounting filesystem read-only
[ 1568.749453][T18739] Quota error (device loop9): write_blk: dquota write failed
[ 1568.757198][T18739] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[ 1568.766651][T18739] Quota error (device loop9): write_blk: dquota write failed
[ 1568.774498][T18739] Quota error (device loop9): qtree_write_dquot: Error -28 occurred while creating quota
[ 1568.784731][T18739] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3516: Failed to acquire dquot type 1
[ 1568.799071][T18739] EXT4-fs (loop9): Remounting filesystem read-only
[ 1568.806000][T18739] EXT4-fs (loop9): 1 truncate cleaned up
[ 1568.811876][T18739] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1568.832716][T18730] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1568.894807][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1569.036754][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1569.067999][T18748] loop9: detected capacity change from 0 to 512
[ 1569.107070][T18750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3520'.
[ 1569.120152][T18748] EXT4-fs: Ignoring removed nobh option
[ 1569.127090][T18748] EXT4-fs: Invalid want_extra_isize 0
[ 1569.273964][T18755] loop4: detected capacity change from 0 to 1024
[ 1569.332208][T18755] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1569.417223][T18755] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1569.474347][T18759] netlink: 'syz.0.3524': attribute type 9 has an invalid length.
[ 1569.522040][T18759] netlink: 399 bytes leftover after parsing attributes in process `syz.0.3524'.
[ 1569.733339][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1569.898459][T18772] device netdevsim0 entered promiscuous mode
[ 1569.946011][   T27] audit: type=1326 audit(1770580901.264:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18774 comm="syz.1.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22d0d9aeb9 code=0x7ffc0000
[ 1570.059427][   T27] audit: type=1326 audit(1770580901.294:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18774 comm="syz.1.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f22d0d9aeb9 code=0x7ffc0000
[ 1570.198077][   T27] audit: type=1326 audit(1770580901.294:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18774 comm="syz.1.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22d0d9aeb9 code=0x7ffc0000
[ 1570.269506][T18791] loop9: detected capacity change from 0 to 164
[ 1570.291952][   T27] audit: type=1326 audit(1770580901.294:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18774 comm="syz.1.3532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22d0d9aeb9 code=0x7ffc0000
[ 1570.341374][T18789] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1570.459003][T18789] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.3534: Allocating blocks 41-42 which overlap fs metadata
[ 1570.527915][   T27] audit: type=1326 audit(1770580901.314:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18775 comm="syz.9.3531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1570.550655][   T27] audit: type=1326 audit(1770580901.314:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18775 comm="syz.9.3531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1570.606045][T18789] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.3534: Failed to acquire dquot type 1
[ 1570.638583][T18789] EXT4-fs error (device loop4): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1570.700187][T18789] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3534: corrupted inode contents
[ 1570.707215][T18799] netlink: 'syz.1.3539': attribute type 9 has an invalid length.
[ 1570.760012][T18789] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #12: comm syz.4.3534: mark_inode_dirty error
[ 1570.781058][T18799] netlink: 399 bytes leftover after parsing attributes in process `syz.1.3539'.
[ 1570.822737][T18789] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3534: corrupted inode contents
[ 1570.852093][T18789] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.3534: mark_inode_dirty error
[ 1570.908959][T18789] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3534: corrupted inode contents
[ 1570.940302][T18789] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[ 1570.993337][T18789] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3534: corrupted inode contents
[ 1571.015069][T18789] EXT4-fs error (device loop4): ext4_truncate:4318: inode #12: comm syz.4.3534: mark_inode_dirty error
[ 1571.063285][T18789] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[ 1571.082717][T18820] netlink: 48 bytes leftover after parsing attributes in process `syz.9.3546'.
[ 1571.093091][T18789] EXT4-fs (loop4): 1 truncate cleaned up
[ 1571.114408][T18789] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1571.312845][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1571.761093][T18834] set_capacity_and_notify: 1 callbacks suppressed
[ 1571.761111][T18834] loop4: detected capacity change from 0 to 128
[ 1571.788229][T18842] loop9: detected capacity change from 0 to 2048
[ 1571.894028][T18842] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1572.205128][T18857] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[ 1572.314257][T18857] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 96 with error 28
[ 1572.411851][T18857] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1572.411851][T18857] 
[ 1572.463342][T18862] loop1: detected capacity change from 0 to 1024
[ 1572.496102][T18857] EXT4-fs (loop9): Total free blocks count 0
[ 1572.550334][T18862] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.3555: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1572.571854][T18857] EXT4-fs (loop9): Free/Dirty block details
[ 1572.607087][T18862] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.3555: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1572.629226][T18857] EXT4-fs (loop9): free_blocks=2415919504
[ 1572.669740][T18857] EXT4-fs (loop9): dirty_blocks=704
[ 1572.730329][T18857] EXT4-fs (loop9): Block reservation details
[ 1572.763222][T18857] EXT4-fs (loop9): i_reserved_data_blocks=63
[ 1572.772412][T18862] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3555: Failed to acquire dquot type 0
[ 1572.804209][T18862] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1572.835359][T18862] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.3555: mark_inode_dirty error
[ 1572.870462][T18862] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[ 1572.923452][T18862] EXT4-fs (loop1): 1 orphan inode deleted
[ 1572.929290][T18862] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1572.966951][T12439] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1573.070444][T12439] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:3: Failed to release dquot type 0
[ 1573.384914][T18883] netlink: 'syz.0.3565': attribute type 39 has an invalid length.
[ 1573.479662][T18842] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[ 1573.607739][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1573.622293][ T4297] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1573.659599][ T4297] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:5: Failed to release dquot type 0
[ 1573.707060][T18889] loop4: detected capacity change from 0 to 512
[ 1573.734582][T16933] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1573.798834][T16933] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1573.866049][T16933] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error
[ 1573.880403][T18889] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1574.084562][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1574.400573][T18910] loop9: detected capacity change from 0 to 512
[ 1574.488041][T18910] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1574.497236][T18910] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1574.519932][T18910] __quota_error: 10 callbacks suppressed
[ 1574.519953][T18910] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[ 1574.538565][T18910] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 64512
[ 1574.548920][T18910] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3570: Failed to acquire dquot type 0
[ 1574.616583][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1575.245678][T18937] loop4: detected capacity change from 0 to 512
[ 1575.439799][T18937] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1575.452444][T18937] ext4 filesystem being mounted at /112/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1575.598570][T18937] EXT4-fs warning (device loop4): ext4_group_add:1723: Can't resize non-sparse filesystem further
[ 1575.895035][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1576.708900][T18979] loop1: detected capacity change from 0 to 512
[ 1576.834008][T18979] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1577.091491][   T27] audit: type=1326 audit(1770580908.404:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18993 comm="syz.9.3603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1577.148145][T18997] device veth0 entered promiscuous mode
[ 1577.175958][   T27] audit: type=1326 audit(1770580908.434:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18993 comm="syz.9.3603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1577.178251][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1577.206537][T18997] device veth0 left promiscuous mode
[ 1577.282380][   T27] audit: type=1326 audit(1770580908.444:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18993 comm="syz.9.3603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1577.381992][   T27] audit: type=1326 audit(1770580908.444:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18993 comm="syz.9.3603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f7f9aeb9 code=0x7ffc0000
[ 1577.597601][T19008] netlink: 'syz.1.3604': attribute type 4 has an invalid length.
[ 1577.741641][T19012] netlink: 'syz.1.3604': attribute type 17 has an invalid length.
[ 1577.769714][T19012] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1577.953619][T19020] netlink: 'syz.0.3611': attribute type 9 has an invalid length.
[ 1577.999985][T19020] netlink: 399 bytes leftover after parsing attributes in process `syz.0.3611'.
[ 1578.749811][T15371] Bluetooth: hci4: command 0x0406 tx timeout
[ 1578.756186][ T4284] Bluetooth: hci2: command 0x0406 tx timeout
[ 1579.333430][T19056] netlink: 'syz.9.3624': attribute type 9 has an invalid length.
[ 1579.341238][T19056] netlink: 399 bytes leftover after parsing attributes in process `syz.9.3624'.
[ 1579.727993][T19069] loop9: detected capacity change from 0 to 512
[ 1579.763496][T19069] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1579.834947][T19069] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1579.887677][T19069] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1580.033531][T19069] EXT4-fs (loop9): shut down requested (2)
[ 1580.062306][T19077] loop4: detected capacity change from 0 to 1024
[ 1580.137936][T19077] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1580.180910][T19077] EXT4-fs (loop4): revision level too high, forcing read-only mode
[ 1580.208910][T19077] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1580.224577][T19077] EXT4-fs error (device loop4): ext4_free_blocks:6221: comm syz.4.3630: Freeing blocks not in datazone - block = 0, count = 4096
[ 1580.341053][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1580.493730][T19077] EXT4-fs (loop4): Remounting filesystem read-only
[ 1580.558487][T19077] EXT4-fs (loop4): 1 orphan inode deleted
[ 1580.610425][T19077] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1580.684030][T19077] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz.4.3630: path /120/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[ 1580.838367][T19092] loop9: detected capacity change from 0 to 2048
[ 1580.889008][T19077] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 17: comm syz.4.3630: path /120/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1580.925224][T19077] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 18: comm syz.4.3630: path /120/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1580.954544][T19077] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 19: comm syz.4.3630: path /120/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1580.995130][T19092] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1581.191593][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1581.297180][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1581.431731][T19106] netlink: 'syz.9.3639': attribute type 9 has an invalid length.
[ 1581.508018][T19106] netlink: 399 bytes leftover after parsing attributes in process `syz.9.3639'.
[ 1581.988487][T19120] loop9: detected capacity change from 0 to 128
[ 1582.596269][T19144] loop1: detected capacity change from 0 to 128
[ 1582.625681][T19145] 9pnet_fd: Insufficient options for proto=fd
[ 1583.020085][T19153] netlink: 'syz.1.3656': attribute type 9 has an invalid length.
[ 1583.052279][T19153] netlink: 399 bytes leftover after parsing attributes in process `syz.1.3656'.
[ 1583.102750][T19155] loop4: detected capacity change from 0 to 512
[ 1583.147951][T19155] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1583.191090][T19155] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.3657: Allocating blocks 41-42 which overlap fs metadata
[ 1583.242654][T19155] Quota error (device loop4): write_blk: dquota write failed
[ 1583.292248][T19155] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[ 1583.372177][T19155] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1583.412113][T19155] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.3657: Failed to acquire dquot type 1
[ 1583.485717][T19155] EXT4-fs error (device loop4): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1583.590943][T19155] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3657: corrupted inode contents
[ 1583.617632][T19168] loop9: detected capacity change from 0 to 512
[ 1583.660297][T19155] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #12: comm syz.4.3657: mark_inode_dirty error
[ 1583.721126][T19155] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3657: corrupted inode contents
[ 1583.744144][T19173] loop1: detected capacity change from 0 to 128
[ 1583.761688][T19155] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.3657: mark_inode_dirty error
[ 1583.786314][T19155] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3657: corrupted inode contents
[ 1583.849775][T19173] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1583.888525][T19168] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1583.894134][T19155] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[ 1583.932444][T19173] ext4 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1583.970369][T19155] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.3657: corrupted inode contents
[ 1583.984981][T19155] EXT4-fs error (device loop4): ext4_truncate:4318: inode #12: comm syz.4.3657: mark_inode_dirty error
[ 1584.006167][T19155] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[ 1584.034486][T19155] EXT4-fs (loop4): 1 truncate cleaned up
[ 1584.053005][T19155] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1584.119419][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1584.155470][   T27] audit: type=1800 audit(1770580915.474:23): pid=19168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3662" name="bus" dev="loop9" ino=18 res=0 errno=0
[ 1584.294889][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1584.448363][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1584.727392][T19197] netlink: 'syz.4.3670': attribute type 9 has an invalid length.
[ 1584.761926][T19197] netlink: 399 bytes leftover after parsing attributes in process `syz.4.3670'.
[ 1585.122982][T19208] loop4: detected capacity change from 0 to 764
[ 1586.229095][T19235] netlink: 'syz.9.3684': attribute type 9 has an invalid length.
[ 1586.266874][T19238] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3685'.
[ 1586.309622][T19235] netlink: 399 bytes leftover after parsing attributes in process `syz.9.3684'.
[ 1586.354005][T19241] netlink: 'syz.0.3686': attribute type 10 has an invalid length.
[ 1586.376108][T19241] team0: Port device dummy0 added
[ 1586.427441][T19241] netlink: 'syz.0.3686': attribute type 10 has an invalid length.
[ 1586.436694][T19241] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1586.490429][T19241] team0: Failed to send options change via netlink (err -105)
[ 1586.498602][T19241] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1586.508830][T19241] team0: Port device dummy0 removed
[ 1586.517778][T19241] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1587.024288][T19261] loop4: detected capacity change from 0 to 512
[ 1587.031425][T19261] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1587.202521][T19261] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1587.239031][T19266] loop1: detected capacity change from 0 to 128
[ 1587.288530][T19261] EXT4-fs (loop4): revision level too high, forcing read-only mode
[ 1587.312689][T19261] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[ 1587.386624][T19261] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[ 1587.433138][T19266] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1587.462533][T19261] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[ 1587.471299][T19261] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1587.532766][T19266] ext4 filesystem being mounted at /147/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1587.636136][T19261] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.3692: dx entry: limit 65535 != root limit 120
[ 1587.725949][T19261] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.3692: Corrupt directory, running e2fsck is recommended
[ 1587.854231][T19281] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3699'.
[ 1587.894945][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1588.035330][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1588.346974][T19294] loop1: detected capacity change from 0 to 512
[ 1588.445909][T19294] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1588.627281][T19294] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.3701: Allocating blocks 41-42 which overlap fs metadata
[ 1588.775222][T19294] Quota error (device loop1): write_blk: dquota write failed
[ 1588.783268][T19294] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[ 1588.824147][T19294] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1588.897964][T19294] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3701: Failed to acquire dquot type 1
[ 1588.981721][T19294] EXT4-fs error (device loop1): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1589.083644][T19294] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3701: corrupted inode contents
[ 1589.144701][T19316] loop9: detected capacity change from 0 to 164
[ 1589.176880][T19294] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #12: comm syz.1.3701: mark_inode_dirty error
[ 1589.242460][T19316] iso9660: Corrupted directory entry in block 2 of inode 1792
[ 1589.339041][T19294] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3701: corrupted inode contents
[ 1589.409863][T19324] loop4: detected capacity change from 0 to 128
[ 1589.446100][T19294] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #12: comm syz.1.3701: mark_inode_dirty error
[ 1589.562343][T19294] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3701: corrupted inode contents
[ 1589.581742][T19327] netlink: 'syz.0.3713': attribute type 9 has an invalid length.
[ 1589.610904][T19327] netlink: 399 bytes leftover after parsing attributes in process `syz.0.3713'.
[ 1589.651506][T19324] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1589.660745][T19294] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[ 1589.777453][T19324] ext4 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1589.809440][T19294] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #12: comm syz.1.3701: corrupted inode contents
[ 1589.842471][T19294] EXT4-fs error (device loop1): ext4_truncate:4318: inode #12: comm syz.1.3701: mark_inode_dirty error
[ 1589.962360][T19294] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[ 1590.052138][T19294] EXT4-fs (loop1): 1 truncate cleaned up
[ 1590.061943][T19294] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1590.331888][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1590.530316][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1590.887693][T19350] loop9: detected capacity change from 0 to 512
[ 1591.104376][ T4281] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1591.133023][ T4281] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1591.145042][ T4281] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1591.163663][ T4281] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1591.171478][ T4281] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1591.178737][T19350] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1591.188059][ T4281] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1591.329348][T19350] ext4 filesystem being mounted at /114/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1591.535993][T19367] loop1: detected capacity change from 0 to 128
[ 1591.731077][T19369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3726'.
[ 1592.047496][T19369] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3726'.
[ 1592.536921][T19367] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1592.572051][T19367] ext4 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1592.804345][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1592.986946][T19382] 9pnet_fd: Insufficient options for proto=fd
[ 1593.097019][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1593.221921][ T4281] Bluetooth: hci3: command 0x0409 tx timeout
[ 1593.691459][T19398] loop4: detected capacity change from 0 to 512
[ 1593.860889][ T4612] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1593.923099][T19398] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1593.956053][T19360] chnl_net:caif_netlink_parms(): no params data found
[ 1594.087642][T19398] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1594.179926][T19360] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1594.264722][T19411] loop9: detected capacity change from 0 to 128
[ 1594.277885][T19360] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1594.303100][T19360] device bridge_slave_0 entered promiscuous mode
[ 1594.370251][T19398] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[ 1594.522078][T19398] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 64512
[ 1594.550262][ T4612] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1594.602304][T19360] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1594.609506][T19360] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1594.611640][T19398] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.3732: Failed to acquire dquot type 0
[ 1594.673637][T19360] device bridge_slave_1 entered promiscuous mode
[ 1595.014191][ T4612] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1595.154224][T19360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1595.178717][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1595.204918][T19433] loop9: detected capacity change from 0 to 128
[ 1595.312930][ T4281] Bluetooth: hci3: command 0x041b tx timeout
[ 1595.411909][T19433] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1595.489268][ T4612] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1595.605527][T19360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1595.794938][T19445] 9pnet_fd: Insufficient options for proto=fd
[ 1595.816648][T19447] netlink: 'syz.0.3745': attribute type 9 has an invalid length.
[ 1595.840736][T19360] team0: Port device team_slave_0 added
[ 1595.880851][T19360] team0: Port device team_slave_1 added
[ 1595.892206][T19447] netlink: 399 bytes leftover after parsing attributes in process `syz.0.3745'.
[ 1596.012884][T19360] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1596.019904][T19360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1596.123416][T19360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1596.196577][T19360] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1596.207418][T19452] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1596.240789][T19360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1596.291677][    C0] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1596.362588][T19360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1596.638012][T19360] device hsr_slave_0 entered promiscuous mode
[ 1596.684364][T19360] device hsr_slave_1 entered promiscuous mode
[ 1596.751166][T19360] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1596.790805][T19360] Cannot create hsr debugfs directory
[ 1596.822571][T19462] loop9: detected capacity change from 0 to 1024
[ 1597.258327][T19470] loop4: detected capacity change from 0 to 512
[ 1597.292091][T19462] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1597.382074][ T4281] Bluetooth: hci3: command 0x040f tx timeout
[ 1597.619492][T19470] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1597.791917][T19470] ext4 filesystem being mounted at /146/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1597.806437][   T27] audit: type=1800 audit(1770580929.124:24): pid=19462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.3751" name="file1" dev="loop9" ino=15 res=0 errno=0
[ 1598.090447][T19470] EXT4-fs: Ignoring removed orlov option
[ 1598.150456][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1598.162094][T19470] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1598.284482][T19470] EXT4-fs (loop4): can't enable nombcache during remount
[ 1598.626558][T19495] loop9: detected capacity change from 0 to 128
[ 1598.734493][T19495] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1598.756077][T19495] ext4 filesystem being mounted at /122/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1598.960437][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1599.082908][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1599.294665][T19512] netlink: 'syz.0.3765': attribute type 9 has an invalid length.
[ 1599.328005][T19512] netlink: 399 bytes leftover after parsing attributes in process `syz.0.3765'.
[ 1599.357641][T19514] loop9: detected capacity change from 0 to 512
[ 1599.466415][ T4281] Bluetooth: hci3: command 0x0419 tx timeout
[ 1599.584152][T19514] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1599.752727][T19360] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1599.778445][T19360] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1599.849973][T19360] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1600.186414][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1600.283174][  T126] kernel write not supported for file /vcs (pid: 126 comm: kworker/0:2)
[ 1600.463216][T19538] loop1: detected capacity change from 0 to 512
[ 1600.590117][T19538] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1600.632119][T19538] ext4 filesystem being mounted at /159/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1600.811872][T19538] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[ 1600.963543][T19360] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1600.973445][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1601.004995][T19553] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3774'.
[ 1601.389485][T19360] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1601.452738][ T4612] device hsr_slave_0 left promiscuous mode
[ 1601.477452][T19570] loop1: detected capacity change from 0 to 512
[ 1601.494805][ T4612] device hsr_slave_1 left promiscuous mode
[ 1601.524418][ T4612] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1601.535670][T19570] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1601.557092][ T4612] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1601.566427][T19573] loop9: detected capacity change from 0 to 128
[ 1601.605473][ T4612] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1601.636253][T19570] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[ 1601.642282][ T4612] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1601.673219][T19573] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1601.697064][ T4612] device bridge_slave_1 left promiscuous mode
[ 1601.697417][T19570] EXT4-fs (loop1): Remounting filesystem read-only
[ 1601.705424][ T4612] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1601.720522][ T4612] device bridge_slave_0 left promiscuous mode
[ 1601.727366][ T4612] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1601.756583][T19570] Quota error (device loop1): write_blk: dquota write failed
[ 1601.843025][T19570] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[ 1601.862333][T19578] loop4: detected capacity change from 0 to 512
[ 1601.882433][T19570] Quota error (device loop1): write_blk: dquota write failed
[ 1601.890003][T19570] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1601.959888][ T4612] device veth1_macvtap left promiscuous mode
[ 1601.968929][ T4612] device veth0_macvtap left promiscuous mode
[ 1601.972519][T19570] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3779: Failed to acquire dquot type 1
[ 1601.989856][T19578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1602.008849][ T4612] device veth1_vlan left promiscuous mode
[ 1602.021552][T19570] EXT4-fs (loop1): Remounting filesystem read-only
[ 1602.031428][T19570] EXT4-fs (loop1): 1 truncate cleaned up
[ 1602.037400][T19570] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1602.083230][T19578] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1602.097362][ T4612] device veth0_vlan left promiscuous mode
[ 1602.149500][T19570] Quota error (device loop1): write_blk: dquota write failed
[ 1602.172002][T19570] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1602.209249][T19570] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3779: Failed to acquire dquot type 1
[ 1602.250310][T19570] EXT4-fs (loop1): Remounting filesystem read-only
[ 1602.414886][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1602.711172][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1602.902958][T19592] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3784'.
[ 1602.956461][T19594] netlink: 'syz.9.3786': attribute type 9 has an invalid length.
[ 1603.001554][T19594] netlink: 399 bytes leftover after parsing attributes in process `syz.9.3786'.
[ 1603.559611][T19607] loop4: detected capacity change from 0 to 128
[ 1603.583681][T19607] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1603.962094][T19611] loop4: detected capacity change from 0 to 512
[ 1604.061692][T19611] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1604.203309][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1604.340736][ T4612] team0 (unregistering): Port device team_slave_1 removed
[ 1604.399249][ T4612] team0 (unregistering): Port device team_slave_0 removed
[ 1604.456335][ T4612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1604.515445][ T4612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1604.867858][ T4612] bond0 (unregistering): Released all slaves
[ 1604.999781][T19360] 8021q: adding VLAN 0 to HW filter on device team0
[ 1605.015269][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1605.027308][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1605.104135][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1605.124979][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1605.185232][ T4648] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1605.192588][ T4648] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1605.219910][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1605.245205][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1605.281182][ T4648] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1605.288434][ T4648] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1605.313277][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1605.332970][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1605.352331][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1605.396462][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1605.414720][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1605.456286][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1605.507410][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1605.543968][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1605.562801][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1605.618526][T19360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1605.644773][T19360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1605.671910][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1605.683386][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1605.724236][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1606.735142][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1606.744087][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1606.768474][T19360] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1606.807469][T19668] loop9: detected capacity change from 0 to 128
[ 1606.893815][T19668] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1607.188529][T19677] loop4: detected capacity change from 0 to 2048
[ 1607.286977][T19684] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3819'.
[ 1607.363744][T19677] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1607.387821][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.394355][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.598415][T19694] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[ 1607.678510][T19694] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 28
[ 1607.704315][T19699] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1607.734679][    C0] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1607.749868][T19694] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1607.749868][T19694] 
[ 1607.851986][T19694] EXT4-fs (loop4): Total free blocks count 0
[ 1607.858147][T19694] EXT4-fs (loop4): Free/Dirty block details
[ 1607.985340][T19694] EXT4-fs (loop4): free_blocks=2415919504
[ 1608.052394][T19694] EXT4-fs (loop4): dirty_blocks=560
[ 1608.072086][T19694] EXT4-fs (loop4): Block reservation details
[ 1608.091892][T19694] EXT4-fs (loop4): i_reserved_data_blocks=35
[ 1608.146000][T19677] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 128 with max blocks 426 with error 28
[ 1608.228910][T19714] tmpfs: Unknown parameter ''
[ 1608.317732][T19717] loop9: detected capacity change from 0 to 512
[ 1608.365064][T19717] EXT4-fs: Ignoring removed orlov option
[ 1608.401650][T19717] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1608.439716][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1608.463672][T19717] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1608.477462][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1608.492036][T19717] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.3827: bg 0: block 248: padding at end of block bitmap is not set
[ 1608.514648][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1608.549082][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1608.600544][T19722] loop1: detected capacity change from 0 to 128
[ 1608.615512][T19360] device veth0_vlan entered promiscuous mode
[ 1608.630688][T19717] Quota error (device loop9): write_blk: dquota write failed
[ 1608.640653][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1608.648799][T19717] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1608.660246][T19717] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3827: Failed to acquire dquot type 1
[ 1608.673455][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1608.683195][T19722] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1608.703151][T19360] device veth1_vlan entered promiscuous mode
[ 1608.726003][T19726] loop4: detected capacity change from 0 to 128
[ 1608.754959][T19717] EXT4-fs (loop9): 1 truncate cleaned up
[ 1608.778120][T19717] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1608.795492][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1608.804755][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1608.870794][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1608.903363][T19717] EXT4-fs: Ignoring removed orlov option
[ 1608.906831][T19726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1608.909359][T19717] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1608.927215][ T4648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1608.962435][T19360] device veth0_macvtap entered promiscuous mode
[ 1608.995854][T19360] device veth1_macvtap entered promiscuous mode
[ 1609.019089][T19726] ext4 filesystem being mounted at /163/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1609.024930][T19717] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[ 1609.112912][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.136196][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.153862][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.177473][T19717] EXT4-fs error (device loop9): __ext4_remount:6644: comm syz.9.3827: Abort forced by user
[ 1609.196823][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.208908][T19717] EXT4-fs (loop9): Remounting filesystem read-only
[ 1609.232418][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.254144][T19717] EXT4-fs (loop9): re-mounted. Quota mode: writeback.
[ 1609.270069][T19717] ext4 filesystem being remounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1609.282265][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.302439][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.343388][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.378402][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.407414][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.432919][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1609.439946][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1609.453348][T19360] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1609.462077][ T4281] Bluetooth: hci5: command 0x0406 tx timeout
[ 1609.497871][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1609.544672][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1609.590115][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1609.627405][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1609.671295][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.702087][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.742564][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.774737][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.806463][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.848781][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.898743][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.946845][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.993055][T19360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1610.028706][T19360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1610.059197][T19360] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1610.092280][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1610.131594][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1610.158048][T19360] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.180094][T19759] loop9: detected capacity change from 0 to 128
[ 1610.193598][T19360] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.236901][T19759] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1610.249542][T19360] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.311475][T19761] loop4: detected capacity change from 0 to 512
[ 1610.328206][T19360] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.394464][T19761] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1610.699043][ T4612] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1610.720082][ T4612] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1610.765299][ T4457] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1610.823587][T11496] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1610.831911][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1610.859099][T11496] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1610.890091][T11496] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1611.108241][T19789] loop4: detected capacity change from 0 to 128
[ 1611.455160][T19800] loop1: detected capacity change from 0 to 128
[ 1611.503061][T19800] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1611.820870][T19814] loop7: detected capacity change from 0 to 512
[ 1611.916695][T19814] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1611.985839][T19823] netlink: 'syz.0.3861': attribute type 39 has an invalid length.
[ 1612.230832][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1612.402624][T19838] device syzkaller0 entered promiscuous mode
[ 1612.413284][T19838] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3866'.
[ 1612.443314][T19838] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3866'.
[ 1612.598204][   T27] audit: type=1326 audit(1770580943.914:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19842 comm="syz.4.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840e59aeb9 code=0x7ffc0000
[ 1612.711845][   T27] audit: type=1326 audit(1770580943.964:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19842 comm="syz.4.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f840e59aeb9 code=0x7ffc0000
[ 1612.811831][   T27] audit: type=1326 audit(1770580943.964:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19842 comm="syz.4.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840e59aeb9 code=0x7ffc0000
[ 1612.899130][T19852] loop4: detected capacity change from 0 to 1024
[ 1612.911840][   T27] audit: type=1326 audit(1770580943.964:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19842 comm="syz.4.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840e59aeb9 code=0x7ffc0000
[ 1613.010113][T19852] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 2: comm syz.4.3874: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1613.116914][T19860] loop7: detected capacity change from 0 to 512
[ 1613.162025][T19852] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1613.171211][T19852] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 48: comm syz.4.3874: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1613.271576][T19860] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1613.289029][T19860] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1613.332071][T19852] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1613.351926][T19852] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.3874: Failed to acquire dquot type 0
[ 1613.439031][T19852] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1613.454905][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1613.477434][T19844] loop1: detected capacity change from 0 to 1024
[ 1613.490318][T19852] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #11: comm syz.4.3874: mark_inode_dirty error
[ 1613.557578][T19852] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[ 1613.590088][T19871] loop9: detected capacity change from 0 to 2048
[ 1613.602346][T19844] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1613.641447][T19852] EXT4-fs (loop4): 1 orphan inode deleted
[ 1613.652148][ T4648] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:17: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1613.672907][T19852] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1613.682839][ T4648] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1613.691407][ T4648] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:17: Failed to release dquot type 0
[ 1613.736831][T19871] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1613.747691][T19844] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.3870: Allocating blocks 497-513 which overlap fs metadata
[ 1613.837700][   T27] audit: type=1800 audit(1770580945.154:29): pid=19862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3870" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1613.902777][T19843] EXT4-fs (loop1): pa ffff8880728378c0: logic 16, phys. 129, len 24
[ 1613.911622][T19843] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 1613.944170][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1613.963779][T19884] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[ 1614.002614][T12439] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1614.062757][T12439] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1614.071273][T12439] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:3: Failed to release dquot type 0
[ 1614.074803][T19884] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 114 with error 28
[ 1614.196522][T17043] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1614.237549][T17043] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1614.265732][T17043] EXT4-fs error (device loop4): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error
[ 1614.405762][T19884] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1614.405762][T19884] 
[ 1614.444817][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1614.541977][T19884] EXT4-fs (loop9): Total free blocks count 0
[ 1614.597418][T19884] EXT4-fs (loop9): Free/Dirty block details
[ 1614.647616][T19884] EXT4-fs (loop9): free_blocks=2415919504
[ 1614.708241][T19884] EXT4-fs (loop9): dirty_blocks=1360
[ 1614.766600][T19884] EXT4-fs (loop9): Block reservation details
[ 1614.824195][T19884] EXT4-fs (loop9): i_reserved_data_blocks=105
[ 1614.864967][T19910] loop1: detected capacity change from 0 to 128
[ 1615.289137][T19922] loop1: detected capacity change from 0 to 1024
[ 1615.375750][T19922] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.3894: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1615.412581][T19871] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[ 1615.452734][T19922] Quota error (device loop1): qtree_write_dquot: dquota write failed
[ 1615.522081][T19922] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.3894: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1615.591073][T19922] Quota error (device loop1): v2_write_file_info: Can't write info structure
[ 1615.622700][T19922] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3894: Failed to acquire dquot type 0
[ 1615.709806][T19934] loop7: detected capacity change from 0 to 512
[ 1615.726036][T19922] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1615.759596][T19922] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.3894: mark_inode_dirty error
[ 1615.805874][T19934] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1615.807028][T19922] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[ 1615.855864][T19922] EXT4-fs (loop1): 1 orphan inode deleted
[ 1615.861691][T19922] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1615.900124][ T4648] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:17: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1615.985936][ T4648] Quota error (device loop1): remove_tree: Can't read quota data block 1
[ 1616.015453][ T4648] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:17: Failed to release dquot type 0
[ 1616.141051][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1616.149202][ T4389] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1616.174602][T19948] loop4: detected capacity change from 0 to 128
[ 1616.252791][ T4389] Quota error (device loop1): remove_tree: Can't read quota data block 1
[ 1616.261318][ T4389] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:8: Failed to release dquot type 0
[ 1616.292376][T16933] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1616.307419][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1616.323011][T16933] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1616.362294][T16933] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error
[ 1616.643191][T19961] loop1: detected capacity change from 0 to 512
[ 1616.756747][T19961] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1616.768702][T19961] ext4 filesystem being mounted at /193/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1616.979588][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1617.322456][T19982] loop9: detected capacity change from 0 to 512
[ 1617.474766][T19982] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1617.521962][T19982] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1617.618105][T19990] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.3916: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1617.703666][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1617.814488][T19990] Quota error (device loop1): qtree_write_dquot: dquota write failed
[ 1617.862972][T19990] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.3916: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1617.917015][T19990] Quota error (device loop1): v2_write_file_info: Can't write info structure
[ 1617.931608][T19990] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.3916: Failed to acquire dquot type 0
[ 1617.987938][T19990] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1618.021063][T19990] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.3916: mark_inode_dirty error
[ 1618.115006][T19990] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[ 1618.155429][T19990] EXT4-fs (loop1): 1 orphan inode deleted
[ 1618.161252][T19990] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1618.183740][ T4297] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1618.215350][ T4297] Quota error (device loop1): remove_tree: Can't read quota data block 1
[ 1618.292842][ T4297] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:5: Failed to release dquot type 0
[ 1618.340804][T20012] set_capacity_and_notify: 1 callbacks suppressed
[ 1618.340822][T20012] loop9: detected capacity change from 0 to 4096
[ 1618.454355][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1618.475724][T20012] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1618.487333][ T4612] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:16: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1618.570041][ T4612] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:16: Failed to release dquot type 0
[ 1618.602841][T20025] loop4: detected capacity change from 0 to 512
[ 1618.659085][T16933] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1618.704970][T20025] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1618.714601][T16933] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[ 1618.724752][T16933] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error
[ 1618.882419][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1619.092523][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1619.783614][T20065] loop7: detected capacity change from 0 to 1024
[ 1619.815249][T20065] EXT4-fs: Ignoring removed bh option
[ 1619.884653][T20065] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1620.196354][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1620.412725][T20089] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3950'.
[ 1620.509033][T20093] xt_hashlimit: size too large, truncated to 1048576
[ 1620.946007][T20111] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3958'.
[ 1620.988450][T20112] loop9: detected capacity change from 0 to 512
[ 1621.072937][T20112] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1621.136764][T20112] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1621.622463][T20133] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3967'.
[ 1622.117714][T20150] loop7: detected capacity change from 0 to 512
[ 1622.183084][T20150] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1623.480690][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1623.543406][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1623.767104][T20183] loop9: detected capacity change from 0 to 512
[ 1623.832993][T20183] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1623.882991][T20183] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1623.913408][T20183] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3974: Allocating blocks 41-42 which overlap fs metadata
[ 1623.987880][T20183] __quota_error: 1 callbacks suppressed
[ 1623.987899][T20183] Quota error (device loop9): write_blk: dquota write failed
[ 1624.049372][T20183] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[ 1624.107434][T20183] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3852: comm syz.9.3974: Allocating blocks 41-42 which overlap fs metadata
[ 1624.214263][T20183] Quota error (device loop9): write_blk: dquota write failed
[ 1624.242033][T20183] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1624.285367][T20183] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.3974: Failed to acquire dquot type 1
[ 1624.341943][T20183] EXT4-fs error (device loop9): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1624.407383][T20183] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3974: corrupted inode contents
[ 1624.486418][T20183] EXT4-fs error (device loop9): ext4_dirty_inode:6137: inode #12: comm syz.9.3974: mark_inode_dirty error
[ 1624.508398][T20183] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3974: corrupted inode contents
[ 1624.571854][T20183] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #12: comm syz.9.3974: mark_inode_dirty error
[ 1624.612333][T20183] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3974: corrupted inode contents
[ 1624.681874][T20183] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[ 1624.720722][T20183] EXT4-fs error (device loop9): ext4_do_update_inode:5272: inode #12: comm syz.9.3974: corrupted inode contents
[ 1624.768588][T20183] EXT4-fs error (device loop9): ext4_truncate:4318: inode #12: comm syz.9.3974: mark_inode_dirty error
[ 1624.840191][T20183] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[ 1624.880609][T20183] EXT4-fs (loop9): 1 truncate cleaned up
[ 1624.910462][T20183] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1624.983321][T20183] EXT4-fs (loop9): unmounting filesystem.
[ 1625.109333][T20213] device netdevsim0 entered promiscuous mode
[ 1625.193673][T20214] loop7: detected capacity change from 0 to 128
[ 1625.352358][T20214] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1625.372337][T20214] ext4 filesystem being mounted at /33/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1625.725351][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1626.723362][T20265] device netdevsim0 entered promiscuous mode
[ 1627.614398][T20299] netlink: 'syz.7.4013': attribute type 9 has an invalid length.
[ 1627.644691][T20299] netlink: 399 bytes leftover after parsing attributes in process `syz.7.4013'.
[ 1627.657004][T20300] device syzkaller0 entered promiscuous mode
[ 1627.696605][T20300] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4012'.
[ 1627.730745][T20300] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4012'.
[ 1627.756742][T20300] 0: reclassify loop, rule prio 0, protocol 800
[ 1628.309195][T20320] netlink: 72 bytes leftover after parsing attributes in process `syz.7.4018'.
[ 1628.320502][T20320] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4018'.
[ 1628.349573][T20320] loop7: detected capacity change from 0 to 128
[ 1628.356909][T20320] FAT-fs (loop7): Unrecognized mount option "" or missing value
[ 1628.525847][T20320] option changes via remount are deprecated (pid=20315 comm=syz.7.4018)
[ 1628.534494][T20320] cgroup: option or name mismatch, new: 0x10 "", old: 0x0 ""
[ 1628.550633][T20320] rdma_rxe: rxe_register_device failed with error -23
[ 1628.558120][T20320] rdma_rxe: failed to add team_slave_0
[ 1629.991589][T20354] 9pnet_fd: Insufficient options for proto=fd
[ 1630.224348][T20361] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4035'.
[ 1630.238581][T20361] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4035'.
[ 1630.385525][T20361] rdma_rxe: rxe_register_device failed with error -23
[ 1630.392908][T20361] rdma_rxe: failed to add team_slave_0
[ 1631.396420][T20376] loop9: detected capacity change from 0 to 512
[ 1631.488864][T20380] netlink: 'syz.0.4045': attribute type 9 has an invalid length.
[ 1631.539036][T20376] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1631.548318][T20380] netlink: 303 bytes leftover after parsing attributes in process `syz.0.4045'.
[ 1631.768411][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1631.962094][T20400] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4051'.
[ 1632.008659][T20400] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1632.288065][T20414] loop7: detected capacity change from 0 to 128
[ 1632.338609][T20414] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1632.498357][T20414] ext4 filesystem being mounted at /50/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1632.845584][T20433] netlink: 'syz.1.4061': attribute type 9 has an invalid length.
[ 1632.875061][T20433] netlink: 'syz.1.4061': attribute type 1 has an invalid length.
[ 1632.929342][T20433] netlink: 303 bytes leftover after parsing attributes in process `syz.1.4061'.
[ 1633.219777][T20444] loop1: detected capacity change from 0 to 128
[ 1633.264712][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1633.324389][T20444] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1633.393158][T20444] ext4 filesystem being mounted at /230/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1633.463347][T20452] netlink: 64 bytes leftover after parsing attributes in process `syz.9.4068'.
[ 1633.665467][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1633.791295][T20466] loop9: detected capacity change from 0 to 512
[ 1633.824144][T20466] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1633.898307][T20466] EXT4-fs (loop9): 1 truncate cleaned up
[ 1633.932181][T20466] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1633.991360][T20474] loop7: detected capacity change from 0 to 512
[ 1634.102103][T20474] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1634.295602][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1635.465198][T20509] netlink: 'syz.4.4088': attribute type 9 has an invalid length.
[ 1635.532274][T20509] netlink: 'syz.4.4088': attribute type 1 has an invalid length.
[ 1635.575233][T20509] netlink: 303 bytes leftover after parsing attributes in process `syz.4.4088'.
[ 1635.677287][T20514] netlink: 72 bytes leftover after parsing attributes in process `syz.7.4089'.
[ 1635.688943][T20514] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4089'.
[ 1635.761874][T20514] loop7: detected capacity change from 0 to 128
[ 1635.774588][T20514] FAT-fs (loop7): Unrecognized mount option "" or missing value
[ 1636.502522][T17547] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1636.517044][T20513] option changes via remount are deprecated (pid=20510 comm=syz.7.4089)
[ 1636.525915][T20513] cgroup: option or name mismatch, new: 0x10 "", old: 0x0 ""
[ 1636.534199][T20513] rdma_rxe: rxe_register_device failed with error -23
[ 1636.541151][T20513] rdma_rxe: failed to add team_slave_0
[ 1636.857725][T20530] loop7: detected capacity change from 0 to 128
[ 1636.866267][T17547] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1636.968444][T20530] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1637.004673][T20530] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1637.044074][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1637.380066][T19360] EXT4-fs (loop7): unmounting filesystem.
[ 1637.617860][T20552] netlink: 'syz.1.4103': attribute type 9 has an invalid length.
[ 1637.660614][T20552] netlink: 'syz.1.4103': attribute type 1 has an invalid length.
[ 1637.745839][T20559] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4104'.
[ 1637.757049][T20559] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4104'.
[ 1637.837381][T20559] rdma_rxe: rxe_register_device failed with error -23
[ 1637.845299][T20559] rdma_rxe: failed to add team_slave_0
[ 1637.905066][T20552] netlink: 303 bytes leftover after parsing attributes in process `syz.1.4103'.
[ 1638.598133][T20565] loop9: detected capacity change from 0 to 512
[ 1638.726521][T20565] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1638.910485][T20575] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4109'.
[ 1639.043571][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1639.460514][T20598] loop4: detected capacity change from 0 to 1024
[ 1639.476813][T20598] EXT4-fs: Ignoring removed orlov option
[ 1639.502481][T20598] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1639.561496][T20602] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4119'.
[ 1639.625871][T20603] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4119'.
[ 1639.703501][T20603] rdma_rxe: rxe_register_device failed with error -23
[ 1639.710824][T20603] rdma_rxe: failed to add team_slave_0
[ 1639.931125][T20598] ext4: Unknown parameter 'subj_role'
[ 1641.302604][T20640] netlink: 72 bytes leftover after parsing attributes in process `syz.9.4131'.
[ 1641.364152][T20641] netlink: 32 bytes leftover after parsing attributes in process `syz.9.4131'.
[ 1641.436642][T20641] loop9: detected capacity change from 0 to 128
[ 1641.447345][T20641] FAT-fs (loop9): Unrecognized mount option "" or missing value
[ 1642.116973][T17547] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1642.133663][T20639] option changes via remount are deprecated (pid=20634 comm=syz.9.4131)
[ 1642.142273][T20639] cgroup: option or name mismatch, new: 0x10 "", old: 0x0 ""
[ 1643.447950][T20682] netlink: 'syz.4.4145': attribute type 39 has an invalid length.
[ 1643.604558][T20687] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4146'.
[ 1643.875025][T20696] 9pnet_fd: Insufficient options for proto=fd
[ 1643.981419][T20700] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4151'.
[ 1644.993326][T20729] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4159'.
[ 1645.006225][T20729] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4159'.
[ 1645.941269][T20733] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4161'.
[ 1646.141728][T20742] loop1: detected capacity change from 0 to 128
[ 1646.362124][T20742] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1646.371042][T20742] ext4 filesystem being mounted at /253/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1646.396401][T20749] 9pnet_fd: Insufficient options for proto=fd
[ 1646.470946][T20754] netlink: 'syz.9.4168': attribute type 39 has an invalid length.
[ 1646.750820][T16933] EXT4-fs (loop1): unmounting filesystem.
[ 1646.842912][T20767] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4172'.
[ 1646.854580][T20767] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4172'.
[ 1646.928812][T20768] loop4: detected capacity change from 0 to 128
[ 1646.939511][T20768] FAT-fs (loop4): Unrecognized mount option "" or missing value
[ 1647.669202][T17547] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1647.684417][T20766] option changes via remount are deprecated (pid=20761 comm=syz.4.4172)
[ 1647.692938][T20766] cgroup: option or name mismatch, new: 0x10 "", old: 0x0 ""
[ 1647.967916][T20779] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4177'.
[ 1648.364749][T20794] device netdevsim0 entered promiscuous mode
[ 1648.555259][T20798] loop9: detected capacity change from 0 to 128
[ 1648.560641][T20801] 9pnet_fd: Insufficient options for proto=fd
[ 1648.616044][T20798] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1648.642047][T20798] ext4 filesystem being mounted at /197/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1648.734976][T20809] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4187'.
[ 1648.746301][T20809] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4187'.
[ 1648.827439][T20809] rdma_rxe: rxe_register_device failed with error -23
[ 1648.834895][T20809] rdma_rxe: failed to add team_slave_0
[ 1649.676583][T17318] EXT4-fs (loop9): unmounting filesystem.
[ 1649.773593][T20818] netlink: 'syz.1.4191': attribute type 39 has an invalid length.
[ 1649.883983][T20822] netlink: 68 bytes leftover after parsing attributes in process `syz.9.4192'.
[ 1650.505444][T20849] 9pnet_fd: Insufficient options for proto=fd
[ 1650.654633][T20855] netlink: 72 bytes leftover after parsing attributes in process `syz.9.4202'.
[ 1650.666291][T20855] netlink: 32 bytes leftover after parsing attributes in process `syz.9.4202'.
[ 1650.731289][T20855] loop9: detected capacity change from 0 to 128
[ 1650.738410][T20855] FAT-fs (loop9): Unrecognized mount option "" or missing value
[ 1650.843195][T20855] rdma_rxe: rxe_register_device failed with error -23
[ 1650.850989][T20855] rdma_rxe: failed to add team_slave_0
[ 1651.932921][T20877] netlink: 'syz.7.4212': attribute type 39 has an invalid length.
[ 1652.193285][T20880] device netdevsim0 entered promiscuous mode
[ 1652.223199][T20887] 9pnet_fd: Insufficient options for proto=fd
[ 1652.456949][T20898] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4219'.
[ 1652.468516][T20898] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4219'.
[ 1652.567727][T20898] rdma_rxe: rxe_register_device failed with error -23
[ 1652.575175][T20898] rdma_rxe: failed to add team_slave_0
[ 1653.840753][T20921] loop7: detected capacity change from 0 to 2048
[ 1653.927504][T20921] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1654.049229][T20936] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[ 1654.273351][T20943] netlink: 'syz.4.4234': attribute type 9 has an invalid length.
[ 1654.292290][T20943] netlink: 'syz.4.4234': attribute type 1 has an invalid length.
[ 1654.311644][T20943] netlink: 303 bytes leftover after parsing attributes in process `syz.4.4234'.
[ 1654.570651][T20951] loop4: detected capacity change from 0 to 512
[ 1654.616917][T20920] ------------[ cut here ]------------
[ 1654.622797][T20920] kernel BUG at fs/ext4/inode.c:2760!
[ 1654.637948][T20920] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1654.644117][T20920] CPU: 0 PID: 20920 Comm: syz.7.4231 Not tainted syzkaller #0
[ 1654.651619][T20920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1654.661718][T20920] RIP: 0010:ext4_writepages+0x2f34/0x2f40
[ 1654.667611][T20920] Code: c1 03 38 c1 0f 8c ac fd ff ff 4c 89 e7 e8 14 8e ac ff e9 9f fd ff ff e8 6a a2 5b ff 0f 0b e8 63 a2 5b ff 0f 0b e8 5c a2 5b ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 54 53 48 89
[ 1654.687257][T20920] RSP: 0018:ffffc9000c9ef6c0 EFLAGS: 00010293
[ 1654.693359][T20920] RAX: ffffffff8226d154 RBX: 0000009410000000 RCX: ffff888026a9d940
[ 1654.701360][T20920] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[ 1654.709360][T20920] RBP: ffffc9000c9efa30 R08: ffff888075660057 R09: 1ffff1100eacc00a
[ 1654.717358][T20920] R10: dffffc0000000000 R11: ffffed100eacc00b R12: 1ffff9200193df84
[ 1654.725358][T20920] R13: dffffc0000000000 R14: 0000008000000000 R15: ffff8880634b2000
[ 1654.733361][T20920] FS:  00005555796f9500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1654.742316][T20920] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1654.748922][T20920] CR2: 0000001b2eb19ff8 CR3: 000000007af4e000 CR4: 00000000003506f0
[ 1654.756922][T20920] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1654.764913][T20920] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1654.772908][T20920] Call Trace:
[ 1654.776217][T20920]  <TASK>
[ 1654.779173][T20920]  ? verify_lock_unused+0x140/0x140
[ 1654.784425][T20920]  ? mark_lock+0x94/0x320
[ 1654.788784][T20920]  ? ext4_read_folio+0x370/0x370
[ 1654.793756][T20920]  ? __lock_acquire+0x7d10/0x7d10
[ 1654.798826][T20920]  ? do_raw_spin_lock+0x128/0x2f0
[ 1654.803875][T20920]  ? do_raw_spin_unlock+0x11d/0x230
[ 1654.809089][T20920]  ? ext4_read_folio+0x370/0x370
[ 1654.814051][T20920]  do_writepages+0x3ba/0x640
[ 1654.818731][T20920]  ? filemap_fdatawrite_wbc+0x113/0x180
[ 1654.824311][T20920]  ? __writepage+0x130/0x130
[ 1654.829038][T20920]  ? __lock_acquire+0x7d10/0x7d10
[ 1654.834090][T20920]  ? __rwlock_init+0x140/0x140
[ 1654.838878][T20920]  ? do_raw_spin_unlock+0x11d/0x230
[ 1654.844105][T20920]  filemap_fdatawrite_wbc+0x11e/0x180
[ 1654.849508][T20920]  filemap_flush+0xe0/0x140
[ 1654.854035][T20920]  ? filemap_fdatawrite_range+0x160/0x160
[ 1654.859780][T20920]  ? mutex_unlock+0x10/0x10
[ 1654.864385][T20920]  ? rcu_is_watching+0x11/0xa0
[ 1654.869245][T20920]  ext4_release_file+0x7e/0x300
[ 1654.874186][T20920]  ? ext4_file_open+0x6f0/0x6f0
[ 1654.879061][T20920]  __fput+0x22c/0x920
[ 1654.883146][T20920]  task_work_run+0x1d0/0x260
[ 1654.887799][T20920]  ? task_work_cancel+0x220/0x220
[ 1654.892853][T20920]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1654.898469][T20920]  exit_to_user_mode_loop+0xe6/0x110
[ 1654.903787][T20920]  exit_to_user_mode_prepare+0xee/0x180
[ 1654.909369][T20920]  syscall_exit_to_user_mode+0x16/0x40
[ 1654.914937][T20920]  do_syscall_64+0x58/0xa0
[ 1654.919397][T20920]  ? clear_bhb_loop+0x60/0xb0
[ 1654.924098][T20920]  ? clear_bhb_loop+0x60/0xb0
[ 1654.928803][T20920]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1654.934721][T20920] RIP: 0033:0x7f4ef0f9aeb9
[ 1654.939165][T20920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1654.959008][T20920] RSP: 002b:00007ffdb508f418 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1654.967443][T20920] RAX: 0000000000000000 RBX: 00007f4ef1217da0 RCX: 00007f4ef0f9aeb9
[ 1654.975435][T20920] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1654.983426][T20920] RBP: 00007f4ef1217da0 R08: 0000000000000006 R09: 0000000000000000
[ 1654.991416][T20920] R10: 00007f4ef1217cb0 R11: 0000000000000246 R12: 0000000000193f26
[ 1654.999407][T20920] R13: 00007f4ef121618c R14: 0000000000193d7a R15: 00007f4ef1216180
[ 1655.007497][T20920]  </TASK>
[ 1655.010541][T20920] Modules linked in:
[ 1655.053533][T20920] ---[ end trace 0000000000000000 ]---
[ 1655.066707][T20951] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1655.086784][T20920] RIP: 0010:ext4_writepages+0x2f34/0x2f40
[ 1655.090211][T20951] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1655.142918][T20920] Code: c1 03 38 c1 0f 8c ac fd ff ff 4c 89 e7 e8 14 8e ac ff e9 9f fd ff ff e8 6a a2 5b ff 0f 0b e8 63 a2 5b ff 0f 0b e8 5c a2 5b ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 54 53 48 89
[ 1655.225614][T20920] RSP: 0018:ffffc9000c9ef6c0 EFLAGS: 00010293
[ 1655.235694][T20920] RAX: ffffffff8226d154 RBX: 0000009410000000 RCX: ffff888026a9d940
[ 1655.257863][T20920] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[ 1655.278455][T20920] RBP: ffffc9000c9efa30 R08: ffff888075660057 R09: 1ffff1100eacc00a
[ 1655.299018][T20920] R10: dffffc0000000000 R11: ffffed100eacc00b R12: 1ffff9200193df84
[ 1655.323587][T20920] R13: dffffc0000000000 R14: 0000008000000000 R15: ffff8880634b2000
[ 1655.331649][T20920] FS:  00005555796f9500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1655.361192][T20920] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1655.381444][T20920] CR2: 000055b491a5a950 CR3: 000000007af4e000 CR4: 00000000003506f0
[ 1655.401209][T17043] EXT4-fs (loop4): unmounting filesystem.
[ 1655.408010][T20920] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1655.418591][T20920] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1655.427409][T20920] Kernel panic - not syncing: Fatal exception
[ 1655.434089][T20920] Kernel Offset: disabled
[ 1655.438428][T20920] Rebooting in 86400 seconds..