last executing test programs:

7.019097849s ago: executing program 0 (id=2324):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x44, 0x6, 0x4a0, 0x138, 0x0, 0x368, 0x1d0, 0x138, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x11000000, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x4}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xff000000, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {0xff}, 0x11, 0x0, 0x28}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x10, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0xffffff00, 'vlan1\x00', 'nr0\x00', {}, {0xff}}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0xff, 0xffffff00, 'ip6gre0\x00', 'virt_wifi0\x00', {0xff}, {}, 0x2e, 0x0, 0x1}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00', {0xe6d959333babc205}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xa7e, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x80, 0x2}, 0x50)
fsetxattr$security_evm(r2, &(0x7f0000000080), &(0x7f0000000200)=@v1={0x2, "815d9acb78721bf3"}, 0x9, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
sysinfo(&(0x7f0000000240)=""/25)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'syztnl2\x00', &(0x7f0000000480)={'syztnl0\x00', <r3=>0x0, 0x29, 0x3, 0x7, 0x2, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, 0x8000, 0x7800, 0xa212, 0x5}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r5, &(0x7f00000005c0)="aa", 0xfdc1, 0x4008881, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @private2, 0x3}, 0x1c)
shutdown(r5, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x19, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000700000000000000bde800001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701001ef8ffffffb702000008000000b703000001000000850000000600000048db00897d004ac661d1a2910fb8", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000185600000200000000000000000000001850000007000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x9, 0xb9, &(0x7f00000006c0)=""/185, 0x41100, 0x30, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x3, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000780)=[r2, r2, r2, r2], &(0x7f00000007c0)=[{0x4, 0x3, 0x9}, {0x1, 0x2, 0xb, 0x5}, {0x1, 0x3, 0x10}, {0x4, 0x4, 0x4, 0x8}, {0x3, 0x4, 0xa, 0xc}, {0x2, 0x4, 0xb, 0x1}, {0x3, 0x3, 0xd, 0x3}], 0x10, 0x8}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0)
read(r7, &(0x7f00000012c0)=""/109, 0x6d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x18)
r8 = socket$packet(0x11, 0x2, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
socket$nl_route(0x10, 0x3, 0x0)

6.673439741s ago: executing program 0 (id=2326):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ec9}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000000c0), 0xc2, 0x400000)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.746275754s ago: executing program 1 (id=2357):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)

2.641006724s ago: executing program 1 (id=2361):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a85}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ftruncate(r1, 0x5)
removexattr(0x0, 0x0)

2.482443425s ago: executing program 0 (id=2363):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7})
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})

2.189304977s ago: executing program 0 (id=2364):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127d, &(0x7f00000011c0)="$eJzs3U1rJMUfB/DfJJPH/SeTv66ruyAWelGEcZODJy9BdkEMKNEsqKdeM9EhkwcyQyAi7njyJPgyRD16E8Q3kIsXz4IgkovHPYgtyUw085BsYjIJyOdz6aK6vlXV6U5DD1303itfrK2u1MsrWSOGCoUobo5E8WGKFEMxHC3NeOHeTz8//dY7774+v7BwZzGlu/Nvz76cUpp+5vv3Pv7m2R8a1+59O/3dWOzODO39PvfL7o3dm3t/fh3VeqrW0/pGI2Xp/sZGI7tfq6Tlan21nNKbtUpWr6Tqer2y1bF/pbaxubmTsvXlqcnNrUq9nrL1nbRa2UmNQmps7aTsg6y6nsrlcpqaDM5j6auHeZ5H5PlIjEae5/lETMa1+F9MxXSUYib+H4/F43E9nogb8WQ8FTcPWl31vAEAAAAAAAAAAAAAAAAAAOC/5RHr/wvW/wMAAAAAAAAAAAAAAAAAAMDgda//L0b4/j8AAAAAAAAAAAAAAAAAAABcskd8/79r/f+L1v8DAAAAAAAAAAAAAAAAAADAIIy3NospjUesfba9tL3U2rbq51eiGrWoxO0oxR9xsPq/pVW++9rCndvpwEy8tPagnX+wvTTcmZ8dKcVMoW9+diIiUkqd+bGYPJqfi1Jc7z/+XGv8rvx4PP/cfv7TVr4cpfjx/diIWixHFNpHf5D/ZDalV99YmOjM39pvd6zhAZ8WAAAAuEjl9Lfe5/dmu1Hf/a1d7efz1G5ZOOH3ga7n82LcKl7VUXOovvPRalarVbb+ZWH0+H5Gz9dzT6EQEVkcrZme/HVxf/BT9nN4uV3QfI4Uhi+6wxMLIye3Occ5jeKp/5gDKkSzuyYvRZy1n9++PFIzfub4+QpD7cssqzVPfbFFM88HOrG+/4xjJ6WOv2cUBnxP4vL8c9KveiYAAAAAAAAAAACcRd+3/yYioud9wA97ag5fD++M9/Z8/OifX8IRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK8CAAD//w+Ty90=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendfile(r0, r0, 0x0, 0x100000000)

2.184472067s ago: executing program 2 (id=2365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac14140f0011000000000000000000000001000000fc000000000000001400000000000000010000000c"], 0x68}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180))
syncfs(0xffffffffffffffff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r3}, 0x0, &(0x7f0000000500)='%-010d \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1, 0x9, 0x2, 0x0, 0x1, 0x1}, 0x50)
sendmsg$NL80211_CMD_NEW_MPATH(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x211, 0x14}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'veth0_to_bond\x00', 0x400})
close(r2)

1.901063269s ago: executing program 0 (id=2367):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})

1.900258779s ago: executing program 3 (id=2368):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x81)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c617f005ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bdd27e663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70780025072e20586b19127d75fa71577f265c51000000000000000000000000000000000000000000915c2cde78db002a20e370600f56b3803786ffff268fa1782c240a1d3b62bb5c9c5712bc58a0f276f5224b6efaceab36d1468b0800000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000700)='rpc_xdr_alignment\x00', r0, 0x0, 0x14}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
mq_getsetattr(0xffffffffffffffff, &(0x7f0000000340)={0x5, 0x0, 0xcdc2, 0x1}, &(0x7f00000003c0))

1.833124979s ago: executing program 0 (id=2369):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ec9}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.757053919s ago: executing program 3 (id=2370):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x2731, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x3}, 0x50)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x1)
syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=")

1.66735991s ago: executing program 1 (id=2371):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r2, 0x205, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0xc, 0x13, @l2={'ib', 0x3a, 'wg1\x00'}}}}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)='0', 0x1, r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="04000000040000000400000005", @ANYBLOB="43f80958b07f88054a7902276b053e6ac4f3bbf32d8cfeeddf8e", @ANYRES64=r4, @ANYRESDEC=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x4b}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
syz_clone(0x34020000, &(0x7f0000000640)="294b4795e2ad662be8aebd7340972197123bcc9f20486dfc84785d03bbe47b36d4ba974ac35a2d3fd0b6cf1d9ce3e7cb93e48d4c7eb83b1cade354b6ca9f59623258b243c3e9a67365efcd97a79e4e0c18727ecba22535bffd2bf427e10c8a16092cf9e2bc54f4e4cf679a2deb20746e7adfc87bb91cc5bcfa05241d332c9ebf12b869ff7b76a93bc36e342879a3d2efd3f67063ff241afbd9368a8ba3373b44bebadbeb7a09d8caef1eaf47cbd1b0bb3c2278d490a2790f18bead2feae45233118ac33d", 0xc4, &(0x7f00000000c0), &(0x7f0000000240), &(0x7f0000000280)="c3c50329d44c6803f12f68df61718ca79c5f8c149e9a")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
mount$cgroup2(0x0, &(0x7f00000004c0)='.\x00', &(0x7f0000000480), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB='memory_recursiveprot,memory_recursiveprot,nsdelegate,memory_recursiveprot,nsdelegate,memory_localevents'])
setresuid(0x0, 0xee00, 0x0)

1.61712183s ago: executing program 2 (id=2373):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)

1.578258071s ago: executing program 3 (id=2376):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, 0x9, 0x6, 0x505, 0x0, 0x0, {0x7, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x800)
io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0xfffd, 0xffffffffffffffff, &(0x7f0000000100)='k', 0x1, 0x4400a03}])
r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000f80), 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile(r4, r3, 0x0, 0x100000002)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000001100)={0x9c, 0x0, 0x508, 0x70bd26, 0x25dfdbfe, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xab4}, @NBD_ATTR_SOCKETS={0x58, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r3}}, {0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x20}]}, 0x9c}, 0x1, 0x0, 0x0, 0x800}, 0x24004010)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x10000}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0)

1.547373161s ago: executing program 2 (id=2377):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})

1.520675161s ago: executing program 2 (id=2379):
r0 = add_key$keyring(0x0, &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@keyring={'key_or_keyring:', r0})

1.396807862s ago: executing program 2 (id=2381):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
ioprio_get$uid(0x3, 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x1d, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x400002, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0xa888, 0x0, 0x5000000}}]}}]}, 0x48}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000810500"/20, @ANYRES32, @ANYBLOB="0000000000000000280012800a00010063616e"], 0x48}}, 0x0)
memfd_secret(0x0)
getpgid(0xffffffffffffffff)

1.248368402s ago: executing program 2 (id=2383):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r1=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={r1, 0xfb4}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\a\x00!\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16=r1, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2000000)

1.245286842s ago: executing program 3 (id=2384):
r0 = memfd_create(&(0x7f0000000080)=',\xea\x02', 0x4)
ftruncate(r0, 0x7000000)
r1 = dup(r0)
preadv2(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/83, 0x200000}], 0x1000000000000146, 0x3700, 0x0, 0x0)

1.159262533s ago: executing program 3 (id=2385):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7})
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})

1.107705313s ago: executing program 1 (id=2387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac14140f0011000000000000000000000001000000fc000000000000001400000000000000010000000c"], 0x68}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180))
syncfs(0xffffffffffffffff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r3}, &(0x7f00000004c0), &(0x7f0000000500)='%-010d \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1, 0x9, 0x2, 0x0, 0x1, 0x1}, 0x50)
sendmsg$NL80211_CMD_NEW_MPATH(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x211, 0x14}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'veth0_to_bond\x00', 0x400})
close(r2)

1.074534804s ago: executing program 3 (id=2388):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c000000"], 0x50)

803.213525ms ago: executing program 4 (id=2390):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)

539.167227ms ago: executing program 4 (id=2391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/232, 0xe8, 0x0, 0x0)

388.830977ms ago: executing program 4 (id=2392):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})

223.322218ms ago: executing program 4 (id=2393):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1, 0x9, 0x2, 0x0, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x7, 0x4, 0x8000004, 0x0, r2}, 0x48)

155.004059ms ago: executing program 4 (id=2394):
r0 = add_key$keyring(0x0, &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@keyring={'key_or_keyring:', r0})

153.889339ms ago: executing program 1 (id=2395):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x44, 0x6, 0x4a0, 0x138, 0x0, 0x368, 0x1d0, 0x138, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x11000000, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x4}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xff000000, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {0xff}, 0x11, 0x0, 0x28}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x10, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0xffffff00, 'vlan1\x00', 'nr0\x00', {}, {0xff}}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0xff, 0xffffff00, 'ip6gre0\x00', 'virt_wifi0\x00', {0xff}, {}, 0x2e, 0x0, 0x1}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00', {0xe6d959333babc205}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xa7e, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x80, 0x2}, 0x50)
fsetxattr$security_evm(r2, &(0x7f0000000080), &(0x7f0000000200)=@v1={0x2, "815d9acb78721bf3"}, 0x9, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
sysinfo(&(0x7f0000000240)=""/25)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'syztnl2\x00', &(0x7f0000000480)={'syztnl0\x00', <r3=>0x0, 0x29, 0x3, 0x7, 0x2, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, 0x8000, 0x7800, 0xa212, 0x5}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r5, &(0x7f00000005c0)="aa", 0xfdc1, 0x4008881, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @private2, 0x3}, 0x1c)
shutdown(r5, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x19, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000700000000000000bde800001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701001ef8ffffffb702000008000000b703000001000000850000000600000048db00897d004ac661d1a2910fb8", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000185600000200000000000000000000001850000007000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x9, 0xb9, &(0x7f00000006c0)=""/185, 0x41100, 0x30, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x3, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000780)=[r2, r2, r2, r2], &(0x7f00000007c0)=[{0x4, 0x3, 0x9}, {0x1, 0x2, 0xb, 0x5}, {0x1, 0x3, 0x10}, {0x4, 0x4, 0x4, 0x8}, {0x3, 0x4, 0xa, 0xc}, {0x2, 0x4, 0xb, 0x1}, {0x3, 0x3, 0xd, 0x3}], 0x10, 0x8}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0)
read(r7, &(0x7f00000012c0)=""/109, 0x6d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x18)
socket$packet(0x11, 0x2, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

63.986779ms ago: executing program 4 (id=2396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f00000000c0)=""/146, 0x92, <r1=>0x0, &(0x7f0000000180)=""/227, 0xe3}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYBLOB="00000000b9ecffff8b89f089218880c0c9060000008395"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="020300001b0000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000000000000000000000000000bb00000000000000000400040000000000000000000000000000000000000000000000000000000000020001000000000000000000000000ff05000500000000000a00000000000000fe8896380000000000000001000000010000000000000000030007000000000002004e24ac14141f00000000000000000200"], 0xd8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r2, 0x0, 0xfffffffffffffff4}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000015b7040000000000008500000003000000950000000000000051771274ca958fb953440235e58ee804"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r7, &(0x7f0000000400)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4c840}, 0x4000001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a000000040000000100000001"], 0x50)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r9, 0x0, 0xfffffffffffffffc}, 0x18)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000020018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r11}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x8, 0x40, 0x7, 0x0, {{0x25, 0x4, 0x3, 0xb, 0x94, 0x68, 0x0, 0x8, 0x29, 0x0, @multicast1, @loopback, {[@rr={0x7, 0x7, 0xe4, [@rand_addr=0x64010101]}, @rr={0x7, 0x1b, 0x64, [@broadcast, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @loopback, @local]}, @noop, @cipso={0x86, 0x5c, 0x3, [{0x2, 0x12, "00a04c7e38fff2c961e2615fea156d31"}, {0x5, 0x10, "853af6949cef31e6ff03041ea0e3"}, {0x0, 0x12, "614e0999c46908a542a56f6c8c7f5c8c"}, {0x7, 0xf, "da3d1a38e22a1bdfebc5944465"}, {0x7, 0xa, "55db9498c9e8c4cd"}, {0x1, 0x4, "fee7"}, {0x7, 0x5, "3d281e"}]}]}}}}})
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)

0s ago: executing program 1 (id=2397):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac14140f0011000000000000000000000001000000fc000000000000001400000000000000010000000c"], 0x68}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180))
syncfs(0xffffffffffffffff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r3}, &(0x7f00000004c0), &(0x7f0000000500)='%-010d \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1, 0x9, 0x2, 0x0, 0x1, 0x1}, 0x50)
sendmsg$NL80211_CMD_NEW_MPATH(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x211, 0x14}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'veth0_to_bond\x00', 0x400})
close(r2)

kernel console output (not intermixed with test programs):

 251.435862][ T8711] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.472234][ T8717] loop1: detected capacity change from 0 to 1024
[  251.479086][ T8717] EXT4-fs: Ignoring removed orlov option
[  251.480462][ T8719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1652'.
[  251.516239][ T8722] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.550778][  T296] Bluetooth: hci0: Frame reassembly failed (-84)
[  251.559705][ T8722] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.643186][ T8728] loop2: detected capacity change from 0 to 128
[  251.650568][ T8722] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.650901][ T8728] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  251.675442][ T8728] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  251.683348][ T8728] FAT-fs (loop2): Filesystem has been set read-only
[  251.715805][ T8730] loop2: detected capacity change from 0 to 128
[  251.724083][ T8732] loop1: detected capacity change from 0 to 1024
[  251.732263][ T8722] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.742863][ T8732] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.808156][   T52] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.830987][   T52] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.842302][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.850793][ T8739] loop2: detected capacity change from 0 to 1024
[  251.851234][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.857779][ T8739] EXT4-fs: Ignoring removed orlov option
[  251.871809][  T296] batman_adv: batadv12: No IGMP Querier present - multicast optimizations disabled
[  251.881176][  T296] batman_adv: batadv12: No MLD Querier present - multicast optimizations disabled
[  251.911525][ T8742] loop0: detected capacity change from 0 to 512
[  251.934699][ T8742] ext4 filesystem being mounted at /367/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.026194][ T8752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1663'.
[  252.071633][ T8758] loop0: detected capacity change from 0 to 128
[  252.078581][ T8758] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  252.101190][ T8758] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  252.109813][ T8758] FAT-fs (loop0): Filesystem has been set read-only
[  252.139904][ T8762] loop0: detected capacity change from 0 to 128
[  252.217044][ T8766] loop2: detected capacity change from 0 to 128
[  252.321338][ T8778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1675'.
[  252.455908][ T8784] loop2: detected capacity change from 0 to 512
[  252.462319][ T8786] loop0: detected capacity change from 0 to 128
[  252.469811][ T8786] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  252.482576][ T8786] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  252.490471][ T8786] FAT-fs (loop0): Filesystem has been set read-only
[  252.494784][ T8784] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  252.513148][ T8784] EXT4-fs (loop2): mount failed
[  252.637984][ T8803] program syz.0.1687 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  252.639140][ T8805] program syz.2.1686 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  252.682006][ T8808] bridge0: port 14(batadv13) entered blocking state
[  252.688895][ T8808] bridge0: port 14(batadv13) entered disabled state
[  252.695814][ T8808] batadv13: entered allmulticast mode
[  252.701794][ T8808] batadv13: entered promiscuous mode
[  252.788295][ T8815] loop2: detected capacity change from 0 to 128
[  252.798485][ T8815] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  252.811612][ T8815] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  252.819708][ T8815] FAT-fs (loop2): Filesystem has been set read-only
[  253.217161][   T52] batman_adv: batadv13: No IGMP Querier present - multicast optimizations disabled
[  253.226560][   T52] batman_adv: batadv13: No MLD Querier present - multicast optimizations disabled
[  253.585374][ T3805] Bluetooth: hci0: command 0x1003 tx timeout
[  253.595440][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  253.841365][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  253.841379][   T29] audit: type=1400 audit(1761747234.212:5024): avc:  denied  { write } for  pid=8835 comm="syz.2.1698" name="protocols" dev="proc" ino=4026532398 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  253.921325][ T8840] FAULT_INJECTION: forcing a failure.
[  253.921325][ T8840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.934974][ T8840] CPU: 1 UID: 0 PID: 8840 Comm: syz.1.1700 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  253.935020][ T8840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  253.935035][ T8840] Call Trace:
[  253.935079][ T8840]  <TASK>
[  253.935089][ T8840]  __dump_stack+0x1d/0x30
[  253.935169][ T8840]  dump_stack_lvl+0xe8/0x140
[  253.935191][ T8840]  dump_stack+0x15/0x1b
[  253.935208][ T8840]  should_fail_ex+0x265/0x280
[  253.935227][ T8840]  should_fail+0xb/0x20
[  253.935241][ T8840]  should_fail_usercopy+0x1a/0x20
[  253.935265][ T8840]  _copy_to_user+0x20/0xa0
[  253.935353][ T8840]  simple_read_from_buffer+0xb5/0x130
[  253.935386][ T8840]  proc_fail_nth_read+0x10e/0x150
[  253.935490][ T8840]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  253.935529][ T8840]  vfs_read+0x1a8/0x770
[  253.935557][ T8840]  ? __rcu_read_unlock+0x4f/0x70
[  253.935617][ T8840]  ? __fget_files+0x184/0x1c0
[  253.935656][ T8840]  ksys_read+0xda/0x1a0
[  253.935683][ T8840]  __x64_sys_read+0x40/0x50
[  253.935788][ T8840]  x64_sys_call+0x27c0/0x3000
[  253.935816][ T8840]  do_syscall_64+0xd2/0x200
[  253.935835][ T8840]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  253.935862][ T8840]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  253.935935][ T8840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.935960][ T8840] RIP: 0033:0x7f4f272cd9dc
[  253.935979][ T8840] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  253.936072][ T8840] RSP: 002b:00007f4f25d37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  253.936097][ T8840] RAX: ffffffffffffffda RBX: 00007f4f27525fa0 RCX: 00007f4f272cd9dc
[  253.936112][ T8840] RDX: 000000000000000f RSI: 00007f4f25d370a0 RDI: 0000000000000007
[  253.936130][ T8840] RBP: 00007f4f25d37090 R08: 0000000000000000 R09: 0000000000000000
[  253.936141][ T8840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.936152][ T8840] R13: 00007f4f27526038 R14: 00007f4f27525fa0 R15: 00007fff851f7cc8
[  253.936190][ T8840]  </TASK>
[  254.175202][   T29] audit: type=1107 audit(1761747234.542:5025): pid=8841 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  254.208719][   T29] audit: type=1326 audit(1761747234.582:5026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.232216][   T29] audit: type=1326 audit(1761747234.582:5027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.261871][ T8842] bridge0: port 16(batadv16) entered blocking state
[  254.268728][ T8842] bridge0: port 16(batadv16) entered disabled state
[  254.277729][ T8842] batadv16: entered allmulticast mode
[  254.283754][ T8842] batadv16: entered promiscuous mode
[  254.289795][   T29] audit: type=1326 audit(1761747234.632:5028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.317279][   T29] audit: type=1326 audit(1761747234.632:5029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.340738][   T29] audit: type=1326 audit(1761747234.632:5030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.364455][   T29] audit: type=1326 audit(1761747234.632:5031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.387792][   T29] audit: type=1326 audit(1761747234.632:5032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.411254][   T29] audit: type=1326 audit(1761747234.632:5033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8843 comm="syz.2.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  254.508318][ T8848] loop1: detected capacity change from 0 to 1024
[  254.514992][ T8848] EXT4-fs: Ignoring removed orlov option
[  254.538986][ T8846] loop4: detected capacity change from 0 to 512
[  254.566823][ T8848] EXT4-fs mount: 47 callbacks suppressed
[  254.566839][ T8848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.585432][   T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.593886][   T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.608701][ T8846] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  254.625848][   T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.634684][ T8846] EXT4-fs (loop4): mount failed
[  254.639945][   T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.715400][   T37] batman_adv: batadv16: No IGMP Querier present - multicast optimizations disabled
[  254.724955][   T37] batman_adv: batadv16: No MLD Querier present - multicast optimizations disabled
[  254.736528][ T8856] loop3: detected capacity change from 0 to 512
[  254.789589][ T8856] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  254.810214][ T8856] EXT4-fs (loop3): mount failed
[  254.969362][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.007625][ T8870] loop4: detected capacity change from 0 to 512
[  255.061111][ T8874] loop1: detected capacity change from 0 to 1024
[  255.068984][ T8874] EXT4-fs: Ignoring removed orlov option
[  255.078535][ T8874] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.116184][ T8870] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  255.131716][ T8870] EXT4-fs (loop4): mount failed
[  255.156440][ T8881] bridge0: port 15(batadv14) entered blocking state
[  255.163144][ T8881] bridge0: port 15(batadv14) entered disabled state
[  255.170824][ T8881] batadv14: entered allmulticast mode
[  255.177093][ T8881] batadv14: entered promiscuous mode
[  255.309569][ T8889] loop4: detected capacity change from 0 to 512
[  255.337778][ T8889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.338277][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.365196][ T8889] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.1717: No space for directory leaf checksum. Please run e2fsck -D.
[  255.381369][ T8889] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.1717: checksumming directory block 0
[  255.533881][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.557095][ T1804] Bluetooth: hci1: Frame reassembly failed (-84)
[  255.670279][ T1804] batman_adv: batadv14: No IGMP Querier present - multicast optimizations disabled
[  255.680370][ T1804] batman_adv: batadv14: No MLD Querier present - multicast optimizations disabled
[  255.962530][ T8908] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1721'.
[  256.144453][ T8915] loop0: detected capacity change from 0 to 1024
[  256.169378][ T8915] EXT4-fs: Ignoring removed orlov option
[  256.191131][ T8915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.305596][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  256.325368][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  256.463520][ T8925] loop3: detected capacity change from 0 to 512
[  256.489266][ T8925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.511260][ T8925] ext4 filesystem being mounted at /321/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.573506][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.637943][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.683410][ T8929] loop0: detected capacity change from 0 to 8192
[  256.703931][ T8929] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  256.712770][ T8929] FAT-fs (loop0): Filesystem has been set read-only
[  256.723483][ T8929] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  256.732979][ T8929] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  256.971793][ T8939] loop2: detected capacity change from 0 to 512
[  257.062948][ T8939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.080243][ T8939] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.1733: No space for directory leaf checksum. Please run e2fsck -D.
[  257.095863][ T8939] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.1733: checksumming directory block 0
[  257.141306][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.268633][ T8947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1735'.
[  257.275009][ T8949] bridge0: port 8(batadv7) entered blocking state
[  257.284309][ T8949] bridge0: port 8(batadv7) entered disabled state
[  257.291056][ T8949] batadv7: entered allmulticast mode
[  257.297114][ T8949] batadv7: entered promiscuous mode
[  257.332660][ T8952] loop1: detected capacity change from 0 to 1024
[  257.339640][ T8952] EXT4-fs: Ignoring removed orlov option
[  257.348152][ T8952] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.446997][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.502012][ T8963] program syz.1.1741 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  257.589670][ T3805] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  257.596249][ T3516] Bluetooth: hci1: command 0x1003 tx timeout
[  257.609362][ T8973] loop1: detected capacity change from 0 to 1024
[  257.617708][ T8973] EXT4-fs: Ignoring removed orlov option
[  257.624120][ T8973] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  257.637987][ T8975] loop3: detected capacity change from 0 to 128
[  257.638123][ T8973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.645148][ T8975] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  257.673667][ T8975] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  257.682247][ T8975] FAT-fs (loop3): Filesystem has been set read-only
[  257.689054][ T8975] bio_check_eod: 379 callbacks suppressed
[  257.689072][ T8975] syz.3.1746: attempt to access beyond end of device
[  257.689072][ T8975] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  257.748130][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.760572][ T8979] loop3: detected capacity change from 0 to 1024
[  257.767647][ T8979] EXT4-fs: Ignoring removed orlov option
[  257.774487][ T8979] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  257.786456][ T1804] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  257.796479][ T1804] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  257.811119][ T8979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.826267][ T8979] FAULT_INJECTION: forcing a failure.
[  257.826267][ T8979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.839496][ T8979] CPU: 1 UID: 0 PID: 8979 Comm: syz.3.1747 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  257.839678][ T8979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.839693][ T8979] Call Trace:
[  257.839700][ T8979]  <TASK>
[  257.839708][ T8979]  __dump_stack+0x1d/0x30
[  257.839734][ T8979]  dump_stack_lvl+0xe8/0x140
[  257.839759][ T8979]  dump_stack+0x15/0x1b
[  257.839780][ T8979]  should_fail_ex+0x265/0x280
[  257.839819][ T8979]  should_fail+0xb/0x20
[  257.839839][ T8979]  should_fail_usercopy+0x1a/0x20
[  257.839864][ T8979]  _copy_to_user+0x20/0xa0
[  257.839975][ T8979]  simple_read_from_buffer+0xb5/0x130
[  257.840071][ T8979]  proc_fail_nth_read+0x10e/0x150
[  257.840130][ T8979]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  257.840165][ T8979]  vfs_read+0x1a8/0x770
[  257.840235][ T8979]  ? __rcu_read_unlock+0x4f/0x70
[  257.840264][ T8979]  ? __fget_files+0x184/0x1c0
[  257.840298][ T8979]  ksys_read+0xda/0x1a0
[  257.840326][ T8979]  __x64_sys_read+0x40/0x50
[  257.840375][ T8979]  x64_sys_call+0x27c0/0x3000
[  257.840399][ T8979]  do_syscall_64+0xd2/0x200
[  257.840417][ T8979]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  257.840474][ T8979]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  257.840510][ T8979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.840535][ T8979] RIP: 0033:0x7f64b680d9dc
[  257.840550][ T8979] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  257.840568][ T8979] RSP: 002b:00007f64b526f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  257.840590][ T8979] RAX: ffffffffffffffda RBX: 00007f64b6a65fa0 RCX: 00007f64b680d9dc
[  257.840604][ T8979] RDX: 000000000000000f RSI: 00007f64b526f0a0 RDI: 0000000000000005
[  257.840617][ T8979] RBP: 00007f64b526f090 R08: 0000000000000000 R09: 0000000000000000
[  257.840629][ T8979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.840640][ T8979] R13: 00007f64b6a66038 R14: 00007f64b6a65fa0 R15: 00007fffc3519168
[  257.840661][ T8979]  </TASK>
[  258.100657][ T8994] program syz.1.1753 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.123089][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.151013][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  258.206475][ T9004] loop1: detected capacity change from 0 to 128
[  258.213483][ T9004] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  258.229039][ T9004] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  258.236999][ T9004] FAT-fs (loop1): Filesystem has been set read-only
[  258.245755][ T9004] syz.1.1758: attempt to access beyond end of device
[  258.245755][ T9004] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  258.361183][ T9016] loop1: detected capacity change from 0 to 512
[  258.377554][ T9016] ext4: Unknown parameter 'appraise'
[  258.419026][ T9021] program syz.1.1765 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.440665][ T9023] loop2: detected capacity change from 0 to 1024
[  258.447837][ T9023] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.456743][ T9025] loop1: detected capacity change from 0 to 128
[  258.471346][ T9023] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.487338][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.487338][ T9025] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[  258.501193][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.501193][ T9025] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[  258.523663][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.523663][ T9025] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[  258.544664][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.544664][ T9025] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  258.558374][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.558374][ T9025] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  258.572096][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.572096][ T9025] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  258.585746][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.585746][ T9025] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  258.586912][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.599333][ T9025] syz.1.1767: attempt to access beyond end of device
[  258.599333][ T9025] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  258.669920][ T9035] loop0: detected capacity change from 0 to 128
[  258.683460][ T2680] Bluetooth: hci1: Frame reassembly failed (-84)
[  258.692767][ T9035] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  258.706096][ T9035] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  258.713992][ T9035] FAT-fs (loop0): Filesystem has been set read-only
[  258.798995][ T9042] FAULT_INJECTION: forcing a failure.
[  258.798995][ T9042] name failslab, interval 1, probability 0, space 0, times 0
[  258.811714][ T9042] CPU: 0 UID: 0 PID: 9042 Comm: syz.0.1773 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  258.811749][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  258.811773][ T9042] Call Trace:
[  258.811781][ T9042]  <TASK>
[  258.811789][ T9042]  __dump_stack+0x1d/0x30
[  258.811811][ T9042]  dump_stack_lvl+0xe8/0x140
[  258.811831][ T9042]  dump_stack+0x15/0x1b
[  258.811850][ T9042]  should_fail_ex+0x265/0x280
[  258.811869][ T9042]  should_failslab+0x8c/0xb0
[  258.811924][ T9042]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  258.811963][ T9042]  ? hugetlbfs_alloc_inode+0xbc/0x100
[  258.812004][ T9042]  ? hugetlbfs_alloc_inode+0x34/0x100
[  258.812064][ T9042]  hugetlbfs_alloc_inode+0xbc/0x100
[  258.812096][ T9042]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  258.812129][ T9042]  alloc_inode+0x40/0x170
[  258.812209][ T9042]  new_inode+0x1d/0xe0
[  258.812242][ T9042]  hugetlbfs_get_inode+0x7b/0x370
[  258.812274][ T9042]  hugetlb_file_setup+0x192/0x3d0
[  258.812334][ T9042]  ksys_mmap_pgoff+0x157/0x310
[  258.812357][ T9042]  x64_sys_call+0x14a3/0x3000
[  258.812382][ T9042]  do_syscall_64+0xd2/0x200
[  258.812465][ T9042]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  258.812501][ T9042]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  258.812616][ T9042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.812644][ T9042] RIP: 0033:0x7ffbb8b9efc9
[  258.812662][ T9042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.812680][ T9042] RSP: 002b:00007ffbb75de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  258.812699][ T9042] RAX: ffffffffffffffda RBX: 00007ffbb8df6090 RCX: 00007ffbb8b9efc9
[  258.812746][ T9042] RDX: 000000000300000c RSI: 0000000000c00000 RDI: 0000200000400000
[  258.812758][ T9042] RBP: 00007ffbb75de090 R08: ffffffffffffffff R09: 0000000000000000
[  258.812769][ T9042] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000001
[  258.812780][ T9042] R13: 00007ffbb8df6128 R14: 00007ffbb8df6090 R15: 00007ffc1339c638
[  258.812798][ T9042]  </TASK>
[  259.541489][ T9058] loop4: detected capacity change from 0 to 1024
[  259.564375][ T9058] EXT4-fs: Ignoring removed orlov option
[  259.597550][ T9058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.156783][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.225346][ T3805] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  260.225546][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  260.240555][   T29] kauditd_printk_skb: 110 callbacks suppressed
[  260.240626][   T29] audit: type=1326 audit(1761747240.622:5141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8997 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  260.270877][   T29] audit: type=1326 audit(1761747240.622:5142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8997 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  260.463610][ T9065] loop1: detected capacity change from 0 to 128
[  260.699075][ T9075] loop4: detected capacity change from 0 to 512
[  260.706126][ T3516] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  260.706818][   T29] audit: type=1326 audit(1761747241.082:5143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.2.1771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  260.706859][   T29] audit: type=1326 audit(1761747241.082:5144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.2.1771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  260.782512][ T9078] loop3: detected capacity change from 0 to 512
[  260.794490][ T9075] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6).
[  260.804764][ T9075] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  260.820441][ T9078] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6).
[  260.830547][ T9075] EXT4-fs (loop4): mount failed
[  260.835473][ T9078] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  260.850436][ T9078] EXT4-fs (loop3): mount failed
[  260.955083][ T9086] loop4: detected capacity change from 0 to 1024
[  261.015761][ T9086] EXT4-fs: Ignoring removed orlov option
[  261.029426][ T9086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.294186][ T9094] loop2: detected capacity change from 0 to 1024
[  261.301196][ T9094] EXT4-fs: Ignoring removed nomblk_io_submit option
[  261.321633][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.349113][ T9094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.412154][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.803093][ T9107] program syz.3.1793 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  262.124166][ T9115] bridge0: port 12(batadv11) entered blocking state
[  262.131565][ T9115] bridge0: port 12(batadv11) entered disabled state
[  262.138388][   T29] audit: type=1107 audit(1761747242.492:5145): pid=9114 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  262.155557][ T9115] batadv11: entered allmulticast mode
[  262.161522][ T9115] batadv11: entered promiscuous mode
[  262.415366][   T29] audit: type=1326 audit(1761747242.782:5146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9118 comm="syz.0.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  262.439568][   T29] audit: type=1326 audit(1761747242.782:5147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9118 comm="syz.0.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  262.463930][   T29] audit: type=1326 audit(1761747242.782:5148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9118 comm="syz.0.1799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  262.510235][ T9123] loop4: detected capacity change from 0 to 128
[  262.548744][ T9122] loop3: detected capacity change from 0 to 1024
[  262.555580][ T9122] EXT4-fs: Ignoring removed orlov option
[  262.573336][ T1804] Bluetooth: hci0: Frame reassembly failed (-84)
[  262.590485][ T9122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.626140][   T31] batman_adv: batadv11: No IGMP Querier present - multicast optimizations disabled
[  262.639470][   T31] batman_adv: batadv11: No MLD Querier present - multicast optimizations disabled
[  262.729053][ T9123] bio_check_eod: 65 callbacks suppressed
[  262.729072][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.729072][ T9123] loop4: rw=524288, sector=145, nr_sectors = 16 limit=128
[  262.791082][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.791082][ T9123] loop4: rw=524288, sector=169, nr_sectors = 8 limit=128
[  262.826224][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.826224][ T9123] loop4: rw=524288, sector=185, nr_sectors = 8 limit=128
[  262.866149][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.866149][ T9123] loop4: rw=524288, sector=201, nr_sectors = 8 limit=128
[  262.895384][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.895384][ T9123] loop4: rw=524288, sector=217, nr_sectors = 8 limit=128
[  262.935410][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.935410][ T9123] loop4: rw=524288, sector=233, nr_sectors = 8 limit=128
[  262.966049][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.966049][ T9123] loop4: rw=524288, sector=249, nr_sectors = 8 limit=128
[  262.995370][ T9123] syz.4.1798: attempt to access beyond end of device
[  262.995370][ T9123] loop4: rw=524288, sector=265, nr_sectors = 8 limit=128
[  263.020547][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.046163][ T9123] syz.4.1798: attempt to access beyond end of device
[  263.046163][ T9123] loop4: rw=524288, sector=281, nr_sectors = 8 limit=128
[  263.057471][ T9131] loop3: detected capacity change from 0 to 128
[  263.066196][ T9123] syz.4.1798: attempt to access beyond end of device
[  263.066196][ T9123] loop4: rw=524288, sector=297, nr_sectors = 8 limit=128
[  263.519852][ T9147] loop4: detected capacity change from 0 to 128
[  263.544224][ T9147] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  263.586508][ T9147] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  263.594451][ T9147] FAT-fs (loop4): Filesystem has been set read-only
[  264.520592][ T9158] loop1: detected capacity change from 0 to 1024
[  264.556178][ T9158] EXT4-fs: Ignoring removed orlov option
[  264.580325][ T9158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.599963][ T9163] loop4: detected capacity change from 0 to 128
[  264.667264][ T3805] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  264.823276][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.920952][ T9177] bridge0: port 13(batadv12) entered blocking state
[  264.927823][ T9177] bridge0: port 13(batadv12) entered disabled state
[  264.934555][ T9177] batadv12: entered allmulticast mode
[  264.942858][ T9177] batadv12: entered promiscuous mode
[  264.964044][ T9175] loop1: detected capacity change from 0 to 1024
[  264.975801][ T9175] EXT4-fs: Ignoring removed orlov option
[  264.984193][ T9175] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.034636][ T9183] loop2: detected capacity change from 0 to 1024
[  265.118927][ T9183] EXT4-fs: Ignoring removed orlov option
[  265.136977][ T9183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.154881][ T9189] loop3: detected capacity change from 0 to 128
[  265.181910][ T9191] loop4: detected capacity change from 0 to 1024
[  265.191802][ T9191] EXT4-fs: Ignoring removed orlov option
[  265.202521][ T9191] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.258548][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.272722][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.429188][ T1804] batman_adv: batadv12: No IGMP Querier present - multicast optimizations disabled
[  265.438650][ T1804] batman_adv: batadv12: No MLD Querier present - multicast optimizations disabled
[  265.466577][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.813539][ T9212] program syz.2.1835 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  265.965794][ T9220] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1838'.
[  266.038266][ T9223] program syz.2.1839 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  266.134164][ T9227] loop2: detected capacity change from 0 to 128
[  266.157165][ T9227] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  266.183647][ T9227] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  266.191579][ T9227] FAT-fs (loop2): Filesystem has been set read-only
[  266.264746][ T9230] loop1: detected capacity change from 0 to 128
[  266.645539][   T29] kauditd_printk_skb: 54 callbacks suppressed
[  266.645554][   T29] audit: type=1400 audit(1761747247.022:5203): avc:  denied  { setopt } for  pid=9233 comm="syz.2.1842" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  266.870204][ T9243] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.968233][ T9243] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.051148][ T9248] program syz.3.1846 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.079757][ T9243] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.167939][ T9243] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.264250][   T52] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.307019][   T52] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.346914][   T52] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.396342][   T52] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.415956][ T9256] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1849'.
[  267.476340][ T9258] loop3: detected capacity change from 0 to 1024
[  267.513634][ T9258] EXT4-fs: Ignoring removed nomblk_io_submit option
[  267.559119][ T9258] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.573643][ T9266] netlink: 'syz.2.1854': attribute type 29 has an invalid length.
[  267.603578][ T9266] netlink: 'syz.2.1854': attribute type 29 has an invalid length.
[  267.642233][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.656509][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1853'.
[  267.666288][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1853'.
[  267.684257][   T29] audit: type=1400 audit(1761747247.992:5204): avc:  denied  { create } for  pid=9265 comm="syz.2.1854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  267.705380][   T29] audit: type=1326 audit(1761747248.012:5205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.729648][   T29] audit: type=1326 audit(1761747248.012:5206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.753859][   T29] audit: type=1326 audit(1761747248.012:5207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.778367][   T29] audit: type=1326 audit(1761747254.022:5208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.782977][ T9266] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1854'.
[  267.802659][   T29] audit: type=1326 audit(1761747254.022:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.835259][   T29] audit: type=1326 audit(1761747254.022:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.859074][   T29] audit: type=1326 audit(1761747254.022:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  267.883228][   T29] audit: type=1326 audit(1761747254.022:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9263 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  268.041780][ T9283] loop1: detected capacity change from 0 to 1024
[  268.053363][ T9283] EXT4-fs: Ignoring removed orlov option
[  268.103051][ T9283] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.127360][ T9291] loop2: detected capacity change from 0 to 128
[  268.172133][ T9291] bio_check_eod: 275 callbacks suppressed
[  268.172153][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.172153][ T9291] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  268.196812][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.196812][ T9291] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  268.211034][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.211034][ T9291] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  268.224972][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.224972][ T9291] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  268.239168][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.239168][ T9291] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  268.252976][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.252976][ T9291] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  268.268699][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.268699][ T9291] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[  268.292207][ T9298] program syz.3.1865 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  268.312864][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.312864][ T9291] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128
[  268.327525][ T9291] syz.2.1864: attempt to access beyond end of device
[  268.327525][ T9291] loop2: rw=2049, sector=289, nr_sectors = 9 limit=128
[  268.328463][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.457468][   T67] kworker/u8:4: attempt to access beyond end of device
[  268.457468][   T67] loop2: rw=1, sector=305, nr_sectors = 1 limit=128
[  268.677476][ T9305] loop1: detected capacity change from 0 to 8192
[  268.738307][ T9305] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  268.746970][ T9305] FAT-fs (loop1): Filesystem has been set read-only
[  268.827797][ T9315] loop2: detected capacity change from 0 to 1024
[  268.852104][ T9315] EXT4-fs: Ignoring removed orlov option
[  268.883382][ T9318] loop4: detected capacity change from 0 to 1024
[  268.904133][ T9315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.920102][ T9318] EXT4-fs: Ignoring removed orlov option
[  268.941762][ T9318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.216318][ T9330] loop1: detected capacity change from 0 to 1024
[  269.252888][ T9330] EXT4-fs: Ignoring removed orlov option
[  269.295173][ T9330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.477009][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.536682][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.684246][ T9338] loop4: detected capacity change from 0 to 128
[  269.701924][ T9333] loop1: detected capacity change from 0 to 8192
[  269.713679][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.777594][ T9333] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  269.786403][ T9333] FAT-fs (loop1): Filesystem has been set read-only
[  270.115650][ T9355] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1882'.
[  270.405371][ T9360] loop1: detected capacity change from 0 to 128
[  270.831853][ T9363] loop1: detected capacity change from 0 to 128
[  270.926609][ T3805] Bluetooth: hci0: sending frame failed (-49)
[  270.932835][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  271.172919][ T9368] loop1: detected capacity change from 0 to 8192
[  271.215854][ T9368] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  271.224530][ T9368] FAT-fs (loop1): Filesystem has been set read-only
[  271.756244][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  271.756301][   T29] audit: type=1326 audit(1761747264.334:5260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9364 comm="syz.4.1887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  271.789835][   T29] audit: type=1326 audit(1761747264.334:5261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9364 comm="syz.4.1887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  271.990645][ T9382] loop0: detected capacity change from 0 to 512
[  271.997556][ T9382] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  272.010858][ T9380] loop3: detected capacity change from 0 to 512
[  272.024539][ T9382] EXT4-fs (loop0): 1 truncate cleaned up
[  272.031553][ T9382] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.044917][ T9380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.058606][ T9380] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.1893: No space for directory leaf checksum. Please run e2fsck -D.
[  272.074020][ T9380] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.1893: checksumming directory block 0
[  272.093952][   T29] audit: type=1400 audit(1761747264.691:5262): avc:  denied  { ioctl } for  pid=9381 comm="syz.0.1894" path="/407/bus/file2" dev="loop0" ino=18 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  272.171980][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.203634][   T29] audit: type=1326 audit(1761747264.806:5263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.227946][   T29] audit: type=1326 audit(1761747264.806:5264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.252310][   T29] audit: type=1326 audit(1761747264.806:5265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.275924][   T29] audit: type=1326 audit(1761747264.806:5266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.299967][   T29] audit: type=1326 audit(1761747264.806:5267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.323403][   T29] audit: type=1326 audit(1761747264.806:5268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.347770][   T29] audit: type=1326 audit(1761747264.806:5269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9390 comm="syz.3.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  272.443578][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.471564][ T9397] loop1: detected capacity change from 0 to 1024
[  272.486790][ T9397] EXT4-fs: Ignoring removed orlov option
[  272.511379][ T9397] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.528440][ T9401] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.541791][ T9402] loop0: detected capacity change from 0 to 128
[  272.571752][ T9401] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.619569][ T9401] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.658647][ T9407] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1900'.
[  272.752034][ T9401] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.787049][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.833284][   T37] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.858450][   T37] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.882654][   T37] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.895461][   T37] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.021551][ T9421] loop1: detected capacity change from 0 to 128
[  273.064336][ T9425] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.257896][ T9429] bio_check_eod: 190 callbacks suppressed
[  273.257917][ T9429] syz.1.1907: attempt to access beyond end of device
[  273.257917][ T9429] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  273.318222][ T9425] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.342764][ T9429] syz.1.1907: attempt to access beyond end of device
[  273.342764][ T9429] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[  273.394729][ T9425] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.468131][ T9425] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.514687][ T9429] syz.1.1907: attempt to access beyond end of device
[  273.514687][ T9429] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[  273.604368][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.642864][   T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.721910][   T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.806890][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.862749][ T9433] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.944823][ T9433] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.019285][ T9433] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.090173][ T9433] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.136061][ T9441] loop2: detected capacity change from 0 to 128
[  274.165417][   T37] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.185514][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.185514][ T9441] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  274.211406][   T37] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.219867][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  274.243972][   T37] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.262627][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.262627][ T9441] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  274.283649][   T37] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.316004][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.316004][ T9441] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  274.340780][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.340780][ T9441] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  274.363348][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.363348][ T9441] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  274.402082][ T9450] loop1: detected capacity change from 0 to 128
[  274.480183][ T9441] syz.2.1913: attempt to access beyond end of device
[  274.480183][ T9441] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  274.495133][ T9451] syz.1.1917: attempt to access beyond end of device
[  274.495133][ T9451] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  274.531122][ T9453] loop0: detected capacity change from 0 to 1024
[  274.552974][ T9453] EXT4-fs: Ignoring removed orlov option
[  274.577741][ T9453] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.655397][ T9441] buffer_io_error: 70134 callbacks suppressed
[  274.655418][ T9441] Buffer I/O error on dev loop2, logical block 305, async page read
[  274.711815][ T9441] Buffer I/O error on dev loop2, logical block 306, async page read
[  274.756573][ T9441] Buffer I/O error on dev loop2, logical block 307, async page read
[  274.809358][ T9441] Buffer I/O error on dev loop2, logical block 308, async page read
[  274.885347][ T9441] Buffer I/O error on dev loop2, logical block 309, async page read
[  274.893742][ T9441] Buffer I/O error on dev loop2, logical block 310, async page read
[  274.945183][ T9441] Buffer I/O error on dev loop2, logical block 311, async page read
[  274.953562][ T9441] Buffer I/O error on dev loop2, logical block 312, async page read
[  274.961811][ T9441] Buffer I/O error on dev loop2, logical block 305, async page read
[  274.969839][ T9441] Buffer I/O error on dev loop2, logical block 306, async page read
[  275.097391][ T9470] loop4: detected capacity change from 0 to 128
[  275.120718][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.176471][ T1804] Bluetooth: hci0: Frame reassembly failed (-84)
[  275.185256][ T9476] netlink: 'syz.2.1926': attribute type 29 has an invalid length.
[  275.205857][ T9476] netlink: 'syz.2.1926': attribute type 29 has an invalid length.
[  275.229489][ T9476] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1926'.
[  275.300072][   T52] Bluetooth: hci1: Frame reassembly failed (-84)
[  275.314275][ T9481] program syz.2.1928 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  275.351653][ T9483] loop2: detected capacity change from 0 to 1024
[  275.358416][ T9483] EXT4-fs: Ignoring removed orlov option
[  275.370617][ T9483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.620278][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.707738][ T9492] loop2: detected capacity change from 0 to 128
[  275.723498][ T9492] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  275.739418][ T9492] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  275.747997][ T9492] FAT-fs (loop2): Filesystem has been set read-only
[  275.821654][ T9500] loop2: detected capacity change from 0 to 1024
[  275.828400][ T9500] EXT4-fs: Ignoring removed orlov option
[  275.837761][ T9500] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.040012][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.671422][ T9526] loop3: detected capacity change from 0 to 128
[  276.924823][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  276.924839][   T29] audit: type=1326 audit(1761747275.766:5347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.996681][   T29] audit: type=1326 audit(1761747275.766:5348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.996842][   T29] audit: type=1326 audit(1761747275.766:5349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.996876][   T29] audit: type=1326 audit(1761747275.766:5350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.996909][   T29] audit: type=1326 audit(1761747275.766:5351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.997037][   T29] audit: type=1326 audit(1761747275.766:5352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.997102][   T29] audit: type=1326 audit(1761747275.766:5353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.997136][   T29] audit: type=1326 audit(1761747275.766:5354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.997170][   T29] audit: type=1326 audit(1761747275.766:5355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  276.997197][   T29] audit: type=1326 audit(1761747275.766:5356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9530 comm="syz.2.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  277.122137][ T3805] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  277.274173][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  277.274203][ T3516] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  277.643004][ T9543] loop0: detected capacity change from 0 to 128
[  278.967362][ T9543] bio_check_eod: 60866 callbacks suppressed
[  278.967390][ T9543] syz.0.1950: attempt to access beyond end of device
[  278.967390][ T9543] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  279.736196][ T9555] loop0: detected capacity change from 0 to 128
[  279.917153][ T9562] program syz.3.1955 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  279.990116][ T9555] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  280.004436][ T9555] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  280.012596][ T9555] FAT-fs (loop0): Filesystem has been set read-only
[  280.019494][ T9555] syz.0.1954: attempt to access beyond end of device
[  280.019494][ T9555] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  280.901465][ T1804] Bluetooth: hci0: Frame reassembly failed (-84)
[  281.958971][ T9585] loop4: detected capacity change from 0 to 128
[  281.967003][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  281.967018][   T29] audit: type=1326 audit(1761747281.058:5412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9586 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  281.996686][   T29] audit: type=1326 audit(1761747281.058:5413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9586 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  282.054445][ T9585] syz.4.1964: attempt to access beyond end of device
[  282.054445][ T9585] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  282.071480][ T9585] syz.4.1964: attempt to access beyond end of device
[  282.071480][ T9585] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  282.086987][ T9590] loop0: detected capacity change from 0 to 128
[  282.100178][ T9590] syz.0.1966: attempt to access beyond end of device
[  282.100178][ T9590] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[  282.114092][ T9585] syz.4.1964: attempt to access beyond end of device
[  282.114092][ T9585] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[  282.127990][ T9590] syz.0.1966: attempt to access beyond end of device
[  282.127990][ T9590] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128
[  282.141725][ T9590] syz.0.1966: attempt to access beyond end of device
[  282.141725][ T9590] loop0: rw=2049, sector=177, nr_sectors = 24 limit=128
[  282.155790][ T9585] syz.4.1964: attempt to access beyond end of device
[  282.155790][ T9585] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  282.169648][ T9590] syz.0.1966: attempt to access beyond end of device
[  282.169648][ T9590] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  282.275750][ T9585] buffer_io_error: 32774 callbacks suppressed
[  282.275770][ T9585] Buffer I/O error on dev loop4, logical block 305, async page read
[  282.294457][ T9590] Buffer I/O error on dev loop0, logical block 305, async page read
[  282.302834][ T9590] Buffer I/O error on dev loop0, logical block 306, async page read
[  282.314858][ T9585] Buffer I/O error on dev loop4, logical block 306, async page read
[  282.322935][ T9590] Buffer I/O error on dev loop0, logical block 307, async page read
[  282.331011][ T9585] Buffer I/O error on dev loop4, logical block 307, async page read
[  282.339305][ T9590] Buffer I/O error on dev loop0, logical block 308, async page read
[  282.347376][ T9585] Buffer I/O error on dev loop4, logical block 308, async page read
[  282.355403][ T9590] Buffer I/O error on dev loop0, logical block 309, async page read
[  282.363521][ T9585] Buffer I/O error on dev loop4, logical block 309, async page read
[  282.497846][ T9597] loop4: detected capacity change from 0 to 1024
[  282.519540][ T9597] EXT4-fs: Ignoring removed orlov option
[  282.543954][ T9597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.828234][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  282.832493][ T3805] Bluetooth: hci0: command 0x1003 tx timeout
[  282.841305][   T29] audit: type=1326 audit(1761747281.971:5414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9582 comm="syz.1.1963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  282.865474][   T29] audit: type=1326 audit(1761747281.971:5415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9582 comm="syz.1.1963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  282.905144][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.927544][ T9603] program syz.4.1969 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  282.995608][ T9606] loop4: detected capacity change from 0 to 512
[  283.020986][ T9606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.044264][ T9606] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.1971: No space for directory leaf checksum. Please run e2fsck -D.
[  283.059807][ T9606] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.1971: checksumming directory block 0
[  283.106941][ T9621] loop2: detected capacity change from 0 to 1024
[  283.114584][ T9621] EXT4-fs: Ignoring removed nomblk_io_submit option
[  283.131678][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.143349][ T9621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.170466][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.188209][   T29] audit: type=1326 audit(1761747282.339:5416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.211960][   T29] audit: type=1326 audit(1761747282.339:5417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.235641][   T29] audit: type=1326 audit(1761747282.339:5418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.259173][   T29] audit: type=1326 audit(1761747282.339:5419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.282632][   T29] audit: type=1326 audit(1761747282.339:5420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.306109][   T29] audit: type=1326 audit(1761747282.339:5421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  283.319444][ T9634] loop2: detected capacity change from 0 to 128
[  283.351783][ T9635] loop4: detected capacity change from 0 to 1024
[  283.361877][ T9635] EXT4-fs: Ignoring removed orlov option
[  283.456950][ T9644] netlink: 'syz.1.1984': attribute type 29 has an invalid length.
[  283.583814][ T9644] netlink: 'syz.1.1984': attribute type 29 has an invalid length.
[  283.593026][ T9644] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1984'.
[  283.612547][ T9649] loop4: detected capacity change from 0 to 128
[  283.732104][ T9634] bio_check_eod: 58202 callbacks suppressed
[  283.732122][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.732122][ T9634] loop2: rw=0, sector=311, nr_sectors = 1 limit=128
[  283.752502][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.752502][ T9634] loop2: rw=0, sector=312, nr_sectors = 1 limit=128
[  283.765726][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.765726][ T9634] loop2: rw=0, sector=305, nr_sectors = 1 limit=128
[  283.779726][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.779726][ T9634] loop2: rw=0, sector=306, nr_sectors = 1 limit=128
[  283.791086][ T9658] loop4: detected capacity change from 0 to 512
[  283.793682][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.793682][ T9634] loop2: rw=0, sector=307, nr_sectors = 1 limit=128
[  283.812911][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.812911][ T9634] loop2: rw=0, sector=308, nr_sectors = 1 limit=128
[  283.819534][ T9658] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  283.826397][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.826397][ T9634] loop2: rw=0, sector=309, nr_sectors = 1 limit=128
[  283.846793][ T9658] EXT4-fs (loop4): mount failed
[  283.855104][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.855104][ T9634] loop2: rw=0, sector=310, nr_sectors = 1 limit=128
[  283.873993][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.873993][ T9634] loop2: rw=0, sector=311, nr_sectors = 1 limit=128
[  283.888322][ T9634] syz.2.1981: attempt to access beyond end of device
[  283.888322][ T9634] loop2: rw=0, sector=312, nr_sectors = 1 limit=128
[  283.900611][ T9662] loop4: detected capacity change from 0 to 1024
[  283.908092][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  283.928264][ T9662] EXT4-fs: Ignoring removed orlov option
[  283.955379][ T9662] EXT4-fs mount: 2 callbacks suppressed
[  283.955396][ T9662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.030221][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.298943][ T9685] loop1: detected capacity change from 0 to 128
[  284.306801][ T9685] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  284.311842][ T9687] loop2: detected capacity change from 0 to 512
[  284.320567][ T9685] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  284.330099][ T9685] FAT-fs (loop1): Filesystem has been set read-only
[  284.333598][ T9687] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  284.354124][ T9687] EXT4-fs (loop2): mount failed
[  284.438719][ T9699] loop3: detected capacity change from 0 to 128
[  284.508069][ T9701] netlink: 'syz.2.2007': attribute type 4 has an invalid length.
[  284.533643][ T9701] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.591501][ T9701] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.674265][ T9701] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.744665][ T9701] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.816469][   T67] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.833327][   T67] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  284.902528][   T67] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  284.910825][   T67] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.932038][ T9707] loop4: detected capacity change from 0 to 164
[  284.974247][ T9707] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  285.067288][ T9710] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2008'.
[  285.212751][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.220589][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.228408][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.236171][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.243952][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.251863][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.259646][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.267525][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.275471][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.283272][ T3639] hid-generic 0003:80000004:0000.0001: unknown main item tag 0x0
[  285.299983][ T3639] hid-generic 0003:80000004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz0
[  285.346914][ T9722] loop2: detected capacity change from 0 to 128
[  285.357403][ T9722] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  285.370611][ T9722] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  285.378476][ T9722] FAT-fs (loop2): Filesystem has been set read-only
[  285.407780][ T9726] loop2: detected capacity change from 0 to 512
[  285.418019][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  285.429590][ T9726] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  285.444531][ T9726] EXT4-fs (loop2): mount failed
[  285.495006][ T9733] capability: warning: `syz.2.2016' uses 32-bit capabilities (legacy support in use)
[  285.530546][ T9735] loop2: detected capacity change from 0 to 1024
[  285.537694][ T9735] EXT4-fs: Ignoring removed orlov option
[  285.545704][ T9735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.734799][ T9740] loop4: detected capacity change from 0 to 128
[  285.762089][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.296706][ T9754] program syz.0.2023 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  286.322812][ T9756] loop4: detected capacity change from 0 to 128
[  286.371852][ T9756] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  286.396820][ T9756] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  286.396849][ T9756] FAT-fs (loop4): Filesystem has been set read-only
[  288.350619][ T9775] loop3: detected capacity change from 0 to 128
[  288.702811][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  288.790217][ T9786] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.877889][ T9786] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.915923][ T9786] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.954211][ T9786] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.007419][ T1804] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.026692][ T1804] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.106889][ T1804] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.140511][ T1804] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.179987][ T9790] loop2: detected capacity change from 0 to 128
[  289.241982][ T9790] bio_check_eod: 54258 callbacks suppressed
[  289.242004][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.242004][ T9790] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  289.290116][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.290116][ T9790] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  289.340289][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.340289][ T9790] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  289.368830][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.368830][ T9790] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  289.423133][ T9798] syz.2.2036: attempt to access beyond end of device
[  289.423133][ T9798] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128
[  289.465164][ T9806] loop3: detected capacity change from 0 to 128
[  289.478352][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.478352][ T9790] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  289.495387][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.495387][ T9790] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  289.507002][ T9806] syz.3.2043: attempt to access beyond end of device
[  289.507002][ T9806] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[  289.508973][ T9790] syz.2.2036: attempt to access beyond end of device
[  289.508973][ T9790] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[  289.541048][ T9808] loop4: detected capacity change from 0 to 1024
[  289.548383][ T9798] syz.2.2036: attempt to access beyond end of device
[  289.548383][ T9798] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[  289.567806][ T9808] EXT4-fs: Ignoring removed nomblk_io_submit option
[  289.626137][ T9808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.635739][ T9819] loop1: detected capacity change from 0 to 128
[  289.668220][ T9814] loop0: detected capacity change from 0 to 8192
[  289.681817][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.755349][ T9824] loop4: detected capacity change from 0 to 512
[  289.770039][   T29] kauditd_printk_skb: 175 callbacks suppressed
[  289.770074][   T29] audit: type=1326 audit(1761747289.247:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.828235][   T29] audit: type=1326 audit(1761747289.247:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.853056][ T9824] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6).
[  289.853102][ T9824] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  289.853344][ T9824] EXT4-fs (loop4): mount failed
[  289.885319][   T29] audit: type=1326 audit(1761747289.247:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.908759][   T29] audit: type=1326 audit(1761747289.247:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.932359][   T29] audit: type=1326 audit(1761747289.247:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.955810][   T29] audit: type=1326 audit(1761747289.247:5599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  289.979277][   T29] audit: type=1326 audit(1761747289.258:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb0587d5e67 code=0x7ffc0000
[  290.002682][   T29] audit: type=1326 audit(1761747289.258:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb05877b099 code=0x7ffc0000
[  290.026047][   T29] audit: type=1326 audit(1761747289.258:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9821 comm="syz.2.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  290.041319][ T9839] loop0: detected capacity change from 0 to 1024
[  290.059830][ T9839] EXT4-fs: Ignoring removed orlov option
[  290.088081][ T9839] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.174752][ T9853] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.277055][ T9853] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.293280][ T9858] loop4: detected capacity change from 0 to 8192
[  290.320890][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.344735][ T9860] loop1: detected capacity change from 0 to 128
[  290.377608][ T9866] loop0: detected capacity change from 0 to 128
[  290.385549][ T9853] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.460600][ T9872] loop4: detected capacity change from 0 to 128
[  290.471747][ T9853] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.520387][ T9860] buffer_io_error: 107814 callbacks suppressed
[  290.520412][ T9860] Buffer I/O error on dev loop1, logical block 305, async page read
[  290.536134][ T9860] Buffer I/O error on dev loop1, logical block 306, async page read
[  290.544716][ T9860] Buffer I/O error on dev loop1, logical block 307, async page read
[  290.553521][ T9860] Buffer I/O error on dev loop1, logical block 308, async page read
[  290.561717][ T9860] Buffer I/O error on dev loop1, logical block 309, async page read
[  290.570162][ T9860] Buffer I/O error on dev loop1, logical block 310, async page read
[  290.581085][ T9860] Buffer I/O error on dev loop1, logical block 311, async page read
[  290.589175][ T9860] Buffer I/O error on dev loop1, logical block 312, async page read
[  290.590946][   T67] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.612287][ T9860] Buffer I/O error on dev loop1, logical block 305, async page read
[  290.626692][   T67] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.638822][ T9860] Buffer I/O error on dev loop1, logical block 306, async page read
[  290.647054][   T67] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.647183][   T67] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.748485][ T1804] Bluetooth: hci0: Frame reassembly failed (-84)
[  290.915906][ T1804] Bluetooth: hci1: Frame reassembly failed (-84)
[  291.093324][ T9897] program syz.4.2077 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  291.156311][ T9903] program syz.4.2080 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  291.518917][ T9914] loop0: detected capacity change from 0 to 8192
[  292.320744][ T9920] loop1: detected capacity change from 0 to 128
[  292.690351][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  292.941970][ T3805] Bluetooth: hci1: command 0x1003 tx timeout
[  292.948350][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  293.139884][ T9931] loop4: detected capacity change from 0 to 1024
[  293.146982][ T9931] EXT4-fs: Ignoring removed orlov option
[  293.163790][ T9931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.265777][ T9937] loop1: detected capacity change from 0 to 128
[  293.740264][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.822298][ T9943] loop3: detected capacity change from 0 to 8192
[  294.003355][ T9952] loop3: detected capacity change from 0 to 512
[  294.019290][ T9937] bio_check_eod: 50989 callbacks suppressed
[  294.019348][ T9937] syz.1.2092: attempt to access beyond end of device
[  294.019348][ T9937] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  294.087043][ T9952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.104205][ T9950] loop4: detected capacity change from 0 to 8192
[  294.138592][ T9952] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.2098: No space for directory leaf checksum. Please run e2fsck -D.
[  294.154147][ T9952] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.2098: checksumming directory block 0
[  294.239063][ T9962] loop0: detected capacity change from 0 to 128
[  294.276283][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.318891][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.318891][ T9970] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[  294.354111][ T9973] loop2: detected capacity change from 0 to 1024
[  294.361451][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.361451][ T9970] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[  294.375593][ T9973] EXT4-fs: Ignoring removed orlov option
[  294.377794][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.377794][ T9970] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[  294.395969][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.395969][ T9970] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[  294.405920][ T9972] loop3: detected capacity change from 0 to 1024
[  294.412902][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.412902][ T9970] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[  294.416197][ T9972] EXT4-fs: Ignoring removed orlov option
[  294.436669][ T9970] syz.0.2101: attempt to access beyond end of device
[  294.436669][ T9970] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[  294.452244][ T9973] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.473145][ T9972] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.486555][ T9979] loop4: detected capacity change from 0 to 8192
[  294.535909][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.540457][ T9985] loop0: detected capacity change from 0 to 512
[  294.577471][ T9985] __quota_error: 124 callbacks suppressed
[  294.577492][ T9985] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6).
[  294.583443][ T9988] loop1: detected capacity change from 0 to 128
[  294.601591][ T9985] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  294.618453][ T9985] EXT4-fs (loop0): mount failed
[  294.656657][ T9988] syz.1.2113: attempt to access beyond end of device
[  294.656657][ T9988] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  294.671104][ T9988] syz.1.2113: attempt to access beyond end of device
[  294.671104][ T9988] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[  294.695376][ T9988] syz.1.2113: attempt to access beyond end of device
[  294.695376][ T9988] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[  294.754697][ T9998] loop4: detected capacity change from 0 to 1024
[  294.773070][T10000] loop2: detected capacity change from 0 to 128
[  294.781428][ T9998] EXT4-fs: Ignoring removed nomblk_io_submit option
[  294.815799][ T9998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.880016][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.880492][T10014] loop1: detected capacity change from 0 to 512
[  294.915859][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.935663][T10018] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2120'.
[  294.963239][T10014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.020567][T10014] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.2119: No space for directory leaf checksum. Please run e2fsck -D.
[  295.036589][T10014] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.2119: checksumming directory block 0
[  295.052520][T10023] loop4: detected capacity change from 0 to 512
[  295.088219][T10023] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.145447][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.171001][   T29] audit: type=1400 audit(1761747294.917:5727): avc:  denied  { remount } for  pid=10017 comm="syz.4.2120" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  295.211794][T10022] Quota error (device loop4): v2_read_file_info: Free block number 58381 out of range (1, 6).
[  295.235933][T10022] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  295.288485][T10038] loop1: detected capacity change from 0 to 1024
[  295.295337][T10038] EXT4-fs: Ignoring removed orlov option
[  295.302394][T10000] buffer_io_error: 67217 callbacks suppressed
[  295.302411][T10000] Buffer I/O error on dev loop2, logical block 308, async page read
[  295.326546][T10000] Buffer I/O error on dev loop2, logical block 309, async page read
[  295.329124][T10038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.342806][T10000] Buffer I/O error on dev loop2, logical block 310, async page read
[  295.382554][ T3315] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  295.399893][T10000] Buffer I/O error on dev loop2, logical block 311, async page read
[  295.407982][T10000] Buffer I/O error on dev loop2, logical block 312, async page read
[  295.416190][T10000] Buffer I/O error on dev loop2, logical block 305, async page read
[  295.424297][T10000] Buffer I/O error on dev loop2, logical block 306, async page read
[  295.432339][T10000] Buffer I/O error on dev loop2, logical block 307, async page read
[  295.440449][T10000] Buffer I/O error on dev loop2, logical block 308, async page read
[  295.449002][T10000] Buffer I/O error on dev loop2, logical block 309, async page read
[  295.639085][T10047] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.668538][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.695516][   T29] audit: type=1326 audit(1761747295.463:5728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10056 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  295.723348][   T29] audit: type=1326 audit(1761747295.463:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10056 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  295.746910][   T29] audit: type=1326 audit(1761747295.463:5730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10056 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  295.770638][   T29] audit: type=1326 audit(1761747295.463:5731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10056 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  295.807088][T10061] loop2: detected capacity change from 0 to 512
[  295.821164][T10047] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.860750][T10061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.884151][T10061] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.2134: No space for directory leaf checksum. Please run e2fsck -D.
[  295.900298][T10061] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.2134: checksumming directory block 0
[  295.918810][T10047] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.989221][T10047] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.000211][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.086935][   T67] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.087012][   T67] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.127380][   T67] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.150483][   T67] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.181522][T10086] loop4: detected capacity change from 0 to 128
[  296.516940][T10095] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  296.559150][T10095] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  296.568991][T10095] vlan2: entered allmulticast mode
[  296.667951][T10099] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2145'.
[  296.668855][T10099] netlink: 'syz.3.2145': attribute type 39 has an invalid length.
[  296.728066][T10102] loop3: detected capacity change from 0 to 512
[  296.736039][T10102] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.3.2145: corrupted xattr block 95: invalid header
[  296.736153][T10102] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  296.736285][T10102] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2145: bg 0: block 7: invalid block bitmap
[  296.736430][T10102] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  296.736584][T10102] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2967: inode #11: comm syz.3.2145: corrupted xattr block 95: invalid header
[  296.736691][T10102] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  296.736780][T10102] EXT4-fs (loop3): 1 orphan inode deleted
[  296.737096][T10102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.810161][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.951410][T10118] sctp: [Deprecated]: syz.4.2153 (pid 10118) Use of int in max_burst socket option.
[  296.951410][T10118] Use struct sctp_assoc_value instead
[  296.967989][   T29] audit: type=1400 audit(1761747296.786:5732): avc:  denied  { setopt } for  pid=10117 comm="syz.4.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  296.987933][   T29] audit: type=1326 audit(1761747296.786:5733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10117 comm="syz.4.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  296.991807][T10120] loop0: detected capacity change from 0 to 128
[  297.011631][   T29] audit: type=1326 audit(1761747296.786:5734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10117 comm="syz.4.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fe09472efc9 code=0x7ffc0000
[  297.044091][T10118] mmap: syz.4.2153 (10118) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  297.807085][T10174] loop4: detected capacity change from 0 to 1024
[  297.807348][T10174] EXT4-fs: Ignoring removed orlov option
[  297.811662][T10174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.857889][T10177] program syz.0.2175 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  298.052315][T10187] loop3: detected capacity change from 0 to 128
[  298.151847][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.190988][T10185] loop0: detected capacity change from 0 to 8192
[  299.183884][T10207] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2184'.
[  299.238357][T10205] FAULT_INJECTION: forcing a failure.
[  299.238357][T10205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.252341][T10205] CPU: 0 UID: 0 PID: 10205 Comm: syz.3.2186 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  299.252431][T10205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  299.252443][T10205] Call Trace:
[  299.252451][T10205]  <TASK>
[  299.252461][T10205]  __dump_stack+0x1d/0x30
[  299.252525][T10205]  dump_stack_lvl+0xe8/0x140
[  299.252549][T10205]  dump_stack+0x15/0x1b
[  299.252572][T10205]  should_fail_ex+0x265/0x280
[  299.252597][T10205]  should_fail+0xb/0x20
[  299.252616][T10205]  should_fail_usercopy+0x1a/0x20
[  299.252706][T10205]  _copy_to_user+0x20/0xa0
[  299.252734][T10205]  simple_read_from_buffer+0xb5/0x130
[  299.252758][T10205]  proc_fail_nth_read+0x10e/0x150
[  299.252796][T10205]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  299.252877][T10205]  vfs_read+0x1a8/0x770
[  299.252900][T10205]  ? __rcu_read_unlock+0x4f/0x70
[  299.252945][T10205]  ? __fget_files+0x184/0x1c0
[  299.252977][T10205]  ksys_read+0xda/0x1a0
[  299.253002][T10205]  __x64_sys_read+0x40/0x50
[  299.253053][T10205]  x64_sys_call+0x27c0/0x3000
[  299.253100][T10205]  do_syscall_64+0xd2/0x200
[  299.253123][T10205]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  299.253212][T10205]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  299.253253][T10205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.253300][T10205] RIP: 0033:0x7f64b680d9dc
[  299.253318][T10205] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  299.253390][T10205] RSP: 002b:00007f64b526f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.253409][T10205] RAX: ffffffffffffffda RBX: 00007f64b6a65fa0 RCX: 00007f64b680d9dc
[  299.253453][T10205] RDX: 000000000000000f RSI: 00007f64b526f0a0 RDI: 0000000000000006
[  299.253465][T10205] RBP: 00007f64b526f090 R08: 0000000000000000 R09: 0000000000000000
[  299.253476][T10205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.253488][T10205] R13: 00007f64b6a66038 R14: 00007f64b6a65fa0 R15: 00007fffc3519168
[  299.253526][T10205]  </TASK>
[  299.408187][   T29] kauditd_printk_skb: 213 callbacks suppressed
[  299.408205][   T29] audit: type=1326 audit(1761747299.369:5948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10206 comm="syz.0.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  299.431565][T10215] loop2: detected capacity change from 0 to 512
[  299.503588][T10215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.533941][T10215] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.2187: No space for directory leaf checksum. Please run e2fsck -D.
[  299.715036][T10215] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.2187: checksumming directory block 0
[  299.739878][T10237] loop3: detected capacity change from 0 to 512
[  299.754936][T10237] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6).
[  299.765981][T10237] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  299.781275][T10237] EXT4-fs (loop3): mount failed
[  299.799635][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.825464][   T29] audit: type=1326 audit(1761747299.810:5949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.849021][   T29] audit: type=1326 audit(1761747299.810:5950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.872625][   T29] audit: type=1326 audit(1761747299.810:5951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.896277][   T29] audit: type=1326 audit(1761747299.810:5952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.919850][   T29] audit: type=1326 audit(1761747299.810:5953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.943384][   T29] audit: type=1326 audit(1761747299.810:5954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.968319][T10243] loop2: detected capacity change from 0 to 512
[  299.975301][   T29] audit: type=1326 audit(1761747299.810:5955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  299.998852][   T29] audit: type=1326 audit(1761747299.810:5956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10244 comm="syz.3.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  300.030456][T10243] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  300.045579][T10243] EXT4-fs (loop2): mount failed
[  300.051677][T10255] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.075413][T10257] loop2: detected capacity change from 0 to 128
[  300.089256][T10257] bio_check_eod: 68123 callbacks suppressed
[  300.089316][T10257] syz.2.2204: attempt to access beyond end of device
[  300.089316][T10257] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  300.124016][T10257] syz.2.2204: attempt to access beyond end of device
[  300.124016][T10257] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  300.145821][T10257] syz.2.2204: attempt to access beyond end of device
[  300.145821][T10257] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  300.160911][T10257] syz.2.2204: attempt to access beyond end of device
[  300.160911][T10257] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  300.177426][T10263] loop0: detected capacity change from 0 to 128
[  300.188462][T10255] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.216333][T10263] syz.0.2207: attempt to access beyond end of device
[  300.216333][T10263] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[  300.228395][T10257] syz.2.2204: attempt to access beyond end of device
[  300.228395][T10257] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  300.243503][T10263] syz.0.2207: attempt to access beyond end of device
[  300.243503][T10263] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128
[  300.243689][T10257] syz.2.2204: attempt to access beyond end of device
[  300.243689][T10257] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  300.259849][T10263] syz.0.2207: attempt to access beyond end of device
[  300.259849][T10263] loop0: rw=2049, sector=177, nr_sectors = 24 limit=128
[  300.278020][T10264] syz.2.2204: attempt to access beyond end of device
[  300.278020][T10264] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128
[  300.300670][T10255] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.328573][T10270] loop4: detected capacity change from 0 to 1024
[  300.336282][T10270] EXT4-fs: Ignoring removed orlov option
[  300.345682][T10270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.370066][T10255] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.411569][T10257] buffer_io_error: 39907 callbacks suppressed
[  300.411629][T10257] Buffer I/O error on dev loop2, logical block 305, async page read
[  300.426184][T10257] Buffer I/O error on dev loop2, logical block 306, async page read
[  300.434442][T10257] Buffer I/O error on dev loop2, logical block 307, async page read
[  300.443655][T10257] Buffer I/O error on dev loop2, logical block 308, async page read
[  300.457797][T10257] Buffer I/O error on dev loop2, logical block 309, async page read
[  300.472961][ T1804] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.476349][T10257] Buffer I/O error on dev loop2, logical block 310, async page read
[  300.483530][T10263] Buffer I/O error on dev loop0, logical block 305, async page read
[  300.498526][ T1804] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.499643][T10257] Buffer I/O error on dev loop2, logical block 311, async page read
[  300.508046][ T1804] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.517791][T10263] Buffer I/O error on dev loop0, logical block 306, async page read
[  300.530983][T10257] Buffer I/O error on dev loop2, logical block 312, async page read
[  300.536297][ T1804] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.613297][T10283] loop1: detected capacity change from 0 to 128
[  301.029987][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.793065][T10291] loop1: detected capacity change from 0 to 128
[  301.807219][T10292] loop0: detected capacity change from 0 to 512
[  301.870909][T10292] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  301.907501][T10298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2220'.
[  301.916932][T10296] SELinux:  policydb magic number 0x2e202123 does not match expected magic number 0xf97cff8c
[  301.937237][T10292] EXT4-fs (loop0): mount failed
[  301.945120][T10296] SELinux: failed to load policy
[  302.299607][T10320] loop2: detected capacity change from 0 to 512
[  302.335419][T10320] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.356139][T10320] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.2227: No space for directory leaf checksum. Please run e2fsck -D.
[  302.371567][T10320] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.2227: checksumming directory block 0
[  302.559099][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.632862][T10339] loop2: detected capacity change from 0 to 1024
[  302.641798][T10339] EXT4-fs: Ignoring removed orlov option
[  302.660082][T10339] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.745457][T10344] loop3: detected capacity change from 0 to 512
[  302.776089][T10344] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  302.841963][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.904531][T10344] EXT4-fs (loop3): mount failed
[  303.017751][ T3805] Bluetooth: hci0: sending frame failed (-49)
[  303.024065][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  303.078553][T10361] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2239'.
[  303.237717][T10366] loop1: detected capacity change from 0 to 512
[  303.282516][T10366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.333236][T10366] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.2241: No space for directory leaf checksum. Please run e2fsck -D.
[  303.348711][T10366] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.2241: checksumming directory block 0
[  303.675291][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.268436][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  304.268453][   T29] audit: type=1400 audit(1761747304.471:6077): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  304.336161][T10387] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  304.411727][T10389] loop1: detected capacity change from 0 to 1024
[  304.449406][T10389] EXT4-fs: Ignoring removed orlov option
[  304.481971][T10389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.512796][T10392] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  304.781086][T10398] loop3: detected capacity change from 0 to 1024
[  304.868197][T10398] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.930091][T10398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.975648][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.998243][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.159935][   T29] audit: type=1326 audit(1761747305.406:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.1.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  305.184322][   T29] audit: type=1326 audit(1761747305.406:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.1.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  305.214941][   T29] audit: type=1326 audit(1761747305.469:6080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.1.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  305.239301][   T29] audit: type=1326 audit(1761747305.469:6081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.1.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  305.248981][T10419] loop3: detected capacity change from 0 to 1024
[  305.263770][   T29] audit: type=1326 audit(1761747305.469:6082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.1.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f272cefc9 code=0x7ffc0000
[  305.286736][T10419] EXT4-fs: Ignoring removed orlov option
[  305.313052][T10419] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.345768][T10422] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  305.372632][T10424] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  305.435514][T10426] program syz.2.2262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  305.650111][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.729421][T10437] loop2: detected capacity change from 0 to 128
[  305.852107][T10437] bio_check_eod: 28251 callbacks suppressed
[  305.852128][T10437] syz.2.2266: attempt to access beyond end of device
[  305.852128][T10437] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  305.911295][T10437] syz.2.2266: attempt to access beyond end of device
[  305.911295][T10437] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  305.988775][   T29] audit: type=1326 audit(1761747306.277:6083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10451 comm="syz.2.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  306.013084][   T29] audit: type=1326 audit(1761747306.277:6084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10451 comm="syz.2.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  306.048475][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  306.087255][   T29] audit: type=1326 audit(1761747306.277:6085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10451 comm="syz.2.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  306.112197][   T29] audit: type=1326 audit(1761747306.277:6086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10451 comm="syz.2.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  306.386953][   T31] Bluetooth: hci1: Frame reassembly failed (-84)
[  306.778067][   T31] Bluetooth: hci2: Frame reassembly failed (-84)
[  307.341968][T10485] loop0: detected capacity change from 0 to 1024
[  307.348701][T10485] EXT4-fs: Ignoring removed orlov option
[  307.364265][T10485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.431747][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.981546][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  308.362517][ T3986] Bluetooth: hci1: command 0x1003 tx timeout
[  308.368579][ T3805] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  308.735350][ T3805] Bluetooth: hci2: command 0x1003 tx timeout
[  308.741522][ T3516] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  309.442775][T10510] program syz.0.2295 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  309.572499][T10520] loop1: detected capacity change from 0 to 128
[  309.597984][T10518] loop0: detected capacity change from 0 to 8192
[  309.666309][T10521] syz.1.2299: attempt to access beyond end of device
[  309.666309][T10521] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  309.686027][   T29] kauditd_printk_skb: 82 callbacks suppressed
[  309.686103][   T29] audit: type=1326 audit(1761747310.162:6169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.738422][T10521] syz.1.2299: attempt to access beyond end of device
[  309.738422][T10521] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[  309.756935][T10523] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2300'.
[  309.760646][   T29] audit: type=1326 audit(1761747310.162:6170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.789512][   T29] audit: type=1326 audit(1761747310.162:6171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.813016][   T29] audit: type=1326 audit(1761747310.162:6172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.836604][   T29] audit: type=1326 audit(1761747310.162:6173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.860105][   T29] audit: type=1326 audit(1761747310.162:6174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.883690][   T29] audit: type=1326 audit(1761747310.162:6175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.907274][   T29] audit: type=1326 audit(1761747310.162:6176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.930870][   T29] audit: type=1326 audit(1761747310.162:6177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  309.954408][   T29] audit: type=1326 audit(1761747310.162:6178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10522 comm="syz.0.2300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbb8b9efc9 code=0x7ffc0000
[  310.188313][T10540] loop3: detected capacity change from 0 to 1024
[  310.202779][T10540] EXT4-fs: Ignoring removed orlov option
[  310.219980][T10540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.746481][T10557] loop0: detected capacity change from 0 to 1024
[  310.770683][T10557] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.811869][T10557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.841236][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.058506][T10563] loop4: detected capacity change from 0 to 128
[  311.075596][T10563] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  311.292066][T10569] loop4: detected capacity change from 0 to 512
[  311.301704][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.328797][T10569] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  311.372780][T10573] loop3: detected capacity change from 0 to 1024
[  311.379425][T10573] EXT4-fs: Ignoring removed orlov option
[  311.394917][T10569] EXT4-fs (loop4): mount failed
[  311.424850][T10575] loop0: detected capacity change from 0 to 1024
[  311.432252][T10573] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.463863][T10575] EXT4-fs: Ignoring removed orlov option
[  311.501798][T10575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.823859][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.913352][T10589] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  311.952149][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.470836][T10596] loop3: detected capacity change from 0 to 128
[  312.580974][T10596] syz.3.2325: attempt to access beyond end of device
[  312.580974][T10596] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  312.584892][T10599] loop1: detected capacity change from 0 to 128
[  312.625695][T10596] syz.3.2325: attempt to access beyond end of device
[  312.625695][T10596] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[  312.638380][T10599] syz.1.2327: attempt to access beyond end of device
[  312.638380][T10599] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[  312.663207][T10596] syz.3.2325: attempt to access beyond end of device
[  312.663207][T10596] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[  312.676798][T10599] syz.1.2327: attempt to access beyond end of device
[  312.676798][T10599] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[  312.698953][T10596] syz.3.2325: attempt to access beyond end of device
[  312.698953][T10596] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[  312.734077][T10599] syz.1.2327: attempt to access beyond end of device
[  312.734077][T10599] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[  312.763130][T10596] syz.3.2325: attempt to access beyond end of device
[  312.763130][T10596] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[  312.770988][T10599] syz.1.2327: attempt to access beyond end of device
[  312.770988][T10599] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  312.848672][T10596] syz.3.2325: attempt to access beyond end of device
[  312.848672][T10596] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[  312.947283][T10610] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  313.077254][T10617] atomic_op ffff8881447de528 conn xmit_atomic 0000000000000000
[  313.191280][T10622] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  313.381012][T10627] loop3: detected capacity change from 0 to 8192
[  313.433034][T10628] loop1: detected capacity change from 0 to 512
[  313.543313][T10628] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.602735][T10628] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.2338: No space for directory leaf checksum. Please run e2fsck -D.
[  313.622782][T10628] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.2338: checksumming directory block 0
[  313.799433][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.812980][T10638] loop3: detected capacity change from 0 to 512
[  313.842224][T10638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.857693][T10641] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2341'.
[  313.885557][T10638] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.2340: No space for directory leaf checksum. Please run e2fsck -D.
[  313.901762][T10638] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.2340: checksumming directory block 0
[  314.125676][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.250391][   T67] Bluetooth: hci0: Frame reassembly failed (-84)
[  315.470852][T10664] loop4: detected capacity change from 0 to 1024
[  315.471183][T10664] EXT4-fs: Ignoring removed orlov option
[  315.484013][T10664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.682251][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.912865][T10673] loop1: detected capacity change from 0 to 8192
[  315.994376][T10683] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  316.012647][T10685] loop4: detected capacity change from 0 to 128
[  316.136546][T10692] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  316.210822][ T3516] Bluetooth: hci0: command 0x1003 tx timeout
[  316.215705][ T3805] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  316.224751][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  316.224765][   T29] audit: type=1326 audit(1761747317.028:6316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10650 comm="syz.3.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  316.259894][T10698] loop1: detected capacity change from 0 to 128
[  316.268684][   T29] audit: type=1326 audit(1761747317.060:6317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10650 comm="syz.3.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b680efc9 code=0x7ffc0000
[  316.316218][T10685] buffer_io_error: 22566 callbacks suppressed
[  316.316238][T10685] Buffer I/O error on dev loop4, logical block 305, async page read
[  316.331736][T10685] Buffer I/O error on dev loop4, logical block 306, async page read
[  316.340242][T10685] Buffer I/O error on dev loop4, logical block 307, async page read
[  316.349593][T10685] Buffer I/O error on dev loop4, logical block 308, async page read
[  316.358088][T10685] Buffer I/O error on dev loop4, logical block 309, async page read
[  316.367171][T10685] Buffer I/O error on dev loop4, logical block 310, async page read
[  316.375349][T10685] Buffer I/O error on dev loop4, logical block 311, async page read
[  316.384309][T10685] Buffer I/O error on dev loop4, logical block 312, async page read
[  316.392513][T10685] Buffer I/O error on dev loop4, logical block 305, async page read
[  316.400688][T10685] Buffer I/O error on dev loop4, logical block 306, async page read
[  316.420964][   T29] audit: type=1326 audit(1761747317.144:6318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.445251][   T29] audit: type=1326 audit(1761747317.144:6319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.469449][   T29] audit: type=1326 audit(1761747317.154:6320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.493712][   T29] audit: type=1326 audit(1761747317.154:6321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.518121][   T29] audit: type=1326 audit(1761747317.154:6322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.542347][   T29] audit: type=1326 audit(1761747317.165:6323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.566684][   T29] audit: type=1326 audit(1761747317.165:6324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.590907][   T29] audit: type=1326 audit(1761747317.165:6325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.2.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0587defc9 code=0x7ffc0000
[  316.683066][T10708] loop2: detected capacity change from 0 to 1024
[  316.694427][T10708] EXT4-fs: Ignoring removed orlov option
[  316.763932][T10708] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.802239][T10707] loop0: detected capacity change from 0 to 8192
[  317.074986][T10721] loop3: detected capacity change from 0 to 2048
[  317.195842][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.211423][T10721] Alternate GPT is invalid, using primary GPT.
[  317.217826][T10721]  loop3: p1 p2 p3
[  317.331438][T10739] loop3: detected capacity change from 0 to 512
[  317.350213][T10739] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  317.502247][T10749] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2381'.
[  317.516056][T10739] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  317.530848][T10751] loop4: detected capacity change from 0 to 1024
[  317.531447][T10751] EXT4-fs: Ignoring removed nomblk_io_submit option
[  317.595274][ T3318] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  317.606259][T10751] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.657001][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  317.712723][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.757779][T10764] loop1: detected capacity change from 0 to 1024
[  317.871573][T10764] EXT4-fs: Ignoring removed orlov option
[  317.895296][T10764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.688652][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.767928][T10793] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  318.895229][T10795] loop1: detected capacity change from 0 to 1024
[  318.917864][T10795] EXT4-fs: Ignoring removed orlov option
[  318.939715][T10795] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.053067][T10798] ==================================================================
[  319.061291][T10798] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  319.069574][T10798] 
[  319.071904][T10798] write to 0xffff8881073ddbb0 of 4 bytes by task 10795 on cpu 0:
[  319.079626][T10798]  writeback_single_inode+0x150/0x3f0
[  319.085038][T10798]  sync_inode_metadata+0x5b/0x90
[  319.090164][T10798]  generic_buffers_fsync_noflush+0xd9/0x120
[  319.096080][T10798]  ext4_sync_file+0x1ab/0x690
[  319.100769][T10798]  vfs_fsync_range+0x10d/0x130
[  319.105545][T10798]  ext4_buffered_write_iter+0x34f/0x3c0
[  319.111101][T10798]  ext4_file_write_iter+0x387/0xf60
[  319.116312][T10798]  iter_file_splice_write+0x666/0xa60
[  319.121692][T10798]  direct_splice_actor+0x156/0x2a0
[  319.126809][T10798]  splice_direct_to_actor+0x312/0x680
[  319.132189][T10798]  do_splice_direct+0xda/0x150
[  319.136964][T10798]  do_sendfile+0x380/0x650
[  319.141417][T10798]  __x64_sys_sendfile64+0x105/0x150
[  319.146634][T10798]  x64_sys_call+0x2bb4/0x3000
[  319.151324][T10798]  do_syscall_64+0xd2/0x200
[  319.155835][T10798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.161736][T10798] 
[  319.164061][T10798] read to 0xffff8881073ddbb0 of 4 bytes by task 10798 on cpu 1:
[  319.171695][T10798]  __mark_inode_dirty+0x55/0x750
[  319.176649][T10798]  ext4_write_inline_data_end+0x3e5/0x5f0
[  319.182389][T10798]  ext4_write_end+0x3d7/0x730
[  319.187088][T10798]  generic_perform_write+0x312/0x490
[  319.192384][T10798]  ext4_buffered_write_iter+0x1ee/0x3c0
[  319.197938][T10798]  ext4_file_write_iter+0x387/0xf60
[  319.203151][T10798]  iter_file_splice_write+0x666/0xa60
[  319.208532][T10798]  direct_splice_actor+0x156/0x2a0
[  319.213651][T10798]  splice_direct_to_actor+0x312/0x680
[  319.219038][T10798]  do_splice_direct+0xda/0x150
[  319.223810][T10798]  do_sendfile+0x380/0x650
[  319.228268][T10798]  __x64_sys_sendfile64+0x105/0x150
[  319.233480][T10798]  x64_sys_call+0x2bb4/0x3000
[  319.238166][T10798]  do_syscall_64+0xd2/0x200
[  319.242676][T10798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.248605][T10798] 
[  319.250925][T10798] value changed: 0x00000070 -> 0x00000002
[  319.256640][T10798] 
[  319.258962][T10798] Reported by Kernel Concurrency Sanitizer on:
[  319.265131][T10798] CPU: 1 UID: 0 PID: 10798 Comm: syz.1.2397 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  319.274945][T10798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  319.285015][T10798] ==================================================================
[  319.630181][ T3805] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  319.654076][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.750735][T10796] infiniband syz!: set active
[  319.756276][T10796] infiniband syz!: added team_slave_0
[  319.779860][T10796] RDS/IB: syz!: added
[  319.784629][T10796] smc: adding ib device syz! with port count 1
[  319.790859][T10796] smc:    ib device syz! port 1 has no pnetid