last executing test programs:

3.542040207s ago: executing program 2 (id=2841):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
capset(0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2.67536417s ago: executing program 2 (id=2857):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
capset(0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934", 0xcc}], 0x1}}], 0x1, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.804761163s ago: executing program 2 (id=2881):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff06)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3400000004080006dc000240886400"/27], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
socket$packet(0x11, 0x2, 0x300)
preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c000000000000000000000c850000006d00000095"], &(0x7f0000001800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='9p_protocol_dump\x00', r3}, 0x10)

1.583817966s ago: executing program 4 (id=2883):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x204080, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x185093, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0x2, 0x2}, {0xf, 0x2}, {0x102, 0x1}, {0xb}]}]}}, 0x0, 0x46, 0x0, 0x9, 0x2, 0x0, @void, @value}, 0x28)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x4001, 0x3, 0x250, 0xf8, 0xb, 0x148, 0xf8, 0x148, 0x1b8, 0x230, 0x242, 0x1b8, 0x215, 0x3, 0x0, {[{{@ip={@local, @remote, 0x0, 0x0, 'dvmrp0\x00', 'macvtap0\x00', {}, {}, 0x73}, 0x0, 0xc8, 0xf8, 0x0, {0xff0f000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x8}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {}, 0x4}}}, {{@uncond, 0xec010000, 0xa0, 0xc0, 0x0, {}, [@common=@ah={{0x30}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000500, 0x0, 0x0, 0x200000000530, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000001000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x138)
r3 = openat$incfs(0xffffffffffffffff, &(0x7f0000000140)='.log\x00', 0xc88081, 0x82)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r6, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}], 0x1, &(0x7f0000000280)=[@init={0x18, 0x84, 0x0, {0x7ff, 0x0, 0x3}}], 0x18, 0x14001}], 0x1, 0x4044040)
close(r5)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, &(0x7f0000000180)})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYBLOB, @ANYRESHEX=r7, @ANYBLOB=',\x00'])
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r10}, 0x10)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0xfffffffe}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x0, 0x0, 0x8}, 0x8}, [{}, {0x0, 0x4, 0x90000000, 0x0, 0x3}, {}, {0x1, 0x0, 0x0, 0x7fff, 0x0, 0xfffffffd}, {}, {0x0, 0xfffffffc}, {}, {0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xeffffffd, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x9, 0x2, 0xa46}, {}, {}, {0x6}, {}, {0x0, 0x2, 0x0, 0x0, 0x40000000}, {0x0, 0x0, 0x0, 0x0, 0x1c69, 0x100}, {0x0, 0x0, 0x10000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x20, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x7, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x6}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5a9}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x1}, {}, {0x0, 0xfe}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x400, 0x8000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1, 0x8000}, {0x0, 0x3}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8001}, {0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x2400000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffe00}, {}, {}, {}, {0x0, 0x0, 0x0, 0x675, 0x8}, {0x0, 0x0, 0x0, 0x3}, {0x9}, {}, {0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x4}, {}, {0x400, 0x0, 0x0, 0xfffffffe}, {0x0, 0xfffffffd}, {0x0, 0xffffffff}, {0x0, 0x0, 0xabd, 0x0, 0x0, 0x5}, {}, {0x0, 0xdd86}, {0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x40000, 0x0, 0x0, 0x0, 0x0, 0x451d}, {}, {0x0, 0x0, 0x0, 0x0, 0x3ff}, {0x4}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, {0x0, 0x80000}, {}, {}, {0x80000000, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x212, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4000000}], [{}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7}, {}, {0x0, 0x1}, {0x3}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x3}, {0x3}, {0x2, 0x1}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xe}, {}, {}, {}, {0x2}, {0x4}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {}, {0x7, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb8}}, 0x0)
r11 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xf, 0x14, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000060000000000000006000000181100007aa43ce9457a33e93d2bd339fd11ea4218694e587a463349db2f7253ac57aadee1774b3ad0c16455917704e45d2d78682a1ea91aa51dec32915a3798359df5644a5ad504fb09ce86202430d92cacd25dd37e446f80aef825f506f51b57212fca773dc7307705b6b1cb3d0beb964d5cd49f9ab5311326d85ee2b9cfd11e59c4ad611a3245a7924c8f11daf5ddceaa50bc3a", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000183500000300000000000000000000004f1bf0ff0000000005160300010000009500000000000000bf91000000000000b702000002000000850000006fa718b6b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @cgroup_device, r3, 0x8, &(0x7f0000000340)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x4, 0xb, 0x6, 0xffffffff}, 0x10, 0x0, r3, 0x2, &(0x7f0000000400)=[r5], &(0x7f0000000440)=[{0x4, 0x4, 0xc, 0x7}, {0x2, 0x1, 0x6, 0x6}], 0x10, 0x10, @void, @value}, 0x94)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
socket$unix(0x1, 0x1, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(r3, &(0x7f0000000b80)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000900)={0x84, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2e}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4e}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x30}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}]}, 0x84}, 0x1, 0x0, 0x0, 0xc002001}, 0x80)

1.220352892s ago: executing program 0 (id=2892):
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r2, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

1.133247003s ago: executing program 0 (id=2893):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

1.098453524s ago: executing program 0 (id=2894):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
futimesat(r1, &(0x7f0000000000)='./file1\x00', 0x0)

1.082367464s ago: executing program 1 (id=2895):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000140))

1.038967495s ago: executing program 1 (id=2896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
unlinkat(0xffffffffffffffff, 0x0, 0x200)

1.001829975s ago: executing program 1 (id=2898):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x0, 0x40, 0x6, 0x0, 0x0, 0x4d299, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7, 0x800, 0x3, 0xb, 0x2, 0x3f7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'geneve0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000000)={0x11, 0x3, r2, 0x1, 0x0, 0x6, @local}, 0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xc}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000)

1.001345065s ago: executing program 0 (id=2899):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)

946.061586ms ago: executing program 3 (id=2901):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
capset(0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca", 0x79}], 0x1}}], 0x1, 0xc0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

945.286226ms ago: executing program 1 (id=2902):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a30000000000800054000000000080008400000000014000000110001"], 0x6c}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

924.920656ms ago: executing program 3 (id=2903):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f40)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r0 = fspick(0xffffffffffffff9c, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000001dc0), r1)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r3, @ANYRES16=r0, @ANYRES32=r3, @ANYRESOCT=r3], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x80000}, 0x18)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile(r5, r5, 0x0, 0x7ffff000) (fail_nth: 3)

920.106686ms ago: executing program 2 (id=2904):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

890.327867ms ago: executing program 1 (id=2905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="010000000400000008"], 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400)
syz_emit_ethernet(0x4e, &(0x7f0000000080)=ANY=[@ANYRESOCT=0x0], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getpid()
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r2, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r2, 0x26, &(0x7f00000031c0)={0x1})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)

889.903466ms ago: executing program 0 (id=2906):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000180)={0x65f5, 0x1, 0xff})
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000300)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
ioctl$TIOCMSET(0xffffffffffffffff, 0x5418, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x40}, 0x18) (async)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
pwrite64(r1, &(0x7f0000000480)='2', 0x1, 0x8080c64)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc68, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000380)='kfree\x00', r5}, 0x18) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001100)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}) (rerun: 64)
sendmmsg$unix(r7, &(0x7f00000000c0), 0x3f, 0x0)
ioctl$sock_TIOCINQ(r8, 0x541b, &(0x7f0000000100)) (async, rerun: 64)
sendfile(r6, r6, 0x0, 0x800000009) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRES16=r10, @ANYRESHEX=r10], 0x48)

849.113747ms ago: executing program 2 (id=2907):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2, &(0x7f0000000280)=ANY=[@ANYRESDEC], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000ffdbdf251000000020000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r6, @ANYBLOB="35db3c4b7ccd0258b78c85ad881c06a26913fc0f181f0ab0114010430b765d77a4a4f3ee39c92153e562f6714b2d873f61337b0184a2e37c35e65256942475ec0ba7870dd7e8f2f6c3f0c481fd61d56a85dc9d49ac81231815497507c8dc07ff1167dad236daa7fff088d4bf6149ea60fea8cb7f07000100000000000000b8e95332de47c15c11cbec9e4168f4dbe47003087dcc9160fde94dbc1ded1fefc184a131c046ee3a89488b75bb0b447da674b065312231322a1d6cdbc545f3d728f292646b7b438625ce27b7bdfe542cd26f"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x40400c0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000600)={&(0x7f0000000a00)={0x280, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}]}, @ETHTOOL_A_STRSET_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_STRSET_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x8c, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xcaa93e9beeb48734}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xf0, 0x2, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}]}]}, 0x280}}, 0x3000c014)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a32"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (fail_nth: 1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r10=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r10, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x8, 0x0, 0xf9, 0x2, 0x0, 0x5, 0x100, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x0, @perf_config_ext={0xffffffff, 0x40}, 0x1108, 0x8, 0xf0d8, 0x5, 0x9, 0x10000, 0x1, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r12, 0xc008240a, &(0x7f0000000000)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r11}, 0x10)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r13}, 0x10)
close(r0)

712.65576ms ago: executing program 3 (id=2908):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000100))

711.92094ms ago: executing program 4 (id=2909):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

336.284445ms ago: executing program 2 (id=2910):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, &(0x7f0000000200)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, 0x0, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1b, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x82}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x7, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, 0x0, 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2e, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
socket$phonet(0x23, 0x2, 0x1)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r4, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x2, 0x9, 0x9}}}}]}, 0x48}}, 0x44080)
syz_emit_ethernet(0x52, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0x3}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4000)
sendmmsg$inet(r6, &(0x7f0000006300)=[{{&(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @multicast1}}}], 0x20}}], 0x1, 0x0)

335.889425ms ago: executing program 4 (id=2911):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x800000, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x40, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x40}}, 0x0)

292.064406ms ago: executing program 3 (id=2912):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2, &(0x7f0000000280)=ANY=[@ANYRESDEC], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000ffdbdf251000000020000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r6, @ANYBLOB="35db3c4b7ccd0258b78c85ad881c06a26913fc0f181f0ab0114010430b765d77a4a4f3ee39c92153e562f6714b2d873f61337b0184a2e37c35e65256942475ec0ba7870dd7e8f2f6c3f0c481fd61d56a85dc9d49ac81231815497507c8dc07ff1167dad236daa7fff088d4bf6149ea60fea8cb7f07000100000000000000b8e95332de47c15c11cbec9e4168f4dbe47003087dcc9160fde94dbc1ded1fefc184a131c046ee3a89488b75bb0b447da674b065312231322a1d6cdbc545f3d728f292646b7b438625ce27b7bdfe542cd26f"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x40400c0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000600)={&(0x7f0000000a00)={0x280, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}]}, @ETHTOOL_A_STRSET_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_STRSET_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x8c, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xcaa93e9beeb48734}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xf0, 0x2, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}]}]}, 0x280}}, 0x3000c014)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a32"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r10=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r10, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x8, 0x0, 0xf9, 0x2, 0x0, 0x5, 0x100, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x0, @perf_config_ext={0xffffffff, 0x40}, 0x1108, 0x8, 0xf0d8, 0x5, 0x9, 0x10000, 0x1, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r12, 0xc008240a, &(0x7f0000000000)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r11}, 0x10)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r13}, 0x10)
close(r0)

290.968616ms ago: executing program 4 (id=2913):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x0, 0x40, 0x6, 0x0, 0x0, 0x4d299, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7, 0x800, 0x3, 0xb, 0x2, 0x3f7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xc}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000)

230.498677ms ago: executing program 0 (id=2914):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff06)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3400000004080006dc000240886400"/27], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
socket$packet(0x11, 0x2, 0x300)
preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c000000000000000000000c850000006d00000095"], &(0x7f0000001800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='9p_protocol_dump\x00', r3}, 0x10)

208.555507ms ago: executing program 4 (id=2915):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mq_timedreceive(0xffffffffffffffff, 0x0, 0xfffffffffffffee3, 0x1, 0x0)

133.877958ms ago: executing program 3 (id=2916):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)

132.053078ms ago: executing program 4 (id=2917):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, &(0x7f0000000200)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1b, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x82}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x7, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, 0x0, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2d, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
socket$phonet(0x23, 0x2, 0x1)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r4, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x2, 0x9, 0x9}}}}]}, 0x48}}, 0x44080)
syz_emit_ethernet(0x52, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0x3}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4000)
sendmmsg$inet(r6, &(0x7f0000006300)=[{{&(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @multicast1}}}], 0x20}}], 0x1, 0x0)

19.87417ms ago: executing program 3 (id=2918):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup(r0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x44)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000180)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f00000003c0)=ANY=[@ANYRESOCT, @ANYRESOCT], 0x27)
fallocate(r0, 0x1, 0x7, 0x5)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$nci(r4, 0x0, 0xfffffeea)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="160000000000000004000000ffff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000400e94d287d9781d74d9849643c3000000000000000000000000000077533d215741d5a4c62ce8486351dcce6f"], 0x48)
symlink(0x0, 0x0)

0s ago: executing program 1 (id=2919):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r0, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r0], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=@newtfilter={0x24, 0x29, 0xd27, 0x1004001, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {}, {0x2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x48c0)
link(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='./file0\x00')

kernel console output (not intermixed with test programs):

0-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.041937][ T9828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2139'.
[  164.051902][ T9828] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2139'.
[  164.061087][ T9828] netlink: 2428 bytes leftover after parsing attributes in process `syz.2.2139'.
[  164.070335][ T9828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2139'.
[  164.094206][ T9818] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  164.094206][ T9818]    program syz.4.2135 not setting count and/or reply_len properly
[  164.205610][ T9840] ALSA: seq fatal error: cannot create timer (-22)
[  164.235629][ T9844] vcan0: entered allmulticast mode
[  164.241279][ T9844] vcan0: left allmulticast mode
[  164.292993][ T9849] loop3: detected capacity change from 0 to 1024
[  164.332531][ T9849] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.407322][ T9849] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2148: Abort forced by user
[  164.418264][ T9849] EXT4-fs (loop3): Remounting filesystem read-only
[  164.424827][ T9849] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  164.474604][ T9859] loop2: detected capacity change from 0 to 2048
[  164.481552][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.497178][ T9859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.510445][ T9859] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.517113][ T9864] loop3: detected capacity change from 0 to 512
[  164.536882][ T9864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.555382][ T9864] ext4 filesystem being mounted at /410/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.568052][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.586120][ T9864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.655527][ T9875] ALSA: seq fatal error: cannot create timer (-22)
[  164.662748][ T9286] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set
[  164.715994][ T9286] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 330 with error 117
[  164.728639][ T9286] EXT4-fs (loop2): This should not happen!! Data will be lost
[  164.728639][ T9286] 
[  164.948518][ T9887] loop4: detected capacity change from 0 to 1024
[  164.994960][ T9887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.038753][ T9887] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.340391][ T9899] tmpfs: Bad value for 'mpol'
[  165.380714][ T9902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2165'.
[  165.405382][ T9902] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2165'.
[  165.414512][ T9902] netlink: 2428 bytes leftover after parsing attributes in process `syz.3.2165'.
[  165.423700][ T9902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2165'.
[  165.442890][ T9906] ALSA: seq fatal error: cannot create timer (-22)
[  165.454932][ T9904] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2166'.
[  165.602594][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.627039][ T9929] loop4: detected capacity change from 0 to 512
[  165.639560][ T9929] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  165.650821][ T9929] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  165.659481][ T9929] System zones: 1-12
[  165.664556][ T9929] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  165.681418][ T9929] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2177: corrupted inode contents
[  165.693832][ T9929] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #11: comm syz.4.2177: mark_inode_dirty error
[  165.706636][ T9929] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2177: invalid indirect mapped block 1 (level 1)
[  165.735900][ T9929] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2177: corrupted inode contents
[  165.745773][ T9937] ALSA: seq fatal error: cannot create timer (-22)
[  165.874477][ T9929] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  165.891319][ T9929] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2177: corrupted inode contents
[  165.943063][ T9929] EXT4-fs error (device loop4): ext4_truncate:4597: inode #11: comm syz.4.2177: mark_inode_dirty error
[  165.968683][ T9949] loop3: detected capacity change from 0 to 2048
[  165.972043][ T9929] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  165.987855][ T9929] EXT4-fs (loop4): 1 truncate cleaned up
[  165.993907][ T9929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.029285][ T9949]  loop3: p1 < > p4
[  166.033757][ T9949] loop3: p4 size 8388608 extends beyond EOD, truncated
[  166.053467][ T9929] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  166.053467][ T9929]    program syz.4.2177 not setting count and/or reply_len properly
[  166.114638][ T9956] loop3: detected capacity change from 0 to 2048
[  166.127883][ T9956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.141162][ T9956] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.200040][   T29] kauditd_printk_skb: 1354 callbacks suppressed
[  166.200059][   T29] audit: type=1326 audit(1750373584.055:24111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe92b7358e7 code=0x7ffc0000
[  166.279455][   T31] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set
[  166.306438][   T29] audit: type=1326 audit(1750373584.105:24112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe92b6dab19 code=0x7ffc0000
[  166.329995][   T29] audit: type=1326 audit(1750373584.105:24113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe92b7358e7 code=0x7ffc0000
[  166.353437][   T29] audit: type=1326 audit(1750373584.105:24114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe92b6dab19 code=0x7ffc0000
[  166.376958][   T29] audit: type=1326 audit(1750373584.105:24115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe92b73e929 code=0x7ffc0000
[  166.396270][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 134 with error 117
[  166.400393][   T29] audit: type=1326 audit(1750373584.115:24116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe92b7358e7 code=0x7ffc0000
[  166.412874][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[  166.412874][   T31] 
[  166.436245][   T29] audit: type=1326 audit(1750373584.115:24117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe92b6dab19 code=0x7ffc0000
[  166.469563][   T29] audit: type=1326 audit(1750373584.115:24118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe92b73e929 code=0x7ffc0000
[  166.493086][   T29] audit: type=1326 audit(1750373584.115:24119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe92b7358e7 code=0x7ffc0000
[  166.516532][   T29] audit: type=1326 audit(1750373584.115:24120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9915 comm="syz.1.2171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe92b6dab19 code=0x7ffc0000
[  166.520862][ T9962] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  166.520862][ T9962]    program syz.1.2187 not setting count and/or reply_len properly
[  166.587343][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.674433][ T9974] netlink: 'syz.4.2192': attribute type 1 has an invalid length.
[  166.866828][ T9990] ALSA: seq fatal error: cannot create timer (-22)
[  166.893883][ T9993] loop4: detected capacity change from 0 to 512
[  166.910520][ T9993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.913270][ T9995] loop2: detected capacity change from 0 to 512
[  166.928537][ T9993] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.930125][ T9995] EXT4-fs: Ignoring removed mblk_io_submit option
[  166.955647][ T9995] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  166.965633][ T9995] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  166.970296][ T9993] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.991342][ T9995] System zones: 1-12
[  166.995894][ T9995] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.2201: corrupted in-inode xattr: e_value size too large
[  167.011361][ T9995] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2201: couldn't read orphan inode 15 (err -117)
[  167.026964][ T9995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.051244][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.077604][ T9995] pim6reg: entered allmulticast mode
[  167.086405][T10009] ªªªªªª: renamed from vlan0 (while UP)
[  167.094054][ T9995] pim6reg: left allmulticast mode
[  167.195401][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.221419][T10022] loop4: detected capacity change from 0 to 1024
[  167.234559][T10023] loop3: detected capacity change from 0 to 1024
[  167.249955][T10023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.263750][T10022] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.277267][T10022] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.286559][T10033] loop2: detected capacity change from 0 to 256
[  167.300294][T10023] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2211: Abort forced by user
[  167.317661][T10033] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  167.328639][T10023] EXT4-fs (loop3): Remounting filesystem read-only
[  167.335408][T10023] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  167.363987][T10033] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  167.374994][T10033] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  167.393804][T10033] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  167.416830][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.431565][T10033] lo speed is unknown, defaulting to 1000
[  167.444933][T10044] loop3: detected capacity change from 0 to 512
[  167.475024][T10044] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  167.488465][T10044] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  167.493669][T10048] loop4: detected capacity change from 0 to 512
[  167.503435][T10044] System zones: 1-12
[  167.510925][T10044] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  167.542173][T10044] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2219: corrupted inode contents
[  167.557111][T10048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.569796][T10044] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2219: mark_inode_dirty error
[  167.579725][T10048] ext4 filesystem being mounted at /427/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  167.593660][T10044] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2219: invalid indirect mapped block 1 (level 1)
[  167.622912][T10044] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2219: corrupted inode contents
[  167.658646][T10044] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  167.659874][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.683181][T10044] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2219: corrupted inode contents
[  167.701987][T10044] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2219: mark_inode_dirty error
[  167.717303][T10044] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  167.726797][T10044] EXT4-fs (loop3): 1 truncate cleaned up
[  167.733777][T10044] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.774914][T10044] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  167.774914][T10044]    program syz.3.2219 not setting count and/or reply_len properly
[  167.821401][T10069] loop4: detected capacity change from 0 to 1024
[  167.833331][T10071] loop2: detected capacity change from 0 to 164
[  167.841695][T10071] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.857339][T10071] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.858995][T10069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.881435][T10069] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2229: Abort forced by user
[  167.891781][T10071] Symlink component flag not implemented
[  167.897634][T10071] Symlink component flag not implemented
[  167.904769][T10069] EXT4-fs (loop4): Remounting filesystem read-only
[  167.911404][T10069] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  167.923771][T10071] Symlink component flag not implemented (7)
[  167.929842][T10071] Symlink component flag not implemented (116)
[  167.953643][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.985219][T10085] loop4: detected capacity change from 0 to 512
[  167.995554][T10084] loop2: detected capacity change from 0 to 1024
[  168.007375][T10084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.007739][T10085] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.020894][T10084] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.033160][T10085] ext4 filesystem being mounted at /431/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  168.067119][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.155050][T10098] x_tables: ip_tables: ah match: only valid for protocol 51
[  168.166563][T10098] 9pnet_fd: Insufficient options for proto=fd
[  168.255175][T10109] loop4: detected capacity change from 0 to 512
[  168.262313][T10109] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  168.263489][T10109] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  168.279240][T10109] System zones: 1-12
[  168.283877][T10109] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  168.299744][T10109] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2244: corrupted inode contents
[  168.312012][T10109] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #11: comm syz.4.2244: mark_inode_dirty error
[  168.312702][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.334786][T10109] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2244: invalid indirect mapped block 1 (level 1)
[  168.355335][T10109] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2244: corrupted inode contents
[  168.363526][T10114] loop3: detected capacity change from 0 to 512
[  168.373729][T10109] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  168.383015][T10109] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2244: corrupted inode contents
[  168.395144][T10109] EXT4-fs error (device loop4): ext4_truncate:4597: inode #11: comm syz.4.2244: mark_inode_dirty error
[  168.398319][T10114] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.407500][T10109] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  168.426901][T10114] ext4 filesystem being mounted at /423/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  168.428144][T10109] EXT4-fs (loop4): 1 truncate cleaned up
[  168.444136][T10109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.472096][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.485716][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.495043][T10118] loop2: detected capacity change from 0 to 2048
[  168.507274][T10118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.528444][T10118] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.559729][T10126] ALSA: seq fatal error: cannot create timer (-22)
[  168.569885][T10126] loop4: detected capacity change from 0 to 512
[  168.577993][T10126] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.587216][T10126] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  168.616650][T10126] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  168.631380][T10126] System zones: 1-12
[  168.647753][T10126] EXT4-fs (loop4): 1 truncate cleaned up
[  168.656280][T10126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.672597][ T9286] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set
[  168.691529][ T9286] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 243 with error 117
[  168.704290][ T9286] EXT4-fs (loop2): This should not happen!! Data will be lost
[  168.704290][ T9286] 
[  168.828119][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.294532][T10118] syz.2.2247 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  169.308788][T10118] CPU: 1 UID: 0 PID: 10118 Comm: syz.2.2247 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  169.308950][T10118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.308970][T10118] Call Trace:
[  169.308978][T10118]  <TASK>
[  169.308987][T10118]  __dump_stack+0x1d/0x30
[  169.309015][T10118]  dump_stack_lvl+0xe8/0x140
[  169.309042][T10118]  dump_stack+0x15/0x1b
[  169.309064][T10118]  dump_header+0x81/0x220
[  169.309155][T10118]  oom_kill_process+0x334/0x3f0
[  169.309258][T10118]  out_of_memory+0x979/0xb80
[  169.309299][T10118]  try_charge_memcg+0x5e6/0x9e0
[  169.309334][T10118]  obj_cgroup_charge_pages+0xa6/0x150
[  169.309452][T10118]  __memcg_kmem_charge_page+0x9f/0x170
[  169.309493][T10118]  __alloc_frozen_pages_noprof+0x188/0x360
[  169.309541][T10118]  alloc_pages_mpol+0xb3/0x250
[  169.309581][T10118]  alloc_pages_noprof+0x90/0x130
[  169.309631][T10118]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  169.309758][T10118]  __kvmalloc_node_noprof+0x30f/0x4e0
[  169.309796][T10118]  ? ip_set_alloc+0x1f/0x30
[  169.309834][T10118]  ? ip_set_alloc+0x1f/0x30
[  169.309963][T10118]  ? __kmalloc_cache_noprof+0x189/0x320
[  169.310002][T10118]  ip_set_alloc+0x1f/0x30
[  169.310055][T10118]  hash_netiface_create+0x282/0x740
[  169.310089][T10118]  ? __pfx_hash_netiface_create+0x10/0x10
[  169.310190][T10118]  ip_set_create+0x3cc/0x960
[  169.310302][T10118]  ? __nla_parse+0x40/0x60
[  169.310321][T10118]  nfnetlink_rcv_msg+0x4c6/0x590
[  169.310346][T10118]  ? put_dec+0xd3/0xe0
[  169.310436][T10118]  ? selinux_capable+0x1f9/0x270
[  169.310500][T10118]  netlink_rcv_skb+0x123/0x220
[  169.310537][T10118]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  169.310576][T10118]  nfnetlink_rcv+0x16b/0x1690
[  169.310634][T10118]  ? __kfree_skb+0x109/0x150
[  169.310672][T10118]  ? nlmon_xmit+0x4f/0x60
[  169.310699][T10118]  ? consume_skb+0x49/0x150
[  169.310759][T10118]  ? nlmon_xmit+0x4f/0x60
[  169.310818][T10118]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  169.310858][T10118]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  169.310896][T10118]  ? __dev_queue_xmit+0x182/0x1fb0
[  169.310932][T10118]  ? ref_tracker_free+0x37d/0x3e0
[  169.310968][T10118]  ? __netlink_deliver_tap+0x4dc/0x500
[  169.311080][T10118]  netlink_unicast+0x5a1/0x670
[  169.311214][T10118]  netlink_sendmsg+0x58b/0x6b0
[  169.311242][T10118]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.311307][T10118]  __sock_sendmsg+0x145/0x180
[  169.311411][T10118]  ____sys_sendmsg+0x31e/0x4e0
[  169.311450][T10118]  ___sys_sendmsg+0x17b/0x1d0
[  169.311545][T10118]  __x64_sys_sendmsg+0xd4/0x160
[  169.311605][T10118]  x64_sys_call+0x2999/0x2fb0
[  169.311628][T10118]  do_syscall_64+0xd2/0x200
[  169.311654][T10118]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.311750][T10118]  ? clear_bhb_loop+0x40/0x90
[  169.311807][T10118]  ? clear_bhb_loop+0x40/0x90
[  169.311829][T10118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.311850][T10118] RIP: 0033:0x7fbf9517e929
[  169.311865][T10118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.311960][T10118] RSP: 002b:00007fbf937e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.311991][T10118] RAX: ffffffffffffffda RBX: 00007fbf953a5fa0 RCX: 00007fbf9517e929
[  169.312008][T10118] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004
[  169.312020][T10118] RBP: 00007fbf95200b39 R08: 0000000000000000 R09: 0000000000000000
[  169.312032][T10118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.312044][T10118] R13: 0000000000000000 R14: 00007fbf953a5fa0 R15: 00007ffceb7446e8
[  169.312062][T10118]  </TASK>
[  169.312069][T10118] memory: usage 307200kB, limit 307200kB, failcnt 1107
[  169.470664][T10153] loop3: detected capacity change from 0 to 512
[  169.474002][T10118] memory+swap: usage 308440kB, limit 9007199254740988kB, failcnt 0
[  169.474022][T10118] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  169.487937][T10153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.492312][T10118] Memory cgroup stats for /syz2:
[  169.492724][T10118] cache 12288
[  169.498247][T10153] ext4 filesystem being mounted at /426/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  169.501983][T10118] rss 0
[  169.501993][T10118] shmem 0
[  169.502002][T10118] mapped_file 0
[  169.732890][T10118] dirty 0
[  169.732901][T10118] writeback 0
[  169.732911][T10118] workingset_refault_anon 756
[  169.732957][T10118] workingset_refault_file 1540
[  169.732966][T10118] swap 1269760
[  169.732973][T10118] swapcached 0
[  169.732979][T10118] pgpgin 128658
[  169.732987][T10118] pgpgout 128654
[  169.732997][T10118] pgfault 150887
[  169.766235][T10118] pgmajfault 452
[  169.769830][T10118] inactive_anon 0
[  169.773498][T10118] active_anon 0
[  169.777070][T10118] inactive_file 16384
[  169.781158][T10118] active_file 0
[  169.784701][T10118] unevictable 0
[  169.788289][T10118] hierarchical_memory_limit 314572800
[  169.793743][T10118] hierarchical_memsw_limit 9223372036854771712
[  169.799956][T10118] total_cache 12288
[  169.803908][T10118] total_rss 0
[  169.807240][T10118] total_shmem 0
[  169.810736][T10118] total_mapped_file 0
[  169.814744][T10118] total_dirty 0
[  169.818248][T10118] total_writeback 0
[  169.822188][T10118] total_workingset_refault_anon 756
[  169.827448][T10118] total_workingset_refault_file 1540
[  169.832815][T10118] total_swap 1269760
[  169.836756][T10118] total_swapcached 0
[  169.840765][T10118] total_pgpgin 128658
[  169.844824][T10118] total_pgpgout 128654
[  169.848956][T10118] total_pgfault 150887
[  169.853157][T10118] total_pgmajfault 452
[  169.857394][T10118] total_inactive_anon 0
[  169.861613][T10118] total_active_anon 0
[  169.865698][T10118] total_inactive_file 16384
[  169.870379][T10118] total_active_file 0
[  169.874468][T10118] total_unevictable 0
[  169.878523][T10118] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2247,pid=10117,uid=0
[  169.893604][T10118] Memory cgroup out of memory: Killed process 10117 (syz.2.2247) total-vm:95932kB, anon-rss:936kB, file-rss:22436kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  169.936999][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.020997][T10167] ALSA: seq fatal error: cannot create timer (-22)
[  170.052620][T10168] loop3: detected capacity change from 0 to 4096
[  170.232965][T10168] loop3: detected capacity change from 0 to 512
[  170.241244][T10168] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  170.252598][T10168] EXT4-fs (loop3): 1 truncate cleaned up
[  170.259814][T10168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.345368][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.362646][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.406560][T10190] loop2: detected capacity change from 0 to 512
[  170.427579][T10190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.440700][T10190] ext4 filesystem being mounted at /402/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.462863][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.566483][T10197] loop2: detected capacity change from 0 to 4096
[  170.821093][T10197] loop2: detected capacity change from 0 to 512
[  170.830456][T10197] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  170.853898][T10197] EXT4-fs (loop2): 1 truncate cleaned up
[  170.865761][T10197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.009829][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.100931][T10238] vcan0: entered allmulticast mode
[  171.101244][T10238] vcan0: left allmulticast mode
[  171.246392][   T29] kauditd_printk_skb: 1262 callbacks suppressed
[  171.246407][   T29] audit: type=1326 audit(1750373589.105:25383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.309911][   T29] audit: type=1326 audit(1750373589.135:25384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.333571][   T29] audit: type=1326 audit(1750373589.145:25385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.357346][   T29] audit: type=1326 audit(1750373589.145:25386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.381020][   T29] audit: type=1326 audit(1750373589.145:25387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.404731][   T29] audit: type=1326 audit(1750373589.145:25388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.428324][   T29] audit: type=1326 audit(1750373589.145:25389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.451988][   T29] audit: type=1326 audit(1750373589.145:25390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.475664][   T29] audit: type=1326 audit(1750373589.145:25391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.499435][   T29] audit: type=1326 audit(1750373589.145:25392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10255 comm="syz.4.2299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  171.547404][T10260] loop2: detected capacity change from 0 to 164
[  171.557528][T10260] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  171.570081][T10260] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  171.579234][T10260] Symlink component flag not implemented
[  171.584904][T10260] Symlink component flag not implemented
[  171.596587][T10260] Symlink component flag not implemented (7)
[  171.602706][T10260] Symlink component flag not implemented (116)
[  171.629487][T10273] openvswitch: netlink: Message has 6 unknown bytes.
[  171.703123][T10283] __nla_validate_parse: 8 callbacks suppressed
[  171.703139][T10283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2310'.
[  171.753787][T10280] vcan0: entered allmulticast mode
[  171.771038][T10280] vcan0: left allmulticast mode
[  171.861158][T10297] loop2: detected capacity change from 0 to 2048
[  171.933964][T10297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.947493][T10297] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.968055][T10311] 9pnet_fd: Insufficient options for proto=fd
[  172.011742][T10302] x_tables: ip_tables: ah match: only valid for protocol 51
[  172.109731][ T9286] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set
[  172.159659][ T9286] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 224 with error 117
[  172.174368][ T9286] EXT4-fs (loop2): This should not happen!! Data will be lost
[  172.174368][ T9286] 
[  172.245939][T10325] sctp: [Deprecated]: syz.3.2324 (pid 10325) Use of struct sctp_assoc_value in delayed_ack socket option.
[  172.245939][T10325] Use struct sctp_sack_info instead
[  172.274129][   T63] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 240 with max blocks 2 with error 117
[  172.286662][   T63] EXT4-fs (loop2): This should not happen!! Data will be lost
[  172.286662][   T63] 
[  172.354212][T10329] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2327'.
[  172.364914][T10329] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2327'.
[  172.374104][T10329] netlink: 2428 bytes leftover after parsing attributes in process `syz.1.2327'.
[  172.383381][T10329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2327'.
[  172.429953][T10334] vhci_hcd: invalid port number 96
[  172.435121][T10334] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  172.560582][T10340] loop4: detected capacity change from 0 to 512
[  172.588100][T10340] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.600742][T10340] ext4 filesystem being mounted at /456/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.675718][T10346] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  172.684250][T10346] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  173.021514][T10363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2339'.
[  173.046264][T10363] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2339'.
[  173.055368][T10363] netlink: 2428 bytes leftover after parsing attributes in process `syz.3.2339'.
[  173.201828][T10367] loop3: detected capacity change from 0 to 164
[  173.230755][T10367] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  173.267851][T10377] loop2: detected capacity change from 0 to 164
[  173.276254][T10367] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  173.284796][T10367] Symlink component flag not implemented
[  173.290515][T10367] Symlink component flag not implemented
[  173.296862][T10367] Symlink component flag not implemented (7)
[  173.302955][T10367] Symlink component flag not implemented (116)
[  173.303137][T10377] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  173.336319][T10377] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  173.359869][T10377] Symlink component flag not implemented
[  173.365676][T10377] Symlink component flag not implemented
[  173.372301][T10377] Symlink component flag not implemented (7)
[  173.378364][T10377] Symlink component flag not implemented (116)
[  173.412049][T10383] loop2: detected capacity change from 0 to 1024
[  173.414459][T10384] 9pnet_fd: Insufficient options for proto=fd
[  173.591404][T10379] x_tables: ip_tables: ah match: only valid for protocol 51
[  173.639932][T10400] openvswitch: netlink: Message has 6 unknown bytes.
[  173.701314][T10405] loop4: detected capacity change from 0 to 4096
[  173.744925][T10407] loop3: detected capacity change from 0 to 2048
[  173.769636][T10409] loop2: detected capacity change from 0 to 256
[  173.790961][T10409] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  173.811524][T10407]  loop3: p1 < > p4
[  173.817880][T10407] loop3: p4 size 8388608 extends beyond EOD, truncated
[  173.832197][T10409] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  173.861631][T10409] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  173.897238][T10409] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  173.936720][T10410] lo speed is unknown, defaulting to 1000
[  173.972134][T10405] loop4: detected capacity change from 0 to 512
[  173.981032][T10415] loop3: detected capacity change from 0 to 512
[  173.995636][T10405] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  174.010895][T10415] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  174.029931][T10405] EXT4-fs (loop4): 1 truncate cleaned up
[  174.036293][T10415] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  174.055339][T10415] System zones: 1-12
[  174.062990][T10415] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  174.095431][T10415] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2361: corrupted inode contents
[  174.120394][T10415] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2361: mark_inode_dirty error
[  174.166880][T10415] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2361: invalid indirect mapped block 1 (level 1)
[  174.185363][T10415] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2361: corrupted inode contents
[  174.203461][T10415] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  174.212392][T10415] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2361: corrupted inode contents
[  174.224458][T10415] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2361: mark_inode_dirty error
[  174.240854][T10415] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  174.250260][T10415] EXT4-fs (loop3): 1 truncate cleaned up
[  174.277418][T10423] loop2: detected capacity change from 0 to 2048
[  174.297774][T10423] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.343575][T10430] vcan0: entered allmulticast mode
[  174.349594][T10430] vcan0: left allmulticast mode
[  174.994431][T10444] loop4: detected capacity change from 0 to 2048
[  175.066545][T10444]  loop4: p1 < > p4
[  175.072320][T10444] loop4: p4 size 8388608 extends beyond EOD, truncated
[  175.114456][T10450] netlink: 'syz.0.2372': attribute type 10 has an invalid length.
[  175.125405][T10450] batman_adv: batadv0: Adding interface: team0
[  175.131740][T10450] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  175.226857][T10455] loop4: detected capacity change from 0 to 256
[  175.256745][T10455] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  175.288021][T10455] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  175.322309][ T9286] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set
[  175.345485][T10455] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  175.362049][ T9286] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  175.374926][ T9286] EXT4-fs (loop2): This should not happen!! Data will be lost
[  175.374926][ T9286] 
[  175.386286][T10455] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  175.405457][T10457] lo speed is unknown, defaulting to 1000
[  175.412020][T10459] loop3: detected capacity change from 0 to 1024
[  175.439058][   T63] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  175.452056][   T63] EXT4-fs (loop2): This should not happen!! Data will be lost
[  175.452056][   T63] 
[  175.461797][   T63] EXT4-fs (loop2): Total free blocks count 0
[  175.467905][   T63] EXT4-fs (loop2): Free/Dirty block details
[  175.473819][   T63] EXT4-fs (loop2): free_blocks=0
[  175.478849][   T63] EXT4-fs (loop2): dirty_blocks=2048
[  175.484191][   T63] EXT4-fs (loop2): Block reservation details
[  175.490362][   T63] EXT4-fs (loop2): i_reserved_data_blocks=128
[  175.518603][T10459] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2376: Abort forced by user
[  175.531859][T10459] EXT4-fs (loop3): Remounting filesystem read-only
[  175.538492][T10459] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  175.698085][T10476] loop2: detected capacity change from 0 to 512
[  175.705059][T10476] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  175.706748][T10478] openvswitch: netlink: Message has 6 unknown bytes.
[  175.774611][T10476] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  175.783218][T10476] System zones: 1-12
[  175.788926][T10476] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  175.807284][T10476] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.2375: corrupted inode contents
[  175.822366][T10487] loop3: detected capacity change from 0 to 512
[  175.830800][T10487] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  175.835814][T10476] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.2375: mark_inode_dirty error
[  175.877768][T10487] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  175.896284][T10487] System zones: 1-12
[  175.912997][T10476] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2375: invalid indirect mapped block 1 (level 1)
[  175.936344][T10487] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  175.954260][T10495] loop4: detected capacity change from 0 to 512
[  175.960887][T10476] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.2375: corrupted inode contents
[  175.975497][T10487] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2384: corrupted inode contents
[  175.989387][T10495] ext4 filesystem being mounted at /470/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  176.000685][T10487] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2384: mark_inode_dirty error
[  176.012296][T10476] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  176.040174][T10487] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2384: invalid indirect mapped block 1 (level 1)
[  176.058883][T10476] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.2375: corrupted inode contents
[  176.071332][T10487] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2384: corrupted inode contents
[  176.087102][T10476] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.2375: mark_inode_dirty error
[  176.100472][T10487] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  176.147391][T10476] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  176.160214][T10487] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2384: corrupted inode contents
[  176.206338][T10487] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2384: mark_inode_dirty error
[  176.215403][T10476] EXT4-fs (loop2): 1 truncate cleaned up
[  176.253931][T10487] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  176.276989][T10487] EXT4-fs (loop3): 1 truncate cleaned up
[  176.315827][   T29] kauditd_printk_skb: 904 callbacks suppressed
[  176.315844][   T29] audit: type=1326 audit(1750373594.175:26297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.345790][   T29] audit: type=1326 audit(1750373594.175:26298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.357896][T10511] loop4: detected capacity change from 0 to 1024
[  176.432517][T10512] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  176.432517][T10512]    program syz.3.2384 not setting count and/or reply_len properly
[  176.434277][   T29] audit: type=1326 audit(1750373594.225:26299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.473531][   T29] audit: type=1326 audit(1750373594.225:26300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.497177][   T29] audit: type=1326 audit(1750373594.225:26301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.520786][   T29] audit: type=1326 audit(1750373594.285:26302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.544524][   T29] audit: type=1326 audit(1750373594.285:26303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.568234][   T29] audit: type=1326 audit(1750373594.285:26304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.587850][T10518] openvswitch: netlink: Message has 6 unknown bytes.
[  176.592795][   T29] audit: type=1326 audit(1750373594.375:26305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00f4fde929 code=0x0
[  176.621627][   T29] audit: type=1326 audit(1750373594.445:26306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f00f4fde929 code=0x7ffc0000
[  176.645815][T10511] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2393: Abort forced by user
[  176.657323][T10511] EXT4-fs (loop4): Remounting filesystem read-only
[  176.663880][T10511] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  176.720329][T10523] loop4: detected capacity change from 0 to 512
[  176.739754][T10526] loop2: detected capacity change from 0 to 164
[  176.748172][T10526] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  176.758568][T10526] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  176.772663][T10526] Symlink component flag not implemented
[  176.778388][T10526] Symlink component flag not implemented
[  176.786447][T10526] Symlink component flag not implemented (7)
[  176.792489][T10526] Symlink component flag not implemented (116)
[  176.813606][T10531] __nla_validate_parse: 5 callbacks suppressed
[  176.813621][T10531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2399'.
[  176.835953][T10531] netlink: 180 bytes leftover after parsing attributes in process `syz.4.2399'.
[  176.844000][T10533] loop2: detected capacity change from 0 to 512
[  176.845050][T10531] netlink: 2428 bytes leftover after parsing attributes in process `syz.4.2399'.
[  176.860579][T10531] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2399'.
[  176.900988][T10533] ext4 filesystem being mounted at /423/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  177.025808][T10545] loop3: detected capacity change from 0 to 4096
[  177.057774][T10554] openvswitch: netlink: Message has 6 unknown bytes.
[  177.063104][T10555] loop4: detected capacity change from 0 to 256
[  177.083798][T10555] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  177.100191][T10555] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  177.111486][T10555] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  177.143380][T10555] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  177.151244][T10551] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2406'.
[  177.162473][T10560] lo speed is unknown, defaulting to 1000
[  177.353928][T10570] loop4: detected capacity change from 0 to 2048
[  177.390815][T10545] loop3: detected capacity change from 0 to 512
[  177.399538][T10570] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.411481][T10545] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  177.461720][T10545] EXT4-fs (loop3): 1 truncate cleaned up
[  177.511503][T10580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2414'.
[  177.521712][T10580] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2414'.
[  177.530843][T10580] netlink: 2428 bytes leftover after parsing attributes in process `syz.0.2414'.
[  177.540017][T10580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2414'.
[  177.702649][   T63] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 345: padding at end of block bitmap is not set
[  177.750161][   T63] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[  177.762906][   T63] EXT4-fs (loop4): This should not happen!! Data will be lost
[  177.762906][   T63] 
[  177.799809][   T63] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 136 with error 28
[  177.812496][   T63] EXT4-fs (loop4): This should not happen!! Data will be lost
[  177.812496][   T63] 
[  177.822272][   T63] EXT4-fs (loop4): Total free blocks count 0
[  177.828381][   T63] EXT4-fs (loop4): Free/Dirty block details
[  177.834307][   T63] EXT4-fs (loop4): free_blocks=0
[  177.839340][   T63] EXT4-fs (loop4): dirty_blocks=144
[  177.844560][   T63] EXT4-fs (loop4): Block reservation details
[  177.850619][   T63] EXT4-fs (loop4): i_reserved_data_blocks=9
[  177.973314][T10597] openvswitch: netlink: Message has 6 unknown bytes.
[  177.999227][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2420'.
[  178.053167][T10603] loop3: detected capacity change from 0 to 256
[  178.070273][T10603] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  178.106529][T10603] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  178.152770][T10603] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  178.182934][T10612] ALSA: seq fatal error: cannot create timer (-22)
[  178.194153][T10603] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  178.219434][T10612] loop2: detected capacity change from 0 to 512
[  178.227143][T10612] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.234013][T10612] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  178.246472][T10610] lo speed is unknown, defaulting to 1000
[  178.345503][T10612] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  178.360540][T10612] System zones: 1-12
[  178.409119][T10612] EXT4-fs (loop2): 1 truncate cleaned up
[  178.572329][T10636] ALSA: seq fatal error: cannot create timer (-22)
[  178.699796][T10652] netlink: 'syz.2.2440': attribute type 7 has an invalid length.
[  178.707656][T10652] netlink: 'syz.2.2440': attribute type 8 has an invalid length.
[  178.761235][T10658] vcan0: entered allmulticast mode
[  178.766729][T10658] vcan0: left allmulticast mode
[  178.927285][T10649] SELinux: failed to load policy
[  178.938763][T10672] ALSA: seq fatal error: cannot create timer (-22)
[  179.122897][T10679] loop4: detected capacity change from 0 to 2048
[  179.135327][T10679] EXT4-fs: Ignoring removed bh option
[  179.141538][T10679] EXT4-fs (loop4): stripe (6) is not aligned with cluster size (16), stripe is disabled
[  179.369590][T10679] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  179.384779][T10679] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  179.397136][T10679] EXT4-fs (loop4): This should not happen!! Data will be lost
[  179.397136][T10679] 
[  179.406977][T10679] EXT4-fs (loop4): Total free blocks count 0
[  179.412979][T10679] EXT4-fs (loop4): Free/Dirty block details
[  179.418927][T10679] EXT4-fs (loop4): free_blocks=2415919104
[  179.424680][T10679] EXT4-fs (loop4): dirty_blocks=32
[  179.429883][T10679] EXT4-fs (loop4): Block reservation details
[  179.436001][T10679] EXT4-fs (loop4): i_reserved_data_blocks=2
[  179.609162][T10710] ALSA: seq fatal error: cannot create timer (-22)
[  179.673961][T10713] loop4: detected capacity change from 0 to 1024
[  179.809790][T10717] loop4: detected capacity change from 0 to 512
[  179.849583][T10717] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  179.895531][T10717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  179.903567][T10717] System zones: 1-12
[  179.946138][T10717] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  179.962183][T10711] lo speed is unknown, defaulting to 1000
[  180.016586][T10717] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2464: corrupted inode contents
[  180.059903][T10717] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #11: comm syz.4.2464: mark_inode_dirty error
[  180.087277][T10717] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2464: invalid indirect mapped block 1 (level 1)
[  180.125624][T10717] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2464: corrupted inode contents
[  180.149376][T10717] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  180.175462][T10717] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.2464: corrupted inode contents
[  180.206902][T10717] EXT4-fs error (device loop4): ext4_truncate:4597: inode #11: comm syz.4.2464: mark_inode_dirty error
[  180.225116][T10717] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  180.242901][T10717] EXT4-fs (loop4): 1 truncate cleaned up
[  180.376659][T10740] vcan0: entered allmulticast mode
[  180.382226][T10740] vcan0: left allmulticast mode
[  180.457009][T10745] loop4: detected capacity change from 0 to 164
[  180.464669][T10745] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  180.482214][T10745] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  180.492053][T10745] Symlink component flag not implemented
[  180.497807][T10745] Symlink component flag not implemented
[  180.503872][T10745] Symlink component flag not implemented (7)
[  180.509930][T10745] Symlink component flag not implemented (116)
[  180.519631][T10747] loop2: detected capacity change from 0 to 256
[  180.529208][T10747] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  180.540571][T10747] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  180.551676][T10747] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  180.564895][T10747] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  180.589771][T10747] lo speed is unknown, defaulting to 1000
[  180.601973][T10749] loop4: detected capacity change from 0 to 1024
[  180.628534][T10749] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2476: Abort forced by user
[  180.640008][T10749] EXT4-fs (loop4): Remounting filesystem read-only
[  180.646616][T10749] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  180.896487][T10759] loop4: detected capacity change from 0 to 1024
[  180.945696][T10763] loop4: detected capacity change from 0 to 512
[  180.968614][T10763] ext4 filesystem being mounted at /496/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  181.063970][T10773] loop4: detected capacity change from 0 to 256
[  181.072224][T10775] ALSA: seq fatal error: cannot create timer (-22)
[  181.127810][T10773] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  181.145929][T10773] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  181.156517][T10780] vcan0: entered allmulticast mode
[  181.163555][T10780] vcan0: left allmulticast mode
[  181.174672][T10773] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  181.209490][T10784] loop2: detected capacity change from 0 to 1024
[  181.236524][T10773] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  181.260116][T10784] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.2487: Abort forced by user
[  181.293347][T10784] EXT4-fs (loop2): Remounting filesystem read-only
[  181.300056][T10784] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  181.329616][T10773] lo speed is unknown, defaulting to 1000
[  181.387886][T10803] loop2: detected capacity change from 0 to 512
[  181.461724][T10803] ext4 filesystem being mounted at /444/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  181.474996][T10812] lo speed is unknown, defaulting to 1000
[  181.566108][T10819] loop2: detected capacity change from 0 to 2048
[  181.620796][T10819]  loop2: p1 < > p4
[  181.632713][T10819] loop2: p4 size 8388608 extends beyond EOD, truncated
[  181.851464][T10842] loop4: detected capacity change from 0 to 512
[  181.877022][T10842] ext4 filesystem being mounted at /499/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  181.923980][T10848] loop2: detected capacity change from 0 to 164
[  181.941801][T10848] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  181.973095][T10848] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  182.006128][T10848] Symlink component flag not implemented
[  182.011907][T10848] Symlink component flag not implemented
[  182.033890][T10854] x_tables: ip_tables: ah match: only valid for protocol 51
[  182.050949][T10854] 9pnet_fd: Insufficient options for proto=fd
[  182.057913][T10848] Symlink component flag not implemented (7)
[  182.063952][T10848] Symlink component flag not implemented (116)
[  182.162055][T10860] loop2: detected capacity change from 0 to 1024
[  182.201646][T10860] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.2515: Abort forced by user
[  182.222610][T10860] EXT4-fs (loop2): Remounting filesystem read-only
[  182.229358][T10860] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  182.348100][T10878] __nla_validate_parse: 13 callbacks suppressed
[  182.348115][T10878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2519'.
[  182.433352][T10888] 9pnet_fd: Insufficient options for proto=fd
[  182.444409][   T29] kauditd_printk_skb: 843 callbacks suppressed
[  182.444427][   T29] audit: type=1400 audit(1750373600.295:27150): avc:  denied  { create } for  pid=10887 comm="syz.2.2525" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_generic_socket permissive=1
[  182.468807][T10888] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  182.479549][   T29] audit: type=1400 audit(1750373600.325:27151): avc:  denied  { write } for  pid=10887 comm="syz.2.2525" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_generic_socket permissive=1
[  182.502232][   T29] audit: type=1400 audit(1750373600.325:27152): avc:  denied  { read } for  pid=10887 comm="syz.2.2525" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_generic_socket permissive=1
[  182.538929][   T29] audit: type=1400 audit(1750373600.355:27153): avc:  denied  { create } for  pid=10887 comm="syz.2.2525" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  182.559950][   T29] audit: type=1400 audit(1750373600.355:27154): avc:  denied  { read } for  pid=10887 comm="syz.2.2525" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  182.696828][T10903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2532'.
[  182.747053][T10911] openvswitch: netlink: Message has 6 unknown bytes.
[  182.852623][T10916] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2537'.
[  182.890335][T10916] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2537'.
[  182.899662][T10916] netlink: 2428 bytes leftover after parsing attributes in process `syz.1.2537'.
[  182.908898][T10916] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2537'.
[  182.954754][   T29] audit: type=1326 audit(1750373600.795:27155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10918 comm="syz.4.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  182.978525][   T29] audit: type=1326 audit(1750373600.795:27156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10918 comm="syz.4.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  183.002509][   T29] audit: type=1326 audit(1750373600.805:27157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10918 comm="syz.4.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  183.026260][   T29] audit: type=1326 audit(1750373600.805:27158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10918 comm="syz.4.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  183.049886][   T29] audit: type=1326 audit(1750373600.805:27159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10918 comm="syz.4.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  183.220101][T10941] lo speed is unknown, defaulting to 1000
[  183.239001][T10944] openvswitch: netlink: Message has 6 unknown bytes.
[  183.257167][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2545'.
[  183.359435][T10953] vcan0: entered allmulticast mode
[  183.364929][T10953] vcan0: left allmulticast mode
[  183.373579][T10955] 9pnet_fd: Insufficient options for proto=fd
[  183.518789][T10962] loop3: detected capacity change from 0 to 2048
[  183.526501][T10963] loop4: detected capacity change from 0 to 1024
[  183.625686][T10978] loop4: detected capacity change from 0 to 164
[  183.632941][T10978] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  183.643112][T10978] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  183.651998][T10978] Symlink component flag not implemented
[  183.657748][T10978] Symlink component flag not implemented
[  183.664405][T10978] Symlink component flag not implemented (7)
[  183.670469][T10978] Symlink component flag not implemented (116)
[  183.709235][T10980] loop4: detected capacity change from 0 to 2048
[  183.745731][T10980]  loop4: p1 < > p4
[  183.750224][T10980] loop4: p4 size 8388608 extends beyond EOD, truncated
[  183.784391][T10950] x_tables: ip_tables: ah match: only valid for protocol 51
[  183.861401][T10985] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2560'.
[  184.257669][T11004] lo speed is unknown, defaulting to 1000
[  184.312202][T11009] loop2: detected capacity change from 0 to 164
[  184.326453][T11009] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  184.349844][T11009] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  184.362850][T11009] Symlink component flag not implemented
[  184.368631][T11009] Symlink component flag not implemented
[  184.383700][T11009] Symlink component flag not implemented (7)
[  184.389917][T11009] Symlink component flag not implemented (116)
[  184.625803][T11017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2571'.
[  184.821616][T11025] lo speed is unknown, defaulting to 1000
[  185.038967][T11025] chnl_net:caif_netlink_parms(): no params data found
[  185.106785][T11025] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.113900][T11025] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.128404][T11025] bridge_slave_0: entered allmulticast mode
[  185.135324][T11025] bridge_slave_0: entered promiscuous mode
[  185.144104][T11025] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.151373][T11025] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.158802][T11025] bridge_slave_1: entered allmulticast mode
[  185.165440][T11025] bridge_slave_1: entered promiscuous mode
[  185.194637][T11025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.206142][T11025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.271014][T11025] team0: Port device team_slave_0 added
[  185.290868][T11025] team0: Port device team_slave_1 added
[  185.319406][T11025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.326510][T11025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.352512][T11025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.370949][T11025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.378018][T11025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.404123][T11025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.433000][T11067] openvswitch: netlink: Message has 6 unknown bytes.
[  185.452200][   T56] bridge_slave_0: left allmulticast mode
[  185.458025][   T56] bridge_slave_0: left promiscuous mode
[  185.463754][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.491197][T11074] loop2: detected capacity change from 0 to 164
[  185.498776][T11074] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  185.507938][T11074] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  185.516400][T11074] Symlink component flag not implemented
[  185.522070][T11074] Symlink component flag not implemented
[  185.527819][T11074] Symlink component flag not implemented (7)
[  185.533824][T11074] Symlink component flag not implemented (116)
[  185.540325][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.559889][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.573245][   T56] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  185.586637][   T56] bond0 (unregistering): Released all slaves
[  185.598223][   T56] bond1 (unregistering): (slave bond2): Releasing backup interface
[  185.607038][   T56] bond1 (unregistering): Released all slaves
[  185.617917][   T56] bond2 (unregistering): Released all slaves
[  185.638918][T11025] hsr_slave_0: entered promiscuous mode
[  185.645729][T11025] hsr_slave_1: entered promiscuous mode
[  185.794949][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.804811][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.162220][T11025] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  186.172648][T11025] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  186.202675][T11025] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  186.231473][T11025] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  186.329539][T11025] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.353378][T11025] 8021q: adding VLAN 0 to HW filter on device team0
[  186.372172][ T9286] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.379371][ T9286] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.403419][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.410564][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.455000][T11110] loop2: detected capacity change from 0 to 1024
[  186.502322][T11025] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.574559][T11025] veth0_vlan: entered promiscuous mode
[  186.582616][T11025] veth1_vlan: entered promiscuous mode
[  186.598585][T11025] veth0_macvtap: entered promiscuous mode
[  186.606961][T11025] veth1_macvtap: entered promiscuous mode
[  186.618520][T11025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.630349][T11025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.640218][T11025] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.649149][T11025] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.658001][T11025] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.666764][T11025] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.219681][T11153] SELinux:  Context system_u:object is not valid (left unmapped).
[  187.285059][T11159] ALSA: seq fatal error: cannot create timer (-22)
[  187.401440][T11167] loop4: detected capacity change from 0 to 2048
[  187.448653][T11167]  loop4: p1 < > p4
[  187.455350][T11167] loop4: p4 size 8388608 extends beyond EOD, truncated
[  187.487712][   T29] kauditd_printk_skb: 1686 callbacks suppressed
[  187.487768][   T29] audit: type=1326 audit(1750373605.345:28846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.552708][   T29] audit: type=1326 audit(1750373605.385:28847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7fd50987dea7 code=0x7ffc0000
[  187.576716][   T29] audit: type=1326 audit(1750373605.385:28848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.600430][   T29] audit: type=1326 audit(1750373605.385:28849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.624037][   T29] audit: type=1326 audit(1750373605.385:28850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.647676][   T29] audit: type=1326 audit(1750373605.385:28851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7fd50987dea7 code=0x7ffc0000
[  187.671318][   T29] audit: type=1326 audit(1750373605.385:28852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.671347][   T29] audit: type=1326 audit(1750373605.385:28853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.671518][   T29] audit: type=1326 audit(1750373605.385:28854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fd50987d13a code=0x7ffc0000
[  187.671543][   T29] audit: type=1326 audit(1750373605.385:28855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11166 comm="syz.4.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd50987d58a code=0x7ffc0000
[  187.928933][T11187] __nla_validate_parse: 1 callbacks suppressed
[  187.928980][T11187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2624'.
[  188.073073][T11197] ALSA: seq fatal error: cannot create timer (-22)
[  188.276958][T11211] loop4: detected capacity change from 0 to 512
[  188.291166][T11210] loop2: detected capacity change from 0 to 1024
[  188.322039][T11210] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.2632: Abort forced by user
[  188.336138][T11210] EXT4-fs (loop2): Remounting filesystem read-only
[  188.342724][T11210] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  188.357642][T11211] EXT4-fs (loop4): Invalid default hash set in the superblock
[  188.407729][T11216] ALSA: seq fatal error: cannot create timer (-22)
[  188.420182][T11216] loop2: detected capacity change from 0 to 512
[  188.427222][T11216] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.434090][T11216] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  188.444803][T11216] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  188.454320][T11216] System zones: 1-12
[  188.459087][T11216] EXT4-fs (loop2): 1 truncate cleaned up
[  188.602998][T11230] Cannot find add_set index 0 as target
[  188.612203][T11232] ALSA: seq fatal error: cannot create timer (-22)
[  188.617944][T11230] 9pnet_fd: Insufficient options for proto=fd
[  188.659393][T11237] ALSA: seq fatal error: cannot create timer (-22)
[  188.684793][T11242] loop4: detected capacity change from 0 to 164
[  188.693547][T11242] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  188.704336][T11242] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  188.713291][T11242] Symlink component flag not implemented
[  188.718993][T11242] Symlink component flag not implemented
[  188.725519][T11242] Symlink component flag not implemented (7)
[  188.731706][T11242] Symlink component flag not implemented (116)
[  188.763834][T11251] loop3: detected capacity change from 0 to 512
[  188.771156][T11251] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  188.780806][T11251] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  188.789389][T11251] System zones: 1-12
[  188.800142][T11251] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  188.818434][T11251] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2648: corrupted inode contents
[  188.830893][T11251] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2648: mark_inode_dirty error
[  188.847302][T11251] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2648: invalid indirect mapped block 1 (level 1)
[  188.870727][T11251] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2648: corrupted inode contents
[  188.887348][T11251] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  188.897387][T11251] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2648: corrupted inode contents
[  188.910542][T11251] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2648: mark_inode_dirty error
[  188.928429][T11251] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  188.945382][T11251] EXT4-fs (loop3): 1 truncate cleaned up
[  188.953596][T11251] EXT4-fs mount: 58 callbacks suppressed
[  188.953614][T11251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.011652][T11251] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  189.011652][T11251]    program syz.3.2648 not setting count and/or reply_len properly
[  189.101026][T11271] netlink: 'syz.2.2656': attribute type 1 has an invalid length.
[  189.110365][T11271] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2656'.
[  189.134139][T11271] netlink: 'syz.2.2656': attribute type 29 has an invalid length.
[  189.187875][T11287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2662'.
[  189.246352][T11294] ALSA: seq fatal error: cannot create timer (-22)
[  189.255948][T11294] loop2: detected capacity change from 0 to 512
[  189.262665][T11294] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.269755][T11294] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  189.280748][T11294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  189.288759][T11294] System zones: 1-12
[  189.293444][T11294] EXT4-fs (loop2): 1 truncate cleaned up
[  189.299571][T11294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.394448][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.443055][T11300] vcan0: entered allmulticast mode
[  189.448964][T11300] vcan0: left allmulticast mode
[  189.536989][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2674'.
[  189.567042][T11320] loop2: detected capacity change from 0 to 256
[  189.576213][T11320] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  189.587563][T11320] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  189.606134][T11320] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  189.617289][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.628346][T11320] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  189.741412][T11326] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2680'.
[  189.793611][T11330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2681'.
[  189.805567][T11330] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2681'.
[  189.814675][T11330] netlink: 2428 bytes leftover after parsing attributes in process `syz.3.2681'.
[  189.823950][T11330] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2681'.
[  189.882516][T11334] loop3: detected capacity change from 0 to 512
[  189.909436][T11334] EXT4-fs (loop3): Invalid default hash set in the superblock
[  189.999014][T11346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2688'.
[  190.156271][T11375] openvswitch: netlink: Message has 6 unknown bytes.
[  190.178361][T11377] loop3: detected capacity change from 0 to 1024
[  190.204610][T11377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.224613][T11377] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.246359][T11391] loop4: detected capacity change from 0 to 164
[  190.253578][T11391] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  190.267740][T11384] loop2: detected capacity change from 0 to 4096
[  190.279480][T11391] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  190.293861][T11391] Symlink component flag not implemented
[  190.299601][T11391] Symlink component flag not implemented
[  190.307834][T11391] Symlink component flag not implemented (7)
[  190.313895][T11391] Symlink component flag not implemented (116)
[  190.346145][T11399] loop3: detected capacity change from 0 to 164
[  190.357995][T11399] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  190.368468][T11399] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  190.377765][T11399] Symlink component flag not implemented
[  190.383491][T11399] Symlink component flag not implemented
[  190.389665][T11399] Symlink component flag not implemented (7)
[  190.395759][T11399] Symlink component flag not implemented (116)
[  190.444017][T11403] 9pnet_fd: Insufficient options for proto=fd
[  190.501530][T11413] openvswitch: netlink: Message has 6 unknown bytes.
[  190.511363][T11384] loop2: detected capacity change from 0 to 512
[  190.525296][T11384] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  190.561305][T11415] loop3: detected capacity change from 0 to 1024
[  190.568598][T11384] EXT4-fs (loop2): 1 truncate cleaned up
[  190.574828][T11384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.616807][T11422] netlink: 'syz.4.2720': attribute type 6 has an invalid length.
[  190.669314][T11415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.688078][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.698412][T11415] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.729873][T11436] 9pnet_fd: Insufficient options for proto=fd
[  190.820461][T11446] ALSA: seq fatal error: cannot create timer (-22)
[  190.837410][T11446] loop3: detected capacity change from 0 to 512
[  190.857175][T11446] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.864930][T11446] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  190.879598][T11451] openvswitch: netlink: Message has 6 unknown bytes.
[  190.887217][T11446] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  190.895218][T11446] System zones: 1-12
[  190.906074][T11446] EXT4-fs (loop3): 1 truncate cleaned up
[  190.912202][T11446] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.037803][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.116828][T11462] loop3: detected capacity change from 0 to 4096
[  191.216347][T11474] 9pnet_fd: Insufficient options for proto=fd
[  191.453958][T11480] loop3: detected capacity change from 0 to 512
[  191.466804][T11480] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  191.487234][T11480] EXT4-fs (loop3): 1 truncate cleaned up
[  191.493398][T11480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.529587][T11484] loop2: detected capacity change from 0 to 4096
[  191.532012][T11486] openvswitch: netlink: Message has 6 unknown bytes.
[  191.596355][T11484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.623591][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.696828][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.709175][T11495] loop4: detected capacity change from 0 to 512
[  191.748224][T11495] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.768198][T11499] loop3: detected capacity change from 0 to 2048
[  191.775051][T11495] ext4 filesystem being mounted at /550/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.813549][T11499]  loop3: p1 < > p4
[  191.823993][T11499] loop3: p4 size 8388608 extends beyond EOD, truncated
[  191.832142][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.125109][T11530] 9pnet_fd: Insufficient options for proto=fd
[  192.465858][T11551] ALSA: seq fatal error: cannot create timer (-22)
[  192.504659][   T29] kauditd_printk_skb: 1544 callbacks suppressed
[  192.504745][   T29] audit: type=1326 audit(1750373610.355:30400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd5098758e7 code=0x7ffc0000
[  192.536321][   T29] audit: type=1326 audit(1750373610.355:30401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd50981ab19 code=0x7ffc0000
[  192.736569][T11560] 9pnet_fd: Insufficient options for proto=fd
[  192.822037][   T29] audit: type=1326 audit(1750373610.355:30402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  192.845705][   T29] audit: type=1326 audit(1750373610.365:30403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd5098758e7 code=0x7ffc0000
[  192.869316][   T29] audit: type=1326 audit(1750373610.365:30404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd50981ab19 code=0x7ffc0000
[  192.893058][   T29] audit: type=1326 audit(1750373610.365:30405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  192.916628][   T29] audit: type=1326 audit(1750373610.375:30406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd5098758e7 code=0x7ffc0000
[  192.940150][   T29] audit: type=1326 audit(1750373610.375:30407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd50981ab19 code=0x7ffc0000
[  192.963756][   T29] audit: type=1326 audit(1750373610.375:30408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd50987e929 code=0x7ffc0000
[  192.987328][   T29] audit: type=1326 audit(1750373610.385:30409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11510 comm="syz.4.2753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd5098758e7 code=0x7ffc0000
[  193.252950][T11570] loop2: detected capacity change from 0 to 512
[  193.317513][T11570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.330171][T11570] ext4 filesystem being mounted at /518/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  193.368856][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.423709][T11577] loop2: detected capacity change from 0 to 1024
[  193.440933][T11579] ALSA: seq fatal error: cannot create timer (-22)
[  193.450235][T11577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.487382][T11577] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.2779: Abort forced by user
[  193.525837][T11583] loop3: detected capacity change from 0 to 2048
[  193.545810][T11577] EXT4-fs (loop2): Remounting filesystem read-only
[  193.552386][T11577] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  193.579904][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.589861][T11583]  loop3: p1 < > p4
[  193.594302][T11583] loop3: p4 size 8388608 extends beyond EOD, truncated
[  193.644861][T11589] loop2: detected capacity change from 0 to 4096
[  193.719591][T11597] __nla_validate_parse: 6 callbacks suppressed
[  193.719608][T11597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2788'.
[  193.751129][T11600] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2785'.
[  193.771759][T11603] loop4: detected capacity change from 0 to 512
[  193.791111][T11603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.809064][T11603] ext4 filesystem being mounted at /559/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  193.830672][T11589] loop2: detected capacity change from 0 to 512
[  193.838724][T11589] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  193.851836][T11589] EXT4-fs (loop2): 1 truncate cleaned up
[  193.855195][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.868498][T11589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.898750][T11615] ALSA: seq fatal error: cannot create timer (-22)
[  193.943175][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.008098][T11624] loop4: detected capacity change from 0 to 2048
[  194.027748][T11624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.040177][T11624] ext4 filesystem being mounted at /562/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.041321][T11613] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2791'.
[  194.120696][T11631] 9pnet_fd: Insufficient options for proto=fd
[  194.216764][   T31] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set
[  194.232523][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 404 with error 117
[  194.245220][   T31] EXT4-fs (loop4): This should not happen!! Data will be lost
[  194.245220][   T31] 
[  194.291134][T11642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2803'.
[  194.389772][T11650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2807'.
[  194.488865][T11655] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2807'.
[  194.498025][T11655] netlink: 2428 bytes leftover after parsing attributes in process `syz.0.2807'.
[  194.507211][T11655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2807'.
[  194.577748][T11658] 9pnet_fd: Insufficient options for proto=fd
[  194.599543][T11658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2810'.
[  194.758345][T11669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2814'.
[  194.826365][T11671] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  194.826365][T11671]    program syz.1.2815 not setting count and/or reply_len properly
[  194.868538][T11623] syz.4.2795 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  194.879695][T11623] CPU: 1 UID: 0 PID: 11623 Comm: syz.4.2795 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  194.879724][T11623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.879737][T11623] Call Trace:
[  194.879745][T11623]  <TASK>
[  194.879755][T11623]  __dump_stack+0x1d/0x30
[  194.879782][T11623]  dump_stack_lvl+0xe8/0x140
[  194.879806][T11623]  dump_stack+0x15/0x1b
[  194.879878][T11623]  dump_header+0x81/0x220
[  194.879962][T11623]  oom_kill_process+0x334/0x3f0
[  194.880012][T11623]  out_of_memory+0x979/0xb80
[  194.880077][T11623]  try_charge_memcg+0x5e6/0x9e0
[  194.880105][T11623]  charge_memcg+0x51/0xc0
[  194.880187][T11623]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  194.880306][T11623]  __read_swap_cache_async+0x1df/0x350
[  194.880418][T11623]  swap_cluster_readahead+0x277/0x3e0
[  194.880513][T11623]  swapin_readahead+0xde/0x6f0
[  194.880577][T11623]  ? __filemap_get_folio+0x4f7/0x6b0
[  194.880617][T11623]  ? __rcu_read_unlock+0x34/0x70
[  194.880642][T11623]  ? swap_cache_get_folio+0x77/0x200
[  194.880745][T11623]  do_swap_page+0x301/0x2430
[  194.880772][T11623]  ? css_rstat_updated+0xcd/0x5b0
[  194.880804][T11623]  ? __pfx_default_wake_function+0x10/0x10
[  194.880846][T11623]  handle_mm_fault+0x9a5/0x2be0
[  194.880874][T11623]  ? mas_walk+0xf2/0x120
[  194.881036][T11623]  do_user_addr_fault+0x636/0x1090
[  194.881074][T11623]  exc_page_fault+0x62/0xa0
[  194.881111][T11623]  asm_exc_page_fault+0x26/0x30
[  194.881257][T11623] RIP: 0033:0x7fd5098b11b4
[  194.881283][T11623] Code: ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 <48> 89 54 24 10 89 74 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff
[  194.881305][T11623] RSP: 002b:00007ffd5a921dc0 EFLAGS: 00010206
[  194.881323][T11623] RAX: 00000000fffffffa RBX: 00007fd509aa5fa0 RCX: 0000000000000000
[  194.881340][T11623] RDX: 00007ffd5a921e00 RSI: 0000000000000000 RDI: 0000000000000000
[  194.881374][T11623] RBP: 00007fd509aa7ba0 R08: 000000002e126773 R09: 7fffffffffffffff
[  194.881389][T11623] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000002f901
[  194.881401][T11623] R13: 00007fd509aa6160 R14: ffffffffffffffff R15: 00007ffd5a921f40
[  194.881420][T11623]  </TASK>
[  194.881429][T11623] memory: usage 307200kB, limit 307200kB, failcnt 1993
[  195.086313][T11681] vcan0: entered allmulticast mode
[  195.093533][T11623] memory+swap: usage 308444kB, limit 9007199254740988kB, failcnt 0
[  195.093553][T11623] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[  195.093568][T11623] Memory cgroup stats for /syz4:
[  195.093981][T11623] cache 28672
[  195.100275][T11681] vcan0: left allmulticast mode
[  195.103553][T11623] rss 0
[  195.103563][T11623] shmem 0
[  195.103572][T11623] mapped_file 0
[  195.103580][T11623] dirty 0
[  195.103589][T11623] writeback 0
[  195.152816][T11623] workingset_refault_anon 1021
[  195.157590][T11623] workingset_refault_file 2037
[  195.162491][T11623] swap 1273856
[  195.165905][T11623] swapcached 4096
[  195.169559][T11623] pgpgin 161677
[  195.173031][T11623] pgpgout 161667
[  195.176593][T11623] pgfault 142613
[  195.180144][T11623] pgmajfault 578
[  195.183686][T11623] inactive_anon 4096
[  195.187601][T11623] active_anon 0
[  195.191132][T11623] inactive_file 36864
[  195.195111][T11623] active_file 0
[  195.198636][T11623] unevictable 0
[  195.202110][T11623] hierarchical_memory_limit 314572800
[  195.207594][T11623] hierarchical_memsw_limit 9223372036854771712
[  195.213812][T11623] total_cache 28672
[  195.217770][T11623] total_rss 0
[  195.221068][T11623] total_shmem 0
[  195.224524][T11623] total_mapped_file 0
[  195.228552][T11623] total_dirty 0
[  195.232057][T11623] total_writeback 0
[  195.235965][T11623] total_workingset_refault_anon 1021
[  195.241257][T11623] total_workingset_refault_file 2037
[  195.246570][T11623] total_swap 1273856
[  195.250490][T11623] total_swapcached 4096
[  195.254833][T11623] total_pgpgin 161677
[  195.258954][T11623] total_pgpgout 161667
[  195.263122][T11623] total_pgfault 142613
[  195.267301][T11623] total_pgmajfault 578
[  195.271392][T11623] total_inactive_anon 4096
[  195.275919][T11623] total_active_anon 0
[  195.279967][T11623] total_inactive_file 36864
[  195.284664][T11623] total_active_file 0
[  195.288663][T11623] total_unevictable 0
[  195.292642][T11623] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2795,pid=11623,uid=0
[  195.307406][T11623] Memory cgroup out of memory: Killed process 11623 (syz.4.2795) total-vm:93884kB, anon-rss:1044kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  195.367912][T11684] FAULT_INJECTION: forcing a failure.
[  195.367912][T11684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.381241][T11684] CPU: 0 UID: 0 PID: 11684 Comm: syz.2.2820 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  195.381269][T11684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.381306][T11684] Call Trace:
[  195.381312][T11684]  <TASK>
[  195.381321][T11684]  __dump_stack+0x1d/0x30
[  195.381347][T11684]  dump_stack_lvl+0xe8/0x140
[  195.381447][T11684]  dump_stack+0x15/0x1b
[  195.381466][T11684]  should_fail_ex+0x265/0x280
[  195.381500][T11684]  should_fail+0xb/0x20
[  195.381536][T11684]  should_fail_usercopy+0x1a/0x20
[  195.381612][T11684]  _copy_from_user+0x1c/0xb0
[  195.381642][T11684]  memdup_user+0x5e/0xd0
[  195.381727][T11684]  strndup_user+0x68/0xb0
[  195.381750][T11684]  __se_sys_add_key+0x128/0x350
[  195.381834][T11684]  __x64_sys_add_key+0x67/0x80
[  195.381888][T11684]  x64_sys_call+0x1d0d/0x2fb0
[  195.381954][T11684]  do_syscall_64+0xd2/0x200
[  195.381977][T11684]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.382011][T11684]  ? clear_bhb_loop+0x40/0x90
[  195.382036][T11684]  ? clear_bhb_loop+0x40/0x90
[  195.382111][T11684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.382137][T11684] RIP: 0033:0x7fbf9517e929
[  195.382283][T11684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.382312][T11684] RSP: 002b:00007fbf937e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  195.382331][T11684] RAX: ffffffffffffffda RBX: 00007fbf953a5fa0 RCX: 00007fbf9517e929
[  195.382343][T11684] RDX: 0000200000000080 RSI: 0000200000000400 RDI: 00002000000003c0
[  195.382354][T11684] RBP: 00007fbf937e7090 R08: 000000003b10bdf7 R09: 0000000000000000
[  195.382366][T11684] R10: 00000000000fffff R11: 0000000000000246 R12: 0000000000000001
[  195.382381][T11684] R13: 0000000000000000 R14: 00007fbf953a5fa0 R15: 00007ffceb7446e8
[  195.382470][T11684]  </TASK>
[  195.606842][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.681191][T11691] Cannot find add_set index 0 as target
[  195.708736][T11691] 9pnet_fd: Insufficient options for proto=fd
[  195.813868][   T56] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.880610][   T56] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.949165][   T56] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.008603][   T56] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.034188][T11692] chnl_net:caif_netlink_parms(): no params data found
[  196.082174][   T56] bridge_slave_1: left allmulticast mode
[  196.088021][   T56] bridge_slave_1: left promiscuous mode
[  196.093691][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.116636][   T56] bridge_slave_0: left allmulticast mode
[  196.122505][   T56] bridge_slave_0: left promiscuous mode
[  196.128260][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.198288][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  196.208301][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.221454][   T56] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  196.231459][T11730] loop3: detected capacity change from 0 to 512
[  196.240397][   T56] bond0 (unregistering): Released all slaves
[  196.249169][T11730] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  196.273306][T11730] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  196.282537][T11692] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.289677][T11692] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.290007][T11730] System zones: 1-12
[  196.304559][T11692] bridge_slave_0: entered allmulticast mode
[  196.314152][T11692] bridge_slave_0: entered promiscuous mode
[  196.314526][T11730] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  196.326481][T11692] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.341521][T11692] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.350561][T11730] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2833: corrupted inode contents
[  196.362675][T11692] bridge_slave_1: entered allmulticast mode
[  196.368691][T11730] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2833: mark_inode_dirty error
[  196.380869][T11692] bridge_slave_1: entered promiscuous mode
[  196.386622][T11730] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2833: invalid indirect mapped block 1 (level 1)
[  196.386838][T11730] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2833: corrupted inode contents
[  196.411863][   T56] tipc: Left network mode
[  196.421937][T11730] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  196.437292][T11730] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2833: corrupted inode contents
[  196.452211][T11730] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2833: mark_inode_dirty error
[  196.453427][T11692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.463596][T11730] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  196.483733][T11730] EXT4-fs (loop3): 1 truncate cleaned up
[  196.490353][T11730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.517241][T11692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.558024][T11730] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  196.558024][T11730]    program syz.3.2833 not setting count and/or reply_len properly
[  196.579070][   T56] batman_adv: batadv0: Removing interface: team0
[  196.587395][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.594853][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.604932][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.612492][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.624539][   T56] veth1_macvtap: left promiscuous mode
[  196.630211][   T56] veth0_macvtap: left promiscuous mode
[  196.638741][   T56] veth1_vlan: left promiscuous mode
[  196.644055][   T56] veth0_vlan: left promiscuous mode
[  196.689330][T11737] loop2: detected capacity change from 0 to 164
[  196.697785][T11737] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  196.709826][T11737] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  196.718945][T11737] Symlink component flag not implemented
[  196.724719][T11737] Symlink component flag not implemented
[  196.731221][T11737] Symlink component flag not implemented (7)
[  196.731613][   T56] team0 (unregistering): Port device team_slave_1 removed
[  196.737283][T11737] Symlink component flag not implemented (116)
[  196.753817][   T56] team0 (unregistering): Port device team_slave_0 removed
[  196.789247][   T56] vcan0 (unregistering): left allmulticast mode
[  196.798313][T11735] hsr_slave_0: left promiscuous mode
[  196.804061][T11735] hsr_slave_1: left promiscuous mode
[  196.814251][T11692] team0: Port device team_slave_0 added
[  196.821192][T11692] team0: Port device team_slave_1 added
[  196.841891][T11692] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.848963][T11692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.860626][T11745] loop2: detected capacity change from 0 to 164
[  196.874964][T11692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.892329][T11745] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  196.892995][T11692] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.906204][T11745] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  196.907601][T11692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.917736][T11745] Symlink component flag not implemented
[  196.941868][T11692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.958216][T11745] Symlink component flag not implemented
[  196.964182][T11745] Symlink component flag not implemented (7)
[  196.970211][T11745] Symlink component flag not implemented (116)
[  196.989602][T11692] hsr_slave_0: entered promiscuous mode
[  196.996517][T11692] hsr_slave_1: entered promiscuous mode
[  197.023398][T11752] 9pnet_fd: Insufficient options for proto=fd
[  197.054316][   T10] kernel write not supported for file /78/attr/keycreate (pid: 10 comm: kworker/0:1)
[  197.114084][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.127000][T11762] loop4: detected capacity change from 0 to 164
[  197.135106][T11762] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  197.144112][T11762] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  197.162086][   T56] IPVS: stop unused estimator thread 0...
[  197.175369][T11762] Symlink component flag not implemented
[  197.181155][T11762] Symlink component flag not implemented
[  197.192550][T11762] Symlink component flag not implemented (7)
[  197.198732][T11762] Symlink component flag not implemented (116)
[  197.284628][T11774] 9pnet_fd: Insufficient options for proto=fd
[  197.387666][T11780] loop4: detected capacity change from 0 to 256
[  197.396597][T11780] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  197.410240][T11780] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  197.420788][T11780] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  197.442557][T11780] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  197.453292][T11692] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  197.462496][T11692] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  197.476260][T11784] loop3: detected capacity change from 0 to 512
[  197.481853][T11692] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  197.505596][T11692] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  197.506471][   T29] kauditd_printk_skb: 1399 callbacks suppressed
[  197.506488][   T29] audit: type=1326 audit(1750373615.365:31809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f185e7958e7 code=0x7ffc0000
[  197.542287][   T29] audit: type=1326 audit(1750373615.365:31810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f185e73ab19 code=0x7ffc0000
[  197.565882][   T29] audit: type=1326 audit(1750373615.365:31811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f185e79e929 code=0x7ffc0000
[  197.590366][   T29] audit: type=1326 audit(1750373615.395:31812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f185e7958e7 code=0x7ffc0000
[  197.614055][   T29] audit: type=1326 audit(1750373615.395:31813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f185e73ab19 code=0x7ffc0000
[  197.637608][   T29] audit: type=1326 audit(1750373615.395:31814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f185e79e929 code=0x7ffc0000
[  197.661129][   T29] audit: type=1326 audit(1750373615.395:31815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f185e7958e7 code=0x7ffc0000
[  197.684729][   T29] audit: type=1326 audit(1750373615.395:31816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f185e73ab19 code=0x7ffc0000
[  197.703013][T11692] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.708299][   T29] audit: type=1326 audit(1750373615.395:31817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f185e79e929 code=0x7ffc0000
[  197.732223][T11692] 8021q: adding VLAN 0 to HW filter on device team0
[  197.738453][   T29] audit: type=1326 audit(1750373615.395:31818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11781 comm="syz.1.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f185e7958e7 code=0x7ffc0000
[  197.749950][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.771527][T11784] EXT4-fs (loop3): Invalid default hash set in the superblock
[  197.775575][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.809339][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.816469][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.840264][T11692] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  197.850728][T11692] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  197.861315][T11794] loop4: detected capacity change from 0 to 4096
[  197.897934][T11794] loop4: detected capacity change from 0 to 512
[  197.904972][T11794] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  197.954986][T11692] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.965564][T11794] EXT4-fs (loop4): 1 truncate cleaned up
[  197.971478][T11794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.021017][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.051729][T11812] loop4: detected capacity change from 0 to 164
[  198.059257][T11812] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.069011][T11812] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.077734][T11812] Symlink component flag not implemented
[  198.083573][T11812] Symlink component flag not implemented
[  198.089964][T11812] Symlink component flag not implemented (7)
[  198.096060][T11812] Symlink component flag not implemented (116)
[  198.127095][T11692] veth0_vlan: entered promiscuous mode
[  198.144627][T11692] veth1_vlan: entered promiscuous mode
[  198.162977][T11692] veth0_macvtap: entered promiscuous mode
[  198.170505][T11692] veth1_macvtap: entered promiscuous mode
[  198.182071][T11692] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.193556][T11692] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.203339][T11692] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.212118][T11692] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.220944][T11692] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.229765][T11692] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.321651][T11835] openvswitch: netlink: Message has 6 unknown bytes.
[  198.343752][T11837] unsupported nlmsg_type 40
[  198.376430][T11840] ªªªªªª: renamed from vlan0 (while UP)
[  198.464834][T11851] loop4: detected capacity change from 0 to 512
[  198.518680][T11857] loop3: detected capacity change from 0 to 164
[  198.526636][T11857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.537174][T11857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.545939][T11857] Symlink component flag not implemented
[  198.551592][T11857] Symlink component flag not implemented
[  198.557823][T11857] Symlink component flag not implemented (7)
[  198.563875][T11857] Symlink component flag not implemented (116)
[  198.581292][T11851] EXT4-fs (loop4): Invalid default hash set in the superblock
[  198.613988][T11863] FAULT_INJECTION: forcing a failure.
[  198.613988][T11863] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  198.627359][T11863] CPU: 1 UID: 0 PID: 11863 Comm: syz.3.2878 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  198.627394][T11863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.627409][T11863] Call Trace:
[  198.627484][T11863]  <TASK>
[  198.627492][T11863]  __dump_stack+0x1d/0x30
[  198.627518][T11863]  dump_stack_lvl+0xe8/0x140
[  198.627540][T11863]  dump_stack+0x15/0x1b
[  198.627558][T11863]  should_fail_ex+0x265/0x280
[  198.627612][T11863]  should_fail_alloc_page+0xf2/0x100
[  198.627651][T11863]  __alloc_frozen_pages_noprof+0xff/0x360
[  198.627742][T11863]  alloc_pages_mpol+0xb3/0x250
[  198.627783][T11863]  vma_alloc_folio_noprof+0x1aa/0x300
[  198.627869][T11863]  handle_mm_fault+0xec2/0x2be0
[  198.627939][T11863]  ? __rcu_read_unlock+0x4f/0x70
[  198.627969][T11863]  do_user_addr_fault+0x3fe/0x1090
[  198.628088][T11863]  exc_page_fault+0x62/0xa0
[  198.628124][T11863]  asm_exc_page_fault+0x26/0x30
[  198.628150][T11863] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  198.628182][T11863] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  198.628275][T11863] RSP: 0018:ffffc90001c0fd50 EFLAGS: 00050206
[  198.628289][T11863] RAX: ffff88811a7c8a98 RBX: 0000000000001000 RCX: 0000000000001000
[  198.628304][T11863] RDX: 0000000000000000 RSI: ffff88812ed62000 RDI: 0000200000001240
[  198.628320][T11863] RBP: ffff88812ed62000 R08: 00000000000007cb R09: 0000000000000000
[  198.628335][T11863] R10: 000188812ed62000 R11: 000188812ed62fff R12: 0000200000002240
[  198.628352][T11863] R13: 00007ffffffff000 R14: 0000200000001240 R15: ffff88812ed62000
[  198.628397][T11863]  _copy_to_user+0x7c/0xa0
[  198.628424][T11863]  pagemap_read+0x379/0x5e0
[  198.628465][T11863]  ? __pfx_pagemap_read+0x10/0x10
[  198.628493][T11863]  vfs_read+0x1a0/0x6f0
[  198.628589][T11863]  ? __rcu_read_unlock+0x4f/0x70
[  198.628619][T11863]  ? __fget_files+0x184/0x1c0
[  198.628675][T11863]  __x64_sys_pread64+0xfd/0x150
[  198.628699][T11863]  x64_sys_call+0x296d/0x2fb0
[  198.628737][T11863]  do_syscall_64+0xd2/0x200
[  198.628755][T11863]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.628780][T11863]  ? clear_bhb_loop+0x40/0x90
[  198.628876][T11863]  ? clear_bhb_loop+0x40/0x90
[  198.628977][T11863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.629003][T11863] RIP: 0033:0x7f00f4fde929
[  198.629017][T11863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.629072][T11863] RSP: 002b:00007f00f3647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  198.629090][T11863] RAX: ffffffffffffffda RBX: 00007f00f5205fa0 RCX: 00007f00f4fde929
[  198.629104][T11863] RDX: 0000000000200000 RSI: 0000200000001240 RDI: 0000000000000003
[  198.629118][T11863] RBP: 00007f00f3647090 R08: 0000000000000000 R09: 0000000000000000
[  198.629133][T11863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.629148][T11863] R13: 0000000000000000 R14: 00007f00f5205fa0 R15: 00007ffc26070c58
[  198.629238][T11863]  </TASK>
[  198.634399][T11865] loop0: detected capacity change from 0 to 1024
[  198.651295][T11867] loop3: detected capacity change from 0 to 512
[  198.667744][T11865] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.668421][T11865] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.678207][T11867] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  198.791219][T11873] loop2: detected capacity change from 0 to 2048
[  198.891674][T11867] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  198.979422][T11880] x_tables: ip_tables: ah match: only valid for protocol 51
[  198.981323][T11867] System zones: 
[  199.000633][T11880] 9pnet_fd: Insufficient options for proto=fd
[  199.002268][T11867] 1-12
[  199.015913][T11867] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  199.031387][T11867] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2880: corrupted inode contents
[  199.032311][T11873]  loop2: p1 < > p4
[  199.049975][T11867] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.2880: mark_inode_dirty error
[  199.063288][T11867] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2880: invalid indirect mapped block 1 (level 1)
[  199.063352][T11873] loop2: p4 size 8388608 extends beyond EOD, truncated
[  199.078660][T11867] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2880: corrupted inode contents
[  199.101198][T11886] __nla_validate_parse: 8 callbacks suppressed
[  199.101217][T11886] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2885'.
[  199.107624][T11867] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  199.128946][T11867] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.2880: corrupted inode contents
[  199.141998][T11867] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2880: mark_inode_dirty error
[  199.153700][T11867] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  199.164344][T11867] EXT4-fs (loop3): 1 truncate cleaned up
[  199.171319][T11867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.203569][T11867] sg_write: data in/out 808464380/1 bytes for SCSI command 0x33-- guessing data in;
[  199.203569][T11867]    program syz.3.2880 not setting count and/or reply_len properly
[  199.330021][T11900] loop0: detected capacity change from 0 to 2048
[  199.375658][T11900]  loop0: p1 < > p4
[  199.379968][T11900] loop0: p4 size 8388608 extends beyond EOD, truncated
[  199.449488][T11906] loop0: detected capacity change from 0 to 164
[  199.457035][T11906] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  199.467426][T11906] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  199.475959][T11906] Symlink component flag not implemented
[  199.481778][T11906] Symlink component flag not implemented
[  199.499411][T11906] Symlink component flag not implemented (7)
[  199.505662][T11906] Symlink component flag not implemented (116)
[  199.512565][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.527361][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2898'.
[  199.630293][T11924] loop3: detected capacity change from 0 to 512
[  199.647057][T11924] EXT4-fs (loop3): orphan cleanup on readonly fs
[  199.653971][T11924] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.2903: bad orphan inode 13
[  199.664402][T11924] ext4_test_bit(bit=12, block=18) = 1
[  199.669911][T11924] is_bad_inode(inode)=0
[  199.674088][T11924] NEXT_ORPHAN(inode)=2130706432
[  199.679001][T11924] max_ino=32
[  199.679010][T11924] i_nlink=1
[  199.680203][T11924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.703079][T11936] FAULT_INJECTION: forcing a failure.
[  199.703079][T11936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.715362][T11924] FAULT_INJECTION: forcing a failure.
[  199.715362][T11924] name failslab, interval 1, probability 0, space 0, times 0
[  199.726656][T11936] CPU: 1 UID: 0 PID: 11936 Comm: syz.2.2907 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  199.726762][T11936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.726844][T11936] Call Trace:
[  199.726853][T11936]  <TASK>
[  199.726863][T11936]  __dump_stack+0x1d/0x30
[  199.726954][T11936]  dump_stack_lvl+0xe8/0x140
[  199.727058][T11936]  dump_stack+0x15/0x1b
[  199.727108][T11936]  should_fail_ex+0x265/0x280
[  199.727152][T11936]  should_fail+0xb/0x20
[  199.727189][T11936]  should_fail_usercopy+0x1a/0x20
[  199.727292][T11936]  _copy_from_user+0x1c/0xb0
[  199.727321][T11936]  ___sys_sendmsg+0xc1/0x1d0
[  199.727384][T11936]  __x64_sys_sendmsg+0xd4/0x160
[  199.727471][T11936]  x64_sys_call+0x2999/0x2fb0
[  199.727544][T11936]  do_syscall_64+0xd2/0x200
[  199.727618][T11936]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.727733][T11936]  ? clear_bhb_loop+0x40/0x90
[  199.727762][T11936]  ? clear_bhb_loop+0x40/0x90
[  199.727792][T11936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.727821][T11936] RIP: 0033:0x7fbf9517e929
[  199.727887][T11936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.727912][T11936] RSP: 002b:00007fbf937e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.727939][T11936] RAX: ffffffffffffffda RBX: 00007fbf953a5fa0 RCX: 00007fbf9517e929
[  199.728000][T11936] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000009
[  199.728017][T11936] RBP: 00007fbf937e7090 R08: 0000000000000000 R09: 0000000000000000
[  199.728033][T11936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.728050][T11936] R13: 0000000000000000 R14: 00007fbf953a5fa0 R15: 00007ffceb7446e8
[  199.728076][T11936]  </TASK>
[  199.789116][T11938] loop0: detected capacity change from 0 to 1024
[  199.790523][T11924] CPU: 0 UID: 0 PID: 11924 Comm: syz.3.2903 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  199.790559][T11924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.790591][T11924] Call Trace:
[  199.790600][T11924]  <TASK>
[  199.790610][T11924]  __dump_stack+0x1d/0x30
[  199.790662][T11924]  dump_stack_lvl+0xe8/0x140
[  199.790690][T11924]  dump_stack+0x15/0x1b
[  199.790712][T11924]  should_fail_ex+0x265/0x280
[  199.790763][T11924]  should_failslab+0x8c/0xb0
[  199.790859][T11924]  __kmalloc_noprof+0xa5/0x3e0
[  199.790960][T11924]  ? copy_splice_read+0xc2/0x5f0
[  199.791057][T11924]  copy_splice_read+0xc2/0x5f0
[  199.791101][T11924]  ? __pfx_copy_splice_read+0x10/0x10
[  199.791203][T11924]  splice_direct_to_actor+0x26c/0x680
[  199.791245][T11924]  ? __pfx_direct_splice_actor+0x10/0x10
[  199.791340][T11924]  do_splice_direct+0xda/0x150
[  199.791380][T11924]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  199.791427][T11924]  do_sendfile+0x380/0x650
[  199.791473][T11924]  __x64_sys_sendfile64+0x105/0x150
[  199.791503][T11924]  x64_sys_call+0xb39/0x2fb0
[  199.791579][T11924]  do_syscall_64+0xd2/0x200
[  199.791604][T11924]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.791639][T11924]  ? clear_bhb_loop+0x40/0x90
[  199.791666][T11924]  ? clear_bhb_loop+0x40/0x90
[  199.791695][T11924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.791838][T11924] RIP: 0033:0x7f00f4fde929
[  199.791858][T11924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.791883][T11924] RSP: 002b:00007f00f3647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  199.791909][T11924] RAX: ffffffffffffffda RBX: 00007f00f5205fa0 RCX: 00007f00f4fde929
[  199.791925][T11924] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  199.791942][T11924] RBP: 00007f00f3647090 R08: 0000000000000000 R09: 0000000000000000
[  199.791976][T11924] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[  199.791992][T11924] R13: 0000000000000000 R14: 00007f00f5205fa0 R15: 00007ffc26070c58
[  199.792018][T11924]  </TASK>
[  200.135132][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.156922][T11941] openvswitch: netlink: Message has 6 unknown bytes.
[  200.171562][T11938] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.256890][T11950] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2912'.
[  200.272826][T11951] loop2: detected capacity change from 0 to 2048
[  200.298318][T11954] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2913'.
[  200.317956][T11692] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.342105][T11951] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.359576][T11951] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.392759][T11962] loop0: detected capacity change from 0 to 2048
[  200.436149][T11962]  loop0: p1 < > p4
[  200.440932][T11966] loop4: detected capacity change from 0 to 2048
[  200.448064][T11962] loop0: p4 size 8388608 extends beyond EOD, truncated
[  200.519023][T11966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.552151][ T9291] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:11: bg 0: block 345: padding at end of block bitmap is not set
[  200.566834][T11951] ==================================================================
[  200.574971][T11951] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  200.584812][T11951] 
[  200.587147][T11951] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  200.595224][T11951]  tick_do_update_jiffies64+0x113/0x1c0
[  200.600801][T11951]  tick_nohz_handler+0x7f/0x2d0
[  200.605689][T11951]  __hrtimer_run_queues+0x20f/0x5a0
[  200.610907][T11951]  hrtimer_interrupt+0x21a/0x460
[  200.615857][T11951]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[  200.621796][T11951]  sysvec_apic_timer_interrupt+0x6f/0x80
[  200.627451][T11951]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  200.633445][T11951]  console_flush_all+0x55b/0x730
[  200.638400][T11951]  console_unlock+0xa1/0x330
[  200.643000][T11951]  vprintk_emit+0x388/0x650
[  200.647519][T11951]  vprintk_default+0x26/0x30
[  200.652118][T11951]  vprintk+0x1d/0x30
[  200.656035][T11951]  _printk+0x79/0xa0
[  200.659951][T11951]  __ext4_error+0x248/0x320
[  200.664470][T11951]  ext4_validate_block_bitmap+0x557/0x5a0
[  200.670203][T11951]  ext4_wait_block_bitmap+0xda/0x150
[  200.675527][T11951]  ext4_mb_init_cache+0x2f1/0xb70
[  200.680564][T11951]  ext4_mb_init_group+0x25b/0x3f0
[  200.685615][T11951]  ext4_mb_load_buddy_gfp+0x72a/0x790
[  200.691005][T11951]  ext4_mb_find_by_goal+0x10b/0x720
[  200.696217][T11951]  ext4_mb_regular_allocator+0x135/0x2300
[  200.701975][T11951]  ext4_mb_new_blocks+0x800/0x2050
[  200.707115][T11951]  ext4_ext_map_blocks+0xff5/0x38a0
[  200.712359][T11951]  ext4_map_blocks+0x61c/0xd70
[  200.717147][T11951]  ext4_do_writepages+0x12d5/0x21c0
[  200.722371][T11951]  ext4_writepages+0x176/0x300
[  200.727163][T11951]  do_writepages+0x1c6/0x310
[  200.731770][T11951]  __writeback_single_inode+0x80/0x7c0
[  200.737250][T11951]  writeback_sb_inodes+0x480/0xa20
[  200.742381][T11951]  __writeback_inodes_wb+0x94/0x1a0
[  200.747610][T11951]  wb_writeback+0x266/0x5c0
[  200.752131][T11951]  wb_workfn+0x4c9/0x910
[  200.756388][T11951]  process_scheduled_works+0x4ce/0x9d0
[  200.761874][T11951]  worker_thread+0x582/0x770
[  200.766491][T11951]  kthread+0x486/0x510
[  200.770571][T11951]  ret_from_fork+0xdd/0x150
[  200.775084][T11951]  ret_from_fork_asm+0x1a/0x30
[  200.779866][T11951] 
[  200.782196][T11951] read to 0xffffffff868099c0 of 8 bytes by task 11951 on cpu 1:
[  200.789844][T11951]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  200.796102][T11951]  count_shadow_nodes+0x6a/0x230
[  200.801050][T11951]  do_shrink_slab+0x60/0x680
[  200.805662][T11951]  shrink_slab+0x448/0x760
[  200.810093][T11951]  shrink_node+0x6c3/0x2120
[  200.814612][T11951]  do_try_to_free_pages+0x3f6/0xcd0
[  200.819823][T11951]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  200.825729][T11951]  try_charge_memcg+0x358/0x9e0
[  200.830603][T11951]  obj_cgroup_charge_pages+0xa6/0x150
[  200.836008][T11951]  __memcg_kmem_charge_page+0x9f/0x170
[  200.841493][T11951]  __alloc_frozen_pages_noprof+0x188/0x360
[  200.847328][T11951]  alloc_pages_mpol+0xb3/0x250
[  200.852122][T11951]  alloc_pages_noprof+0x90/0x130
[  200.857087][T11951]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  200.862916][T11951]  __kvmalloc_node_noprof+0x30f/0x4e0
[  200.868311][T11951]  ip_set_alloc+0x1f/0x30
[  200.872663][T11951]  hash_netiface_create+0x282/0x740
[  200.877886][T11951]  ip_set_create+0x3cc/0x960
[  200.882505][T11951]  nfnetlink_rcv_msg+0x4c6/0x590
[  200.887459][T11951]  netlink_rcv_skb+0x123/0x220
[  200.892252][T11951]  nfnetlink_rcv+0x16b/0x1690
[  200.896945][T11951]  netlink_unicast+0x5a1/0x670
[  200.901732][T11951]  netlink_sendmsg+0x58b/0x6b0
[  200.906682][T11951]  __sock_sendmsg+0x145/0x180
[  200.911381][T11951]  ____sys_sendmsg+0x31e/0x4e0
[  200.916173][T11951]  ___sys_sendmsg+0x17b/0x1d0
[  200.920873][T11951]  __x64_sys_sendmsg+0xd4/0x160
[  200.925746][T11951]  x64_sys_call+0x2999/0x2fb0
[  200.930434][T11951]  do_syscall_64+0xd2/0x200
[  200.934944][T11951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.940852][T11951] 
[  200.943178][T11951] value changed: 0x00000000ffffd8ef -> 0x00000000ffffd8f1
[  200.950381][T11951] 
[  200.952721][T11951] Reported by Kernel Concurrency Sanitizer on:
[  200.958876][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.2.2910 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  200.971391][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  200.981462][T11951] ==================================================================
[  200.995665][T11973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2919'.
[  201.005182][T11966] ext4 filesystem being mounted at /584/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.019800][ T9291] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 306 with error 117
[  201.032511][ T9291] EXT4-fs (loop2): This should not happen!! Data will be lost
[  201.032511][ T9291] 
[  201.298150][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 322 with max blocks 2 with error 117
[  201.310280][ T9291] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:11: bg 0: block 345: padding at end of block bitmap is not set
[  201.310743][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[  201.310743][   T12] 
[  201.317972][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.327725][ T9291] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  201.356944][ T9291] EXT4-fs (loop4): This should not happen!! Data will be lost
[  201.356944][ T9291] 
[  201.381339][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 76 with error 28
[  201.393923][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  201.393923][   T12] 
[  201.403598][   T12] EXT4-fs (loop4): Total free blocks count 0
[  201.409620][   T12] EXT4-fs (loop4): Free/Dirty block details
[  201.415527][   T12] EXT4-fs (loop4): free_blocks=0
[  201.420498][   T12] EXT4-fs (loop4): dirty_blocks=80
[  201.425665][   T12] EXT4-fs (loop4): Block reservation details