last executing test programs:

4.838519938s ago: executing program 0 (id=479):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="dcf204d80000000000000000371eb26b8bc47890707531a8607476771d495683307a110a50121a71b5ec6c1e801a294fb561261ef961c073ef8ae2f6fed6f11ea8f7c4d348b16a7140cc9d932ce6bb10739ab13c416b7f0e3b94c616760c546ae7dbe63d2810347614c7b8c85651476c24784daee81e8157ee0671f6adefc15706c0ac8a6c"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a0000200"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001b80)=""/4096, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x10001, <r1=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00006a"], 0xfe33)
r3 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
fcntl$addseals(r3, 0x409, 0xb)

4.641647164s ago: executing program 4 (id=481):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
wait4(0x0, 0x0, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x1, 0x3e, &(0x7f0000000080)="3a0dc768", 0x4)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000040)={0x4, 0x8000003, 0x9, 0x407, 0x2a, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socket$kcm(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r6}, 0x38)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)

4.482887206s ago: executing program 4 (id=482):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = socket(0x15, 0x5, 0x0)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x9, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, &(0x7f0000000c00)={{r0}, "071111db74689faa187738f5406ff30c753043e5c26cf9a606a2a31c1a937dbbcf89386e8d77e95a27711f9d922cad279a3021d8309806744dda801f482ac08cfb4ae9d450b189feab4664f4fd4dda97b7455d40dec1f3d43f875eb4d654fb778e003c88298a79b8711d1072cec62209b6c16d99f2b2ccb54b3791683ec9abb746d38449c5ab297a4c10ecb081d4ede3a8b51cedc17de431ecdb5c72cb4da1e42a52c2ffeeba1f9e0847573515e75e1e809ccc729471f45744e361c8b8cb44e7d4729d56872d4c18d191f36601469eb1c941a26909bfe17afa4a043fd9f5e4197a312afa2d3247fbcf781850a5c1ce6add0f6c1e3494418dbb76ce5ac51b34e25292be5f9ded74e73ebe4a8a54363affeb7e34fdd1e1378efa3613aa44aef9881fb1977fabb842e314c11108ac122ac5798a624d9146b6d5a1debe34b6915000920d6f15db76630e8d50a0b48239ada26a208094a92f2158b9bc8a68d3485e8767acaed3fbb28e1d0ca042e487404d40a7e346bc9b7f9f2a92d0b5dd587b6f5637996f01161e25331d8839a55f1b41ba3d7ad5d1a3d5abfa3811db655acee9fe892b421d22b1215a2993249a2cfd06f9e01b64e12a336a2236699ca56d234fe1b896d3979d22d74bb0e9dae4b255f86d2efd11cf46887253936f18a5608b424261479b056cd1cfa371237b7c643bf791953664f14943f3f32ce1c22803b7382f8c8c951800b357af64a4643ae959ef0b66aa9bef4d69456e0a337e761e63b59fa2d995316b589ec53ebe244c699bffe7b58447dc6bbf122a19d58363d557add23d60cfd6d4409d855a21feb1dd56fb1fbad322b044b3b957f7caeac550418db4b37bfbf5fc49d93acff2b2cbd8c755d3b8ab917140f55894c0afbc5d7804fb1dc9e051d43484d9c69cb16e470a05a20a865972a09a1d92720d9ea781cf1fa73c05264f26832cd457409c06d8b23465a143e76b20df158560e18848faef287494fa1ca48e6ba3ecdc3f47dc6b6b902d05a2262fc54969d82383425219ae5e0c3f40b346d67a7002bf647f1f9a794e6febf87d355d835003bc7fcd9547c9052021e3573553ac69e2fc3b8317d80f62d5b9cb58fe298af50b9b92c66d1c062e40c47d0400221c9a811600fd9980bcbc147ee045439ef04cd3980f43fdfd414eb57a19e07e740fb2bae1a231262924a3c28ae1aa7e046b16cd58fc287cc4cc11394eb27932bf9db89bf81542543efc8a417833e878cdd633d8d470e39cf77ad24f74844f2b3d2983d86d56d1b7696fa2ca75a82c2ee31bea5a7ba55ae524d95b053417f66e4d16fd2b20c2ae5229bb7dc2115d86baf855a4858d14cb05da2110bbcd4ef2ba67d26d339101246dcf3a3d691c7740d83f0d0bce7eacf42534e6dbe6649f122746e46e9df6abbce7b134ef1949ba1685eaac266a3bd03fe57a68634cf8163a9b580ea4ab2c4fa368c244cfff003d48395f87168b1965d72985fb5e438e4f9eef9b4b6141bb856cab1f72fe9b6fc18ed347aa8fee148519a3fa0cffff76c67c4aaf70c0f044bb8bbf623938df4ab17dd1c8b803a6e6c3645929e15dd34e1676c37fb7c2c531fd6163651dbc1c9ff84d698028e227a52c94b872a2b12ae351c819e42574f81692942f069379b904f8cc2c96fc3badf142da358cc11d7407d577020223b86fb49da40cc37bd57bc0083aa6b300d05523eaad73a36b4832768c587bb7422fdf547fc696dda176e37478df64fb5d2a02f341be81e5d4365a32fdc9150cc4e7d26a301a3c2f3a88e56dbe11b2c16476e1aa94533db7d1db2c1e6f093c0817807eabd8d61898aece0490df825b7a6e94058db4989e57ebb964fa1ce1d6a50373f3ca60424395152964e5b47f6439052485c4fed886597e7e3edc2308654eb7ad4e5294a5b41c497beaf7f3fbd9cd00737c701151d289675a5ac3a2e6d17e319affe26ada3d698bb7179ea7159f4d74c25d58f76a7d69935e809aa3f970851aaaf828a2c615742fb72f0b2894670a31f80c08598f92705548f4d3e477403b49b61d4f2368035a3083a756b1537c6e18f1116cdc1968d9d4b5232d3a3bf9436c9bc96a653eec702eacc0655e052551eb1a034f381cbd10b0f0eb68c4a41d8d7e369858c5f927f1889eab025f2bad31f71f6377c4163f158b3fbdfd642c5fc9bf8f96a458e77cf83493ed89a42a0292ad9c0e9276ddb039a96a9b52839aea2ee8a12606b12167d99454d6dc3af521e4b0d1f29fbf85762a70fc8e03f8dcc648a8a21a3080e58aba4998c7f8f2a8f2127422e81f91791f1c7f957401328e54e871aca0cc1479141759675a970cdb465894bdb365b9935f38c7ce45673d96b0ebafb67ee3c5a38aef682fcd422977401a1508bf7e4246c121742e2df6877344d7ca223dc89418f1cca93493a550b640f93ef09de0b47d92e4b803d2becd75d23330de220ecd407f8695f1541b7ba3bb22269340f5ff1eb08e215890112e78ea4bc6e43195e46723518a69f5e334f03a19c92b28da33fb85e80efca5807a622dd1e966d3001bd1d9bbea0600c6370ae05f9a14b38151cc8be841670979e21fe244c18df18d590cbb52b08dde1432e7954759eb9567c432073b0fef87d3a55002e5cb823b22b9fcb5b0b3566a4c15ab9e2abf8a4daf83be9c5b9575b637012fb10992f3cdc1f6a911cdeb842654838e09c27c77395564b2d1ffd1bd617778e28149cc878814a7fd2975612bb4fae7a1d0b610347a7cbb4bfc086ea60bf14b8ec5f8c7635b5323f6620a9d5e2620f26141454b47924f1a67a2592603f8358c223472933dd207baf1e61d9bcfa279d36dc247f68e361a784baa12e5168bf815eb29d6cc1ebce3bc1593e0465163b9a695831c44d3ed8a2577d878997f3dd95b752b84d0e67b4b433656b66cb55357d3f6d046c2fbd3b01a84aaae700d333a01314e4cfb637f19bf3e3cb99501cc687f0871cd5fc4dc29aa171d6b429bf5a2b84f74147df1445b60ec248fd9baf2e6fe5281f9042efa0038f91140f07054ce7974745dba562fa69700b7d1ef82fe5a6104c15fa6a185439ea7e3ba3886d6a9ee6dbcf164a27deb77cc8b6653a7999c6d99c6311bbe27479a1e279a71ef2fadd7adea79592a64fb62450545a0359ffe993ea13a1ab083eccd4313e2a0125f59af4649b3f1eb14a6c92e7efbc1809b0411d37ac92f47a38c9b1a2aadece136df0f845871fd7471fbbe023b1242b258b47055063edf8b9dfe297d37070f7347eb2cea6c4d3e819b81a3174382ad2d248e8f9b6e6a746dc630c8d51b0eba3e7420cca62a0124e509a1f0990b3f9fc429afdebd5374e03c597f3770cc5e112512fae06a5337b1905ac090cd68a8d5377f2a93f3693e3fa5cc7757e6d5328c7f3b6c492c246b60d82f16d112b4fc46f1368bd859d40e726dd7817222e8f838f8fce17a434983ec972ede505af99347169a089084b416ddfa09421e7e079b55da7a3fed6f7f92b456e0e1434fcfdaf0db3c455875d8aa03a6dae8bafea19bbb576ca12d4b48342de8717996df11fe67c666e3e7b809c52a2b4079589a2d50b823f813e7921c4651b75b4a89c58f8cd9a1db1d81e03a68a678f12c46bb0ba9b94da4a343354ecda23adfc0f48c87d46635933a4d6d30b795d0d0b5e845716a85a562b1b0c40e02a847758122aff3b6de5db7478d8fee218f5b0081ed9aacf0552bbd3e9a08931f939c1f1594cb5112b075dfb9906386970a9e1b8038694602271211daa0be773a24bbf10faead9d42e8dfd60f631a72e6663488499a7bc0240a7a2b38bc27a5d072f28697bfafdb7efa05617ce9ec10a848c8c0d9f56ec63b2e3db953580498320721556a2e420de05547c179916e6984c0ae5719da558fbf4b44a9b5bacdd39200324c71e872d0901ebab2cea5efaaeed5b32b1020799949843d6f5450a4a96d68a716b746e40081f751c065adaec4370578fff568b15f017c094eb3cb6c5993930a7453724c00abdf584c3de1e470697e2527ac04086f28e7c58f4380972021a3aa779ae4674033eb20aa74842b8d3d494bd3119b4c5ddf98153dc7cbe601eb950057be8428adefa3aedf2d94a14672ab309b4893cbd36086f8610ca4fdb1c419a620bf987bebf32f4ca0a1760f29eca8ebebbae5c9bb58805c00a3b58e1b97cc70d579e3a6bb5fe833290af5109b860ccb71be088b0eeda40c0041e63c23c238a28951a75e169b73ae684c46c242d8d8d398ad5104759a5f91b40aa5b6daca5cefc4282b8e51d6b082d0820e8edc4500d8b3be93d16b09891b9b2c11ee72978504917c6b190de1601f46ffd905ba866872ea35354d7f565c7290add52c40788ee5594345378c4fdcb84ea728a3165d396df32e5213e7bc034cf97a8929189d51f09fbd8b1506d6ee4da877fb895d4b4ce324d03412b7f956e3349107a172def5a5955dd62bd936817433bfa8064fa764872d9e798fd2663c47512363e36ee9ad8af190d51b9f39961a32ae79d4b54795ea5c090409e5719992fd51658411d1341d6c0d69d87f9ab538a48e32a4afaaf3ccf2c2149097108ba672c412892f2e222be10589599ebe6283c690a56cd42e615423c2baed603dae8488080bbefc6793c9e3465aee465d7a36a01825189c40fee5395fa4ebb25b50dcba8da9b45f4e37876f736e6f4f650eea9784182297bb6045dd87ea31553c1f19739f047138c2a8bddc1977432ed59e1dec221c3eb00026e5fe3498d5f7d794866d0874fb36169085dfdba122a30676b51a9f693417ee517c00bf37255e8b135da2f91ca4f7c5f3639b6ab43593af4b1649e240cbd97757f49bfe0f362c553fcf27fe2b0299e3b2d9da9fea7a3bb2bf89853308d34ced0ed437f598444386ff255db2469af658f20c844070453dd0924406827cf3c25b1c082f085ac6b817aff3007074338f45ab4a8b76ebc17f3abf6ad3076559fcdb5fbe7474d05db925b6c48f6a8d5731eed48113bb3da5e18f8a4e25ff1734aba4527e83c9101646c6ba7ada56a640b068b1d35e1d055f4b9b8f7ae7b09d453a6b1aa84577fe7c5cf4720f2c7ec13ce5d05dea9684e600cdc8ea8766ba61474a1096406b2d1dedde8d66532892d8f6080df0ea0e2ac2eaaba85965097c97504136ef434473ad0c2c2c2112e22c8edccb9cf2e2f96cd94407beab5a5d7bfed72b5f37dd98d1b7348cef22dcc31e0e8043685db137e0369b86090e8e774fa2415fd351a5082cb3d2363efeb9030e5d21719dddad92c30a9e1a31d4a89d583ca3e5423b16dcb953283f93b4c7d60e24eed2b701b265063333fd398ce2b2a876c4dbf4ccd8e80405bd28bc82118e36ead442a966514e498f70964f3fe873093f429ec6d8318b18c523177a2188a08b832806dfc2bf8beda18fb0fcff5e090dfa56eaa435a39672ae9c70d641013efa39cd745d96fbaecfd19d3bbf77389fd1ea966a462481ac5072463e7b4d739071785eaeddda7a87c51c634a58c4076b4dab753707f22a49b2167445fb8514f2b330f69f79bd5eb6b3e2fd713b17b897fb4f25972be2cf6ae39d2e8127d81efa61ed3799d31d14f61014e6092a0d0effdf5dbf816a4d5be5d0b52d721a8f7c96eb4bd958ef593081a94f56d8adf319596c42750fc21ade6dc9e869292e8f76a1b9fc3468d9a6d78191eee6d88aaafda916dafd6629ab9cb1753c5f893d09b3e0ddab10a78dcda778d37f406fe7450744960a36c1507d9d46e68dd3f796759c9bb9a4359a91d35c72fc5d02f4a9bf280a1c7e468423e7f1c7e5"})
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x844}, 0x20040080)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f00000001c0)=@sr0, r7, &(0x7f00000004c0)='./file0\x00')
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f0000000000)='./file0\x00', 0x0)

4.44470317s ago: executing program 4 (id=484):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf, 0x0, 0x0, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x1b, 0x8, 0x0, 0x0}}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='map_files\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xa, 0xc, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x18, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
getdents64(r1, &(0x7f0000000080)=""/95, 0x5f)
unlinkat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x200)
utimes(0x0, 0x0)
dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'})
inotify_rm_watch(0xffffffffffffffff, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a30000000000800054000000000080008400000000014000000110001"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.345145768s ago: executing program 4 (id=485):
socket$kcm(0x29, 0x0, 0x0)
r0 = add_key$user(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000000c0)='5', 0x1, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_config_ext={0xff, 0x7}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x82}, 0x2004400d)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000800)={0x60, 0x5, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
write$binfmt_aout(r3, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xa, "0062ba7d82000000160000000000f738096304"})
r4 = syz_open_pts(r3, 0x900)
r5 = dup3(r4, r3, 0x80000)
rt_sigpending(&(0x7f00000002c0), 0x8)
read(r5, &(0x7f00000000c0)=""/226, 0xe2)
read$watch_queue(r5, &(0x7f0000001d40)=""/4095, 0xfdef)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0x889e, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=r5, @ANYRESDEC], &(0x7f0000000500)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8002}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

4.32093012s ago: executing program 1 (id=486):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'erspan0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x5, 0x2, 0x943b}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r1, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r1}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

4.294853292s ago: executing program 0 (id=487):
openat$urandom(0xffffffffffffff9c, 0x0, 0x840000, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETVESABLANK(r2, 0x560e, &(0x7f0000000140))

4.046073022s ago: executing program 3 (id=490):
ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000040))
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3, 0x30, 0xffffffffffffffff, 0x9111b000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0xa04710, &(0x7f00000008c0)={[{@user_xattr}, {@errors_remount}, {@noblock_validity}, {@block_validity}, {@mblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0x6377}}, {@nodelalloc}, {@delalloc}, {@prjquota}, {@jqfmt_vfsold}]}, 0x0, 0x448, &(0x7f0000000bc0)="$eJzs28tvG8UfAPDvrpP29+sroZRHS4FAQUQ8kiYt0AMXEEgcQEKCQzkGJ61K3QY1QaJVBAGhckSVuCOOSPwFnOCCgBMSV7ijShXk0sIpaNe7qePGbh4OTuPPR9p2xjv2zNez453d2QTQs4ayf5KIPRHxW0QM1LPLCwzV/7uxMFf9e2GumsTi4pt/Jnm56wtz1bJo+b7dRWY4jUg/TYpKlpu5eOnsRK02daHIj86ee2905uKlZ86cmzg9dXrq/PiJE8ePjT3/3Pizqw8mSVru2pu19dCH04cPvvr2lderJ6+889M3Wek9xf7GODYibUgPZYH/tZhrLvd4JyrbQvY2pJO+25dha6hERNZd/fn4H4hK3Oy8gXjlk642DthU2blpZ+vd84vANpZEt1sAdEd5os+uf8vtP5p6bAnXXqxfAF1P5qo3FupbfU/f0rV8/yZeuw5FxMn5f77MtujgfQgAgFa+y+Y/T680/0vj3oZy+4q1ocGIuCsi9kfE3RFxICLuicjL3hcR999SQ9q2/ualoVvnP+nVdQe3Ctn874VibWv5/G+p3YOVIrc3j78/OXWmNnW0+E6Go39nlh9rU8f3L//6eat9jfO/bMvqL+eCRTuu9jXdoJucmJ3IJ6UdcO3jiEN9K8WfLK0EJBFxMCIOre2j95WJM09+fbhVodvH30aLdaa1WPwq4ol6/89HU/ylpP365Oj/ojZ1dLQ8Km718y+X32hV/4bi74Cs/3ctP/6biwwmjeu1M2uv4/Lvn7W8plnv8b8jeSvvlx3Fax9MzM5eGIvYkbyW55e9Pn7zvWW+LJ/FP3xk5fG/v3hPVs8DEZEdxA9GxEMR8XDR9kci4tGIONIm/h9feuzd9ce/ubL4J1f8/Vs6/pv6f+2Jytkfvm1V/+r6/3ieGi5eyX//bmO1DdzIdwcAAAB3ijR/Bj5JR5bSaToyUn+G/0DsSmvTM7NPnZp+//xk/Vn5wehPyztdAw33Q8eS+eIT6/nx4l5xuf9Ycd/4i8r/8/xIdbo22eXYodftbjH+M39Uut06YNN1YB0NuEM1j//2j2wA24nzP/Qu4x96l/EPvWul8f9RU95aAGxPzv/Qu4x/6F3GP/Qu4x960kb+rl+ilxORbolmSGxSotu/TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xbwAAAP//Q+vspg==")
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0xfffffe44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000802800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
shmget$private(0x0, 0x4000, 0x2, &(0x7f00006ff000/0x4000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)

4.045218812s ago: executing program 1 (id=500):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$binfmt_misc(r2, 0x0, 0xfffffecc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x40}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000004050003000000000008000140000000092c00018008000100636d7000200002800c00038005000100ac000000080001400000000c08000240000000000900010073797a300000000014000000110001"], 0xf8}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

3.925109442s ago: executing program 1 (id=491):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
syz_usbip_server_init(0xaa7f3cec63cbb9d)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={0x0, 0x0, 0x7f})
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x2, 0x84)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r3, 0x1, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
listen(r1, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r7}, 0x10)
syz_usb_disconnect(0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r6, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

3.797061142s ago: executing program 4 (id=492):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1f8d02, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_usb_connect$cdc_ecm(0x5, 0x8c, &(0x7f0000000b00)=ANY=[@ANYBLOB="12015002020000202505a1a440000102030109027a0001013c007a0904000103020600fb0524060000052400ff010d240f0109000000ff7f02000308241c0300080000052415090005241509000a2407e2be0009000600082407ce0500018012010100000003000500090001000200010009058103080604d4ff09058202ff033bcc0409050302000210080360a466ce97625d5c65a423bb14348c3801188eb4b009968a816859ade9a84e04929fe11776ac11e9b1898877cdc349b7827a3c43ce907079ccc2193c3ed51d8b464f58e3"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x280008a, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c726f6469722c73686f72866e616d653d6d697865642c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=mixed,uni_xlate=0,shortname=winnt,\x00'], 0x96, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
socket(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
io_setup(0x281, &(0x7f0000000100))
syz_usb_disconnect(r0)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000001440), 0x800, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=rdma'])

3.680326562s ago: executing program 3 (id=493):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x581, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4d814}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x1f, 0x7fffffff}, @IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x7}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000540)={'bond_slave_1\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000005c0)={r5, 0x11, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0x0, 0xa}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r5, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9, 0x0, 0x100}, 0x18)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, 0x0, 0x0)
r10 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r10, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

3.402920994s ago: executing program 0 (id=494):
creat(0x0, 0xd931d3864d39dcca)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000001cd7e027beae10b39f70670f89e2d44c1bdb7a8aa42c3466b96e2b0738cf99fefbca5b2e6779e9154ff60e5df03f00919f6dc370b4c08da19c38e4e49f5d6ba8bc052499dcfeb38d5e50", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r2, 0x1)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(r2, 0x0, 0x0, 0x400000000000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
lsm_get_self_attr(0x66, 0x0, &(0x7f0000000640), 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
time(&(0x7f0000000180))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r5, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)

3.402464604s ago: executing program 0 (id=495):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d5304944)
write$binfmt_script(r0, &(0x7f0000000600)={'#! ', './file0'}, 0xb)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_open(&(0x7f0000000080)='$@\x00', 0x40, 0xb4, 0x0)
mq_open(&(0x7f0000000140)='$@\x00', 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x8800)
ioctl$EVIOCREVOKE(r1, 0x40044591, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000000c0)={0xa0000010})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
mq_timedsend(r3, &(0x7f0000000600)="6d12483bb95dab4d", 0x8, 0x6, 0x0)
mq_timedreceive(r3, &(0x7f000001d600)=""/102389, 0x18ff5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))

3.378881816s ago: executing program 2 (id=496):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})
syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r6=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @local}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000100), 0x1, 0x200)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000095000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000940)={'gre0\x00', &(0x7f0000000a40)={'sit0\x00', 0x0, 0xd695bb75570cde87, 0x6, 0x2, 0x3, {{0x5, 0x4, 0x3, 0x2, 0x14, 0x68, 0x0, 0x0, 0x4, 0x0, @multicast2, @private=0xa010100}}}})
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001b00)=@getchain={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050)

3.368188887s ago: executing program 0 (id=497):
bind$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e22, 0x2, @empty, 0x8}, 0x1c)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x0, {{@in=@multicast2, @in6=@empty, 0x1fe, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x8, 0x0, 0x2, 0x40}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
inotify_add_watch(0xffffffffffffffff, 0x0, 0x40000000)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
accept$inet6(r3, &(0x7f0000000580)={0xa, 0x0, 0x0, @private1}, &(0x7f00000005c0)=0x1c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110490000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000600)=[{0x200000000006, 0x0, 0x2, 0x7ffc1ff9}]})
getitimer(0x1, &(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x300, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

3.270961115s ago: executing program 2 (id=498):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
fallocate(r0, 0x10, 0x160483b7, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
unshare(0x42000000)
syz_clone3(&(0x7f00000003c0)={0x44084000, &(0x7f00000000c0), &(0x7f0000000100), 0x0, {0x3}, 0x0, 0x0, &(0x7f0000000240)=""/9, &(0x7f0000000380), 0x0, {r0}}, 0x58)

2.720139149s ago: executing program 3 (id=499):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="dcf204d80000000000000000371eb26b8bc47890707531a8607476771d495683307a110a50121a71b5ec6c1e801a294fb561261ef961c073ef8ae2f6fed6f11ea8f7c4d348b16a7140cc9d932ce6bb10739ab13c416b7f0e3b94c616760c546ae7dbe63d2810347614c7b8c85651476c24784daee81e8157ee0671f6adefc15706c0ac8a6c"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a0000200"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001b80)=""/4096, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x10001, <r1=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00006a"], 0xfe33)
r3 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
fcntl$addseals(r3, 0x409, 0xb)

2.506632747s ago: executing program 3 (id=501):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000a40)={0x0, 0x4661, 0x800, 0x3, 0x20e}, &(0x7f0000000540)=<r4=>0x0, &(0x7f0000000680)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20}}}}}}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r1, r2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={<r7=>0x0, 0x0, <r8=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005540)=[{{&(0x7f0000000740)=@abs={0x0, 0x0, 0x4e22}, 0x6e, 0x0, 0x0, &(0x7f0000000980)=[@cred={{0x1c, 0x1, 0x2, {r7, 0x0, r8}}}], 0x20, 0xfc185d954243f3b0}}], 0x1, 0x4)
getegid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x78d, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqznW5cDkidkEzNllY2R3N6H6hJ1uddkt7OlpIdkcztrnQ5R0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD/E3wEAAP//ZtggJQ==")

2.366861558s ago: executing program 2 (id=502):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
gettid()
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_io_uring_setup(0x37, &(0x7f0000000080)={0x0, 0x36c4, 0x10100}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0)

2.366110878s ago: executing program 1 (id=503):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x4, 0xffffffff}, 0x1320, 0x1, 0x3, 0x5, 0x0, 0x800001, 0x9, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc048)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1000000, 0x10, r2, 0x4e06b000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}, {@stripe={'stripe', 0x3d, 0x2}}, {@jqfmt_vfsold}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000540)={0x0, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x44110)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000700)={[{@grpid}, {@orlov}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
r6 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
fchown(r6, 0xffffffffffffffff, 0xee01)
write$RDMA_USER_CM_CMD_NOTIFY(r6, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
symlink(&(0x7f0000002500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.753510248s ago: executing program 0 (id=504):
socket$kcm(0x29, 0x0, 0x0)
r0 = add_key$user(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000000c0)='5', 0x1, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_config_ext={0xff, 0x7}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x82}, 0x2004400d)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000800)={0x60, 0x5, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
write$binfmt_aout(r3, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xa, "0062ba7d82000000160000000000f738096304"})
r4 = syz_open_pts(r3, 0x900)
r5 = dup3(r4, r3, 0x80000)
rt_sigpending(&(0x7f00000002c0), 0x8)
read(r5, &(0x7f00000000c0)=""/226, 0xe2)
read$watch_queue(r5, &(0x7f0000001d40)=""/4095, 0xfdef)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0x889e, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=r5, @ANYRESDEC], &(0x7f0000000500)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8002}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

1.753273078s ago: executing program 3 (id=505):
openat$urandom(0xffffffffffffff9c, 0x0, 0x840000, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETVESABLANK(r2, 0x560e, &(0x7f0000000140))

1.500725848s ago: executing program 2 (id=506):
getpid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x82000, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}, 0x48000)
sendmsg$kcm(r4, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000005c0)="96", 0x1}], 0x1}, 0x1)
r5 = dup(r3)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f00000007c0)={0x2, {0x2, 0x101, 0x0, 0x101}})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
request_key(&(0x7f0000000540)='user\x00', &(0x7f0000000580)={'syz', 0x2}, &(0x7f00000005c0)='\x00', 0xffffffffffffffff)
r7 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r8, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)

1.457583351s ago: executing program 1 (id=507):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x488c, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000640)={r1, &(0x7f00000003c0), 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
ioctl$TCSETSW2(r0, 0x5453, 0x0)

1.23147881s ago: executing program 2 (id=508):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000004000000000000000000000300000000030000000300000000000101010000000000000800000000010000000100000506000000010000000200000000000000005f"], 0x0, 0x58, 0x0, 0xa}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r5 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

254.986829ms ago: executing program 3 (id=509):
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
close(0x3)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4044000)
sendto$inet6(r3, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
write(r1, &(0x7f0000000740)="cc", 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
openat(r1, &(0x7f0000000300)='./bus/file0\x00', 0xa4001, 0x0)
sync()
mount$9p_unix(&(0x7f0000000000)='\x00', &(0x7f0000000040)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=unix'])
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

111.241561ms ago: executing program 1 (id=510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r5}, &(0x7f0000000400), &(0x7f0000000440)='%-010d \x00'}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r6)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x24, r7, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)

50.384646ms ago: executing program 2 (id=511):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x10)
write$sndseq(r3, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x1, 0x0, @time={0xffffffff}, {0x4}, {0x0, 0x4}, @time=@tick=0x3}, {0xff, 0x0, 0x0, 0x0, @time={0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @raw32={[0x0, 0xffffffff, 0x5df]}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {}, @quote={{0x0, 0xfe}}}, {0x0, 0x0, 0x0, 0x5, @time, {0x2}, {0x0, 0x9}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @connect}], 0xc4)
read$snapshot(r3, 0x0, 0xffffffbf)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x8c55, &(0x7f0000000600))
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2c0, 0x2e8, 0x2e8, 0x2c0, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xc0], [], 'geneve1\x00', 'macsec0\x00', {}, {}, 0x0, 0x0, 0x0, 0x29}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x47, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@broadcast, 'veth1_to_bridge\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x8, 0x4, 0xa5a, 0x160a, 0x800, 0x81, 0x3, 0x2]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x100, 0x0, 0x0, 0x4, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='f2fs_background_gc\x00', r3, 0x0, 0x1}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)

0s ago: executing program 4 (id=512):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
fallocate(r0, 0x10, 0x160483b7, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
unshare(0x42000000)
syz_clone3(&(0x7f00000003c0)={0x44084000, &(0x7f00000000c0), &(0x7f0000000100), 0x0, {0x3}, 0x0, 0x0, &(0x7f0000000240)=""/9, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, {r0}}, 0x58)

kernel console output (not intermixed with test programs):

[ T3481] loop3: detected capacity change from 0 to 1024
[   41.523095][ T3434] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.566237][ T3481] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   41.582399][ T3434] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.617302][ T3481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.633195][ T3434] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.642488][ T3434] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.651260][ T3434] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.660801][ T3434] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.678236][ T3434] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.164604][ T3502] mmap: syz.0.8 (3502) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   42.232015][ T3503] bridge1: entered promiscuous mode
[   42.237326][ T3503] bridge1: entered allmulticast mode
[   42.351435][ T3508] loop0: detected capacity change from 0 to 512
[   42.373612][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.383541][ T3508] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   42.419395][ T3508] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.9: bad orphan inode 15
[   42.442182][ T3508] ext4_test_bit(bit=14, block=18) = 1
[   42.447683][ T3508] is_bad_inode(inode)=0
[   42.451971][ T3508] NEXT_ORPHAN(inode)=1023
[   42.456305][ T3508] max_ino=32
[   42.459678][ T3508] i_nlink=0
[   42.504370][ T3508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[   42.522603][ T3508] ext2 filesystem being mounted at /2/�q�Y�3aK supports timestamps until 2038-01-19 (0x7fffffff)
[   42.528600][ T3514] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3514 comm=syz.3.10
[   42.640352][ T3517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10'.
[   42.680364][ T3517] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.687808][ T3517] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.728129][ T3517] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.735934][ T3517] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.798006][ T3520] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.814683][ T3520] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   42.826735][ T3520] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   43.069742][ T3528] loop2: detected capacity change from 0 to 512
[   43.076792][ T3528] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   43.091433][ T3528] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.112252][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   43.134361][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   43.157110][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   43.195604][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[   43.198448][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   43.224986][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   43.272413][ T3538] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   43.278983][ T3538] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   43.286670][ T3538] vhci_hcd vhci_hcd.0: Device attached
[   43.296592][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   43.324541][ T3538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17'.
[   43.349770][ T3539] vhci_hcd: connection closed
[   43.350148][   T12] vhci_hcd: stop threads
[   43.359215][   T12] vhci_hcd: release socket
[   43.363649][   T12] vhci_hcd: disconnect device
[   43.379228][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   43.402069][ T3528] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.15: lblock 23 mapped to illegal pblock 18 (length 1)
[   43.417723][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   43.439836][ T3528] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.15: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   43.939115][ T3313] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   43.956456][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.012913][ T3546] syzkaller0: entered promiscuous mode
[   44.018539][ T3546] syzkaller0: entered allmulticast mode
[   44.168604][ T3555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'.
[   44.202044][ T3558] loop0: detected capacity change from 0 to 128
[   44.254336][ T3565] netlink: 4 bytes leftover after parsing attributes in process `syz.4.22'.
[   44.264986][ T3565] netlink: 32 bytes leftover after parsing attributes in process `syz.4.22'.
[   44.289982][ T3566] syz.0.21: attempt to access beyond end of device
[   44.289982][ T3566] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[   44.311345][ T3569] SELinux:  Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped).
[   44.321995][ T3566] syz.0.21: attempt to access beyond end of device
[   44.321995][ T3566] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[   44.339438][ T3566] syz.0.21: attempt to access beyond end of device
[   44.339438][ T3566] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[   44.353024][ T3566] syz.0.21: attempt to access beyond end of device
[   44.353024][ T3566] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[   44.366837][ T3566] syz.0.21: attempt to access beyond end of device
[   44.366837][ T3566] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[   44.381956][ T3566] syz.0.21: attempt to access beyond end of device
[   44.381956][ T3566] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[   44.402495][ T3566] syz.0.21: attempt to access beyond end of device
[   44.402495][ T3566] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[   44.420325][ T3566] syz.0.21: attempt to access beyond end of device
[   44.420325][ T3566] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[   44.443406][ T3566] syz.0.21: attempt to access beyond end of device
[   44.443406][ T3566] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[   44.456968][ T3566] syz.0.21: attempt to access beyond end of device
[   44.456968][ T3566] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[   44.461053][ T3576] netlink: 5 bytes leftover after parsing attributes in process `syz.3.26'.
[   44.520040][ T3579] loop0: detected capacity change from 0 to 1024
[   44.538163][ T3579] EXT4-fs: Ignoring removed nomblk_io_submit option
[   44.564390][ T3579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.705696][ T3561] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   45.518689][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.638854][ T3609] loop0: detected capacity change from 0 to 512
[   45.648606][ T3609] =======================================================
[   45.648606][ T3609] WARNING: The mand mount option has been deprecated and
[   45.648606][ T3609]          and is ignored by this kernel. Remove the mand
[   45.648606][ T3609]          option from the mount to silence this warning.
[   45.648606][ T3609] =======================================================
[   45.685644][ T3609] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   45.702347][ T3609] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.31: bg 0: block 131: padding at end of block bitmap is not set
[   45.723479][ T3609] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   45.742055][ T3609] EXT4-fs (loop0): 1 truncate cleaned up
[   45.748066][ T3609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.809767][ T3619] RDS: rds_bind could not find a transport for 0:0:200::1, load rds_tcp or rds_rdma?
[   45.930630][ T3621] serio: Serial port ptm0
[   45.968726][   T29] kauditd_printk_skb: 519 callbacks suppressed
[   45.968777][   T29] audit: type=1400 audit(1754568649.703:611): avc:  denied  { bind } for  pid=3618 comm="syz.2.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   45.994172][   T29] audit: type=1326 audit(1754568649.693:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.1.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036f37add9 code=0x7ffc0000
[   46.017343][   T29] audit: type=1326 audit(1754568649.723:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ab8d15ba7 code=0x7ffc0000
[   46.040868][   T29] audit: type=1326 audit(1754568649.723:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ab8cbadd9 code=0x7ffc0000
[   46.064314][   T29] audit: type=1326 audit(1754568649.733:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.1.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f036f3d5ba7 code=0x7ffc0000
[   46.087988][   T29] audit: type=1326 audit(1754568649.733:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ab8d15ba7 code=0x7ffc0000
[   46.111060][   T29] audit: type=1326 audit(1754568649.753:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ab8cbadd9 code=0x7ffc0000
[   46.134215][   T29] audit: type=1326 audit(1754568649.753:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.1.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f036f37add9 code=0x7ffc0000
[   46.157979][   T29] audit: type=1326 audit(1754568649.753:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ab8d15ba7 code=0x7ffc0000
[   46.181672][   T29] audit: type=1326 audit(1754568649.763:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3608 comm="syz.0.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ab8cbadd9 code=0x7ffc0000
[   46.298126][ T3605] netlink: 12 bytes leftover after parsing attributes in process `syz.4.32'.
[   46.715608][ T3628] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12592 sclass=netlink_route_socket pid=3628 comm=syz.2.37
[   46.730280][ T3628] batadv_slave_0: entered promiscuous mode
[   46.805153][ T3628] netlink: 8 bytes leftover after parsing attributes in process `syz.2.37'.
[   46.816712][ T3628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.37'.
[   46.826368][ T3628] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.852861][ T3628] batadv_slave_0 (unregistering): left promiscuous mode
[   46.868857][ T3628] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.880636][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.928938][ T3632] loop4: detected capacity change from 0 to 164
[   46.946154][ T3632] netlink: 'syz.4.39': attribute type 2 has an invalid length.
[   46.953823][ T3632] netlink: 'syz.4.39': attribute type 1 has an invalid length.
[   46.961484][ T3632] netlink: 155600 bytes leftover after parsing attributes in process `syz.4.39'.
[   47.007589][ T3637] netlink: 12 bytes leftover after parsing attributes in process `syz.2.40'.
[   47.021011][ T3637] netlink: 28 bytes leftover after parsing attributes in process `syz.2.40'.
[   47.029961][ T3637] netlink: 28 bytes leftover after parsing attributes in process `syz.2.40'.
[   47.056960][ T3639] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   47.131992][ T3645] netlink: 5 bytes leftover after parsing attributes in process `syz.2.42'.
[   47.147367][ T3645] 0��{X��: renamed from gretap0 (while UP)
[   47.189661][ T3645] 0��{X��: entered allmulticast mode
[   47.210485][ T3645] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[   47.250831][ T3639] SELinux: failed to load policy
[   47.414159][ T3653] loop0: detected capacity change from 0 to 512
[   47.427329][ T3653] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.444381][ T3653] EXT4-fs (loop0): failed to initialize system zone (-117)
[   47.462363][ T3653] EXT4-fs (loop0): mount failed
[   47.534709][ T3658] loop4: detected capacity change from 0 to 512
[   47.567623][ T3658] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   47.588684][ T3658] EXT4-fs (loop4): orphan cleanup on readonly fs
[   47.602017][ T3658] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.47: corrupted inode contents
[   47.614073][ T3658] EXT4-fs (loop4): Remounting filesystem read-only
[   47.621059][ T3658] EXT4-fs (loop4): 1 truncate cleaned up
[   47.627033][   T58] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   47.637728][   T58] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   47.648492][   T58] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   47.659494][ T3658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.672942][ T3658] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.686073][ T3669] netlink: 104 bytes leftover after parsing attributes in process `syz.1.50'.
[   47.696348][ T3669] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   47.967840][ T3673] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.51'.
[   47.980195][ T3674] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.51'.
[   48.136383][ T3662] Set syz1 is full, maxelem 65536 reached
[   48.351641][ T3678] netlink: 'syz.4.53': attribute type 13 has an invalid length.
[   48.365749][ T3678] erspan0: refused to change device tx_queue_len
[   48.373186][ T3678] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   48.632080][ T3683] syz.1.55 (3683) used greatest stack depth: 10736 bytes left
[   48.659403][   T36] IPVS: starting estimator thread 0...
[   48.758397][ T3691] IPVS: using max 2304 ests per chain, 115200 per kthread
[   48.765731][ T3694] 0��{X��: renamed from gretap0 (while UP)
[   48.774520][ T3694] 0��{X��: entered allmulticast mode
[   48.785211][ T3694] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[   48.812115][ T3699] loop3: detected capacity change from 0 to 512
[   48.829792][ T3699] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   48.923450][ T3707] syz.2.62 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   48.941616][ T3699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.972790][ T3710] capability: warning: `syz.1.64' uses deprecated v2 capabilities in a way that may be insecure
[   48.989658][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   49.011950][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   49.034039][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   49.057631][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 14: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   49.113968][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 15: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   49.145188][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   49.168716][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 17: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   49.191743][ T3699] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 18: comm syz.3.61: lblock 23 mapped to illegal pblock 18 (length 1)
[   49.207519][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 19: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   49.231199][ T3699] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 20: comm syz.3.61: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   49.754717][ T3309] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   49.772032][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.830949][ T3718] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.847168][ T3720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.859913][ T3718] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.869456][ T3720] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.881465][ T3718] loop3: detected capacity change from 0 to 256
[   49.891454][ T3720] loop2: detected capacity change from 0 to 256
[   49.899359][ T3718] vfat: Unknown parameter 'shor�name'
[   49.913286][ T3720] vfat: Unknown parameter 'shor�name'
[   50.915842][ T3724] netlink: 'syz.1.68': attribute type 13 has an invalid length.
[   50.924072][ T3724] erspan0: refused to change device tx_queue_len
[   50.937364][ T3724] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   51.246327][   T29] kauditd_printk_skb: 856 callbacks suppressed
[   51.246347][   T29] audit: type=1326 audit(1754568655.133:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.289010][   T29] audit: type=1326 audit(1754568655.133:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.312507][   T29] audit: type=1326 audit(1754568655.133:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.335983][   T29] audit: type=1326 audit(1754568655.133:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.359613][   T29] audit: type=1326 audit(1754568655.133:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.383294][   T29] audit: type=1326 audit(1754568655.133:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.406698][   T29] audit: type=1326 audit(1754568655.133:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.430009][   T29] audit: type=1326 audit(1754568655.133:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.453248][   T29] audit: type=1326 audit(1754568655.133:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc54faebe9 code=0x7ffc0000
[   51.477014][   T29] audit: type=1326 audit(1754568655.133:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3737 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdc54fad550 code=0x7ffc0000
[   51.529311][ T3743] loop4: detected capacity change from 0 to 512
[   51.538112][ T3742] netlink: 'syz.0.73': attribute type 2 has an invalid length.
[   51.545828][ T3742] netlink: 'syz.0.73': attribute type 1 has an invalid length.
[   51.553966][ T3743] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.565113][ T3743] EXT4-fs: old and new quota format mixing
[   51.822553][ T3761] loop4: detected capacity change from 0 to 512
[   51.834466][ T3761] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   51.848872][ T3761] EXT4-fs (loop4): orphan cleanup on readonly fs
[   51.858553][ T3764] netlink: 'syz.0.81': attribute type 3 has an invalid length.
[   51.859948][ T3761] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.80: Block bitmap for bg 0 marked uninitialized
[   51.879669][ T3761] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   51.890260][ T3761] EXT4-fs (loop4): 1 orphan inode deleted
[   51.896599][ T3761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.915156][ T3761] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   51.925794][ T3761] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   51.944913][ T3761] netlink: 'syz.4.80': attribute type 4 has an invalid length.
[   51.989456][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.049425][ T3770] loop4: detected capacity change from 0 to 1024
[   52.071218][ T3770] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   52.094019][ T3770] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.124721][ T3774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.126694][ T3770] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.83: missing EA_INODE flag
[   52.133276][ T3774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.156902][ T3770] EXT4-fs (loop4): Remounting filesystem read-only
[   52.163736][ T3770] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   53.415535][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.460531][ T3785] __nla_validate_parse: 10 callbacks suppressed
[   53.460551][ T3785] netlink: 132 bytes leftover after parsing attributes in process `syz.4.86'.
[   53.540456][ T3789] netlink: 5 bytes leftover after parsing attributes in process `syz.1.88'.
[   53.549558][ T3789] 0��{X��: renamed from gretap0 (while UP)
[   53.558597][ T3789] 0��{X��: entered allmulticast mode
[   53.564673][ T3789] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[   53.631695][ T3792] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.85'.
[   53.654560][ T3787] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.85'.
[   53.742402][ T3799] netlink: 88 bytes leftover after parsing attributes in process `syz.4.90'.
[   53.792536][ T3805] netlink: 'syz.1.93': attribute type 4 has an invalid length.
[   53.883034][ T3810] SELinux: failed to load policy
[   53.906032][ T3813] loop4: detected capacity change from 0 to 1024
[   53.917869][ T3813] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   53.945361][ T3813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.976003][ T3813] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.96: missing EA_INODE flag
[   53.988267][ T3813] EXT4-fs (loop4): Remounting filesystem read-only
[   54.117197][ T3825] loop2: detected capacity change from 0 to 512
[   54.149045][ T3825] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   54.365542][ T3825] EXT4-fs (loop2): orphan cleanup on readonly fs
[   54.384178][ T3825] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.99: corrupted inode contents
[   54.484585][ T3825] EXT4-fs (loop2): Remounting filesystem read-only
[   54.552807][ T3831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.110'.
[   54.563826][ T3825] EXT4-fs (loop2): 1 truncate cleaned up
[   54.572047][   T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.582733][   T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.598279][   T58] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   54.611586][ T3825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   54.624074][ T3831] hsr_slave_0 (unregistering): left promiscuous mode
[   54.636180][ T3825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.713575][ T3839] loop2: detected capacity change from 0 to 512
[   54.753228][ T3843] netlink: 132 bytes leftover after parsing attributes in process `syz.1.114'.
[   54.793375][ T3839] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   54.794727][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.802972][ T3839] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.102: bad orphan inode 15
[   54.821358][ T3839] ext4_test_bit(bit=14, block=18) = 1
[   54.826755][ T3839] is_bad_inode(inode)=0
[   54.831201][ T3839] NEXT_ORPHAN(inode)=1023
[   54.835551][ T3839] max_ino=32
[   54.838837][ T3839] i_nlink=0
[   54.843041][ T3839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[   54.859728][ T3839] ext2 filesystem being mounted at /21/�q�Y�3aK supports timestamps until 2038-01-19 (0x7fffffff)
[   54.946195][ T3841] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.103'.
[   54.955971][ T3845] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.103'.
[   55.132526][ T3856] netlink: 'syz.1.106': attribute type 4 has an invalid length.
[   55.186146][ T3859] SELinux: failed to load policy
[   55.196470][ T3863] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   55.203092][ T3863] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   55.210771][ T3863] vhci_hcd vhci_hcd.0: Device attached
[   55.222614][ T3860] netlink: 'syz.1.120': attribute type 4 has an invalid length.
[   55.223252][ T3863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.108'.
[   55.244786][ T3864] vhci_hcd: connection closed
[   55.245015][   T58] vhci_hcd: stop threads
[   55.254194][   T58] vhci_hcd: release socket
[   55.258737][   T58] vhci_hcd: disconnect device
[   55.394394][ T3875] loop4: detected capacity change from 0 to 128
[   55.404237][ T3875] FAT-fs (loop4): Directory bread(block 162) failed
[   55.421214][ T3875] FAT-fs (loop4): Directory bread(block 163) failed
[   55.428580][ T3875] FAT-fs (loop4): Directory bread(block 164) failed
[   55.435442][ T3875] FAT-fs (loop4): Directory bread(block 165) failed
[   55.442796][ T3875] FAT-fs (loop4): Directory bread(block 166) failed
[   55.450689][ T3875] FAT-fs (loop4): Directory bread(block 167) failed
[   55.457413][ T3875] FAT-fs (loop4): Directory bread(block 168) failed
[   55.464291][ T3875] FAT-fs (loop4): Directory bread(block 169) failed
[   55.474245][ T3875] FAT-fs (loop4): Directory bread(block 162) failed
[   55.481806][ T3875] FAT-fs (loop4): Directory bread(block 163) failed
[   55.485247][ T3877] lo speed is unknown, defaulting to 1000
[   55.489059][ T3875] bio_check_eod: 101 callbacks suppressed
[   55.489077][ T3875] syz.4.112: attempt to access beyond end of device
[   55.489077][ T3875] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[   55.495603][ T3877] lo speed is unknown, defaulting to 1000
[   55.500312][ T3875] syz.4.112: attempt to access beyond end of device
[   55.500312][ T3875] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[   55.535362][ T3877] lo speed is unknown, defaulting to 1000
[   55.542764][ T3877] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   55.550775][ T3877] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   55.562854][ T3877] lo speed is unknown, defaulting to 1000
[   55.573019][ T3877] lo speed is unknown, defaulting to 1000
[   55.579434][ T3877] lo speed is unknown, defaulting to 1000
[   55.585754][ T3877] lo speed is unknown, defaulting to 1000
[   55.592380][ T3877] lo speed is unknown, defaulting to 1000
[   55.593440][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[   55.620440][ T3877] syz.3.113 (3877) used greatest stack depth: 10712 bytes left
[   55.655151][ T3882] loop3: detected capacity change from 0 to 512
[   55.679113][ T3882] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   55.687184][ T3882] EXT4-fs (loop3): orphan cleanup on readonly fs
[   55.695330][ T3882] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.117: corrupted inode contents
[   55.707422][ T3882] EXT4-fs (loop3): Remounting filesystem read-only
[   55.714131][ T3882] EXT4-fs (loop3): 1 truncate cleaned up
[   55.719952][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.730637][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.741360][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   55.752287][ T3882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   55.765654][ T3882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.013515][ T3902] bridge1: entered promiscuous mode
[   56.018787][ T3902] bridge1: entered allmulticast mode
[   56.069625][ T3904] netlink: 'syz.2.123': attribute type 12 has an invalid length.
[   56.103672][ T3907] loop2: detected capacity change from 0 to 512
[   56.117678][ T3907] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   56.148657][ T3907] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.161597][ T3907] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.124: Block bitmap for bg 0 marked uninitialized
[   56.181324][ T3907] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   56.198131][ T3907] EXT4-fs (loop2): 1 orphan inode deleted
[   56.210822][ T3907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   56.225444][ T3907] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   56.256989][   T29] kauditd_printk_skb: 478 callbacks suppressed
[   56.257007][   T29] audit: type=1400 audit(1754568660.143:1946): avc:  denied  { mount } for  pid=3911 comm="syz.4.126" name="/" dev="ramfs" ino=6653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   56.264492][ T3907] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   56.313651][ T3912] capability: warning: `syz.4.126' uses 32-bit capabilities (legacy support in use)
[   56.338792][ T3907] netlink: 'syz.2.124': attribute type 4 has an invalid length.
[   56.350264][   T29] audit: type=1326 audit(1754568660.243:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.394676][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.409757][   T29] audit: type=1326 audit(1754568660.273:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.433316][   T29] audit: type=1326 audit(1754568660.273:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.456695][   T29] audit: type=1326 audit(1754568660.273:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.480232][   T29] audit: type=1326 audit(1754568660.273:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.504106][   T29] audit: type=1326 audit(1754568660.273:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.527570][   T29] audit: type=1326 audit(1754568660.273:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.551091][   T29] audit: type=1326 audit(1754568660.273:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.574781][   T29] audit: type=1326 audit(1754568660.273:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3909 comm="syz.1.125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   56.782988][ T3917] batadv_slave_1: entered promiscuous mode
[   57.158223][ T3924] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[   57.164879][ T3924] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   57.172602][ T3924] vhci_hcd vhci_hcd.0: Device attached
[   57.208297][ T3925] vhci_hcd: connection closed
[   57.208548][   T12] vhci_hcd: stop threads
[   57.217536][   T12] vhci_hcd: release socket
[   57.222028][   T12] vhci_hcd: disconnect device
[   57.227498][ T3932] SELinux:  policydb version -957581230 does not match my version range 15-35
[   57.308397][ T3934] lo speed is unknown, defaulting to 1000
[   57.428528][ T3932] SELinux: failed to load policy
[   57.688941][ T3916] batadv_slave_1: left promiscuous mode
[   57.885206][ T3942] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   57.944983][ T3944] Illegal XDP return value 4294967274 on prog  (id 108) dev syz_tun, expect packet loss!
[   58.007688][ T3946] bridge_slave_0: left allmulticast mode
[   58.013682][ T3946] bridge_slave_0: left promiscuous mode
[   58.019679][ T3946] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.031547][ T3946] bridge_slave_1: left allmulticast mode
[   58.037249][ T3946] bridge_slave_1: left promiscuous mode
[   58.043000][ T3946] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.057722][ T3946] bond0: (slave bond_slave_0): Releasing backup interface
[   58.072936][ T3946] bond0: (slave bond_slave_1): Releasing backup interface
[   58.108117][ T3946] team0: Port device team_slave_0 removed
[   58.129038][ T3946] team0: Port device team_slave_1 removed
[   58.150015][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.157561][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_0
[   58.185989][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.193524][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_1
[   58.479929][ T3960] lo speed is unknown, defaulting to 1000
[   58.548724][ T3960] lo speed is unknown, defaulting to 1000
[   58.666727][ T3963] syz.3.144 uses obsolete (PF_INET,SOCK_PACKET)
[   58.848959][ T3966] SELinux: failed to load policy
[   58.856072][ T3969] loop4: detected capacity change from 0 to 512
[   58.869561][ T3969] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   58.885579][ T3969] EXT4-fs (loop4): orphan cleanup on readonly fs
[   58.892702][ T3969] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.145: Block bitmap for bg 0 marked uninitialized
[   58.907092][ T3969] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   58.917302][ T3969] EXT4-fs (loop4): 1 orphan inode deleted
[   58.924392][ T3969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   58.970645][ T3969] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   58.993356][ T3969] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   59.008395][ T3969] netlink: 'syz.4.145': attribute type 4 has an invalid length.
[   59.193880][ T3977] lo speed is unknown, defaulting to 1000
[   59.377924][ T3979] __nla_validate_parse: 6 callbacks suppressed
[   59.377939][ T3979] netlink: 14 bytes leftover after parsing attributes in process `syz.3.148'.
[   59.443153][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.729448][ T3991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.748725][ T3991] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.771694][ T3990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.151'.
[   59.786529][ T3991] loop4: detected capacity change from 0 to 256
[   59.805087][ T3991] vfat: Unknown parameter 'shor�name'
[   59.822408][ T3990] hsr_slave_0 (unregistering): left promiscuous mode
[   60.001066][ T4000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.010184][ T4000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.022456][ T4000] loop3: detected capacity change from 0 to 256
[   60.033292][ T4000] vfat: Unknown parameter 'shor�name'
[   60.249243][ T4008] lo speed is unknown, defaulting to 1000
[   60.571541][ T4016] siw: device registration error -23
[   61.039101][ T4028] loop2: detected capacity change from 0 to 512
[   61.046080][ T4028] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.060450][ T4028] EXT4-fs: old and new quota format mixing
[   61.113778][ T4031] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.184326][ T4031] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.251122][ T4031] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.301385][ T4031] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.378036][ T1569] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.392690][ T1569] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.406452][ T1569] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.428054][ T4037] bridge_slave_0: left allmulticast mode
[   61.433793][ T4037] bridge_slave_0: left promiscuous mode
[   61.439593][ T4037] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.450209][ T4037] bridge_slave_1: left allmulticast mode
[   61.455968][ T4037] bridge_slave_1: left promiscuous mode
[   61.461698][ T4037] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.471986][ T4037] bond0: (slave bond_slave_0): Releasing backup interface
[   61.488763][ T4037] bond0: (slave bond_slave_1): Releasing backup interface
[   61.514663][ T4037] team0: Port device team_slave_0 removed
[   61.545148][ T4037] team0: Port device team_slave_1 removed
[   61.563650][ T4037] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.571318][ T4037] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.580611][ T4037] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.588109][ T4037] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.616978][ T3434] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.691182][   T29] kauditd_printk_skb: 107 callbacks suppressed
[   61.691202][   T29] audit: type=1400 audit(1754568665.583:2063): avc:  denied  { create } for  pid=4045 comm="syz.2.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   61.749678][   T29] audit: type=1400 audit(1754568665.613:2064): avc:  denied  { connect } for  pid=4045 comm="syz.2.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   61.775260][ T4044] netlink: 8 bytes leftover after parsing attributes in process `syz.1.169'.
[   61.784947][ T4044] netlink: 'syz.1.169': attribute type 1 has an invalid length.
[   61.790590][   T29] audit: type=1326 audit(1754568665.643:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.793050][ T4044] netlink: 224 bytes leftover after parsing attributes in process `syz.1.169'.
[   61.816823][   T29] audit: type=1326 audit(1754568665.643:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.849168][   T29] audit: type=1326 audit(1754568665.643:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.872722][   T29] audit: type=1326 audit(1754568665.663:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.896204][   T29] audit: type=1326 audit(1754568665.663:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.919660][   T29] audit: type=1326 audit(1754568665.663:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.943021][   T29] audit: type=1326 audit(1754568665.663:2071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   61.966472][   T29] audit: type=1326 audit(1754568665.663:2072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4043 comm="syz.1.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f036f3debe9 code=0x7ffc0000
[   62.102443][ T4051] netlink: 14 bytes leftover after parsing attributes in process `syz.1.171'.
[   62.171103][ T4053] siw: device registration error -23
[   62.205144][ T4058] wireguard0: entered promiscuous mode
[   62.435146][ T4064] batadv_slave_1: entered promiscuous mode
[   62.575000][ T4067] loop2: detected capacity change from 0 to 1024
[   62.601756][ T4067] lo speed is unknown, defaulting to 1000
[   63.477169][ T4082] loop9: detected capacity change from 0 to 7
[   63.502166][ T4082] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.526782][ T4082] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.535081][ T4082]  loop9: unable to read partition table
[   63.555425][ T4062] batadv_slave_1: left promiscuous mode
[   63.575691][ T4084] bridge0: port 3(gretap0) entered blocking state
[   63.582259][ T4084] bridge0: port 3(gretap0) entered disabled state
[   63.600462][ T4082] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   63.600462][ T4082] 
) failed (rc=-5)
[   63.615942][ T3293] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.624647][ T3293] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.633613][ T3293] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.642923][ T4084] gretap0: entered allmulticast mode
[   63.649669][ T3293] Buffer I/O error on dev loop9, logical block 0, async page read
[   63.660238][ T4084] gretap0: entered promiscuous mode
[   63.665830][ T4084] bridge0: port 3(gretap0) entered blocking state
[   63.672445][ T4084] bridge0: port 3(gretap0) entered forwarding state
[   63.697782][ T3293] Buffer I/O error on dev loop9, logical block 0, async page read
[   64.007907][ T4094] lo speed is unknown, defaulting to 1000
[   64.111117][ T4094] lo speed is unknown, defaulting to 1000
[   64.408900][ T4092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.423567][ T4092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.614866][ T4101] siw: device registration error -23
[   64.650066][ T4100] netlink: 24 bytes leftover after parsing attributes in process `syz.4.186'.
[   64.659105][ T4100] netlink: 212 bytes leftover after parsing attributes in process `syz.4.186'.
[   64.696760][ T4106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.707564][ T4106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.719047][ T4106] loop2: detected capacity change from 0 to 256
[   64.723743][ T4109] loop4: detected capacity change from 0 to 1024
[   64.734109][ T4109] EXT4-fs: Ignoring removed orlov option
[   64.741532][ T4106] vfat: Unknown parameter 'shor�name'
[   64.776455][ T4109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.806118][ T4109] EXT4-fs: Ignoring sb option on remount
[   64.812019][ T4109] EXT4-fs: Ignoring removed orlov option
[   64.819357][ T4109] EXT4-fs: Ignoring removed nomblk_io_submit option
[   64.826336][ T4109] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[   64.837762][ T4109] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   64.945413][ T4109] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.190: bg 0: block 88: padding at end of block bitmap is not set
[   65.071906][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.102837][ T4119] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4119 comm=syz.4.191
[   65.155495][ T4121] netlink: 4 bytes leftover after parsing attributes in process `syz.4.191'.
[   65.155533][ T4120] netlink: 12 bytes leftover after parsing attributes in process `syz.3.201'.
[   65.199650][ T4123] netlink: 28 bytes leftover after parsing attributes in process `syz.3.192'.
[   65.264676][ T4124] batadv0: entered promiscuous mode
[   65.485560][ T4129] gretap0: left allmulticast mode
[   65.490906][ T4129] gretap0: left promiscuous mode
[   65.496249][ T4129] bridge0: port 3(gretap0) entered disabled state
[   65.516793][ T4129] bridge_slave_0: left allmulticast mode
[   65.522724][ T4129] bridge_slave_0: left promiscuous mode
[   65.528617][ T4129] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.539520][ T4129] bridge_slave_1: left allmulticast mode
[   65.539536][ T4133] netlink: 12 bytes leftover after parsing attributes in process `syz.1.196'.
[   65.554251][ T4129] bridge_slave_1: left promiscuous mode
[   65.560081][ T4129] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.571427][ T4129] bond0: (slave bond_slave_0): Releasing backup interface
[   65.583686][ T4129] bond0: (slave bond_slave_1): Releasing backup interface
[   65.686767][ T4129] team0: Port device team_slave_0 removed
[   65.701481][ T4129] team0: Port device team_slave_1 removed
[   65.733092][   T36] lo speed is unknown, defaulting to 1000
[   65.890483][ T4139] lo speed is unknown, defaulting to 1000
[   66.276139][ T4145] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.363114][ T4145] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.597531][ T4149] loop3: detected capacity change from 0 to 2048
[   66.614887][ T4145] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.631038][ T4149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.662233][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.690380][ T4145] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.707802][   T29] kauditd_printk_skb: 129 callbacks suppressed
[   66.707816][   T29] audit: type=1326 audit(1754568670.593:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.737703][   T29] audit: type=1326 audit(1754568670.593:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.738042][ T4154] loop3: detected capacity change from 0 to 256
[   66.769601][   T29] audit: type=1326 audit(1754568670.593:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.794181][   T29] audit: type=1326 audit(1754568670.593:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.800392][ T4154] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.817777][   T29] audit: type=1326 audit(1754568670.593:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.851937][   T29] audit: type=1326 audit(1754568670.593:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.870909][ T4154] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   66.875418][   T29] audit: type=1326 audit(1754568670.613:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.883922][ T4154] FAT-fs (loop3): Filesystem has been set read-only
[   66.914089][   T29] audit: type=1326 audit(1754568670.613:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.937787][   T29] audit: type=1326 audit(1754568670.613:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   66.961034][   T29] audit: type=1326 audit(1754568670.613:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4153 comm="syz.3.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   67.030169][   T58] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.050992][   T58] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.079733][   T58] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.097529][ T4156] netlink: 'syz.3.204': attribute type 1 has an invalid length.
[   67.180849][   T58] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.215690][ T4156] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.247360][ T4156] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.263099][ T4156] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   67.291420][ T4156] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   67.355342][ T4165] gretap1: entered promiscuous mode
[   67.381954][ T4165] bond1: (slave gretap1): making interface the new active one
[   67.411513][ T4165] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   67.436770][ T4167] macvlan2: entered promiscuous mode
[   67.442280][ T4167] macvlan2: entered allmulticast mode
[   67.482619][ T4167] bond1: entered promiscuous mode
[   67.501733][ T4167] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   67.531383][ T4167] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[   67.574556][ T4167] bond1: left promiscuous mode
[   67.643196][ T4167] syz.3.204 (4167) used greatest stack depth: 10448 bytes left
[   67.672455][ T4172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.701084][ T4172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.742098][ T4172] loop4: detected capacity change from 0 to 256
[   67.749973][ T4175] netlink: 12 bytes leftover after parsing attributes in process `syz.3.209'.
[   67.822712][ T4172] vfat: Unknown parameter 'shor�name'
[   68.032231][ T4181] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.579950][  T420] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[   68.690023][ T4181] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.891034][ T4181] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.608616][ T4181] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.636426][ T4199] futex_wake_op: syz.0.215 tries to shift op by -1; fix this program
[   69.671087][   T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.701560][   T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.718469][   T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.735146][   T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.766857][ T4205] netlink: 'syz.0.219': attribute type 4 has an invalid length.
[   69.812228][ T4209] Zero length message leads to an empty skb
[   69.872556][ T4201] SELinux: failed to load policy
[   69.942541][ T4217] siw: device registration error -23
[   70.029653][ T4228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.227'.
[   70.052084][ T4228] hsr_slave_0 (unregistering): left promiscuous mode
[   70.183824][ T4233] ------------[ cut here ]------------
[   70.189392][ T4233] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x17, 0x10] s64=[0x17, 0x10] u32=[0x17, 0x10] s32=[0x17, 0x10] var_off=(0x10, 0x0)(1)
[   70.206431][ T4233] WARNING: CPU: 1 PID: 4233 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[   70.216835][ T4233] Modules linked in:
[   70.221626][ T4233] CPU: 1 UID: 0 PID: 4233 Comm: syz.1.228 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[   70.233997][ T4233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.244172][ T4233] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   70.250765][ T4233] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 b2 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   70.270640][ T4233] RSP: 0000:ffffc9000f0a7440 EFLAGS: 00010292
[   70.276815][ T4233] RAX: aef96a2f001ee300 RBX: ffff88810c0560b8 RCX: 0000000000080000
[   70.284911][ T4233] RDX: ffffc900020aa000 RSI: 000000000000b640 RDI: 000000000000b641
[   70.292938][ T4233] RBP: 0000000000000010 R08: 0001c9000f0a727f R09: 0000000000000000
[   70.300942][ T4233] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88810c056078
[   70.308937][ T4233] R13: ffff888140688000 R14: ffff888140688000 R15: ffff88810c0560b0
[   70.316963][ T4233] FS:  00007f036de3f6c0(0000) GS:ffff8882aef47000(0000) knlGS:0000000000000000
[   70.326124][ T4233] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.333177][ T4233] CR2: 000000110c27f186 CR3: 000000011a0ba000 CR4: 00000000003506f0
[   70.341240][ T4233] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   70.349311][ T4233] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   70.357305][ T4233] Call Trace:
[   70.360614][ T4233]  <TASK>
[   70.363572][ T4233]  reg_set_min_max+0x1eb/0x260
[   70.368592][ T4233]  check_cond_jmp_op+0x1080/0x16e0
[   70.373801][ T4233]  do_check+0x332a/0x7a10
[   70.378249][ T4233]  do_check_common+0xc3a/0x1290
[   70.383228][ T4233]  bpf_check+0x942b/0xd9e0
[   70.387763][ T4233]  ? unwind_get_return_address+0x16/0x40
[   70.393699][ T4233]  ? __pcpu_freelist_pop+0x3da/0x4c0
[   70.399087][ T4233]  ? pcpu_freelist_pop+0x6e/0xa0
[   70.404288][ T4233]  ? __bpf_get_stackid+0x7db/0x800
[   70.409513][ T4233]  ? bpf_get_stackid+0xee/0x120
[   70.414612][ T4233]  ? bpf_prog_b724608cae728045+0x27/0x2f
[   70.420342][ T4233]  ? __rcu_read_unlock+0x4f/0x70
[   70.425314][ T4233]  ? __perf_event_task_sched_in+0xa5b/0xac0
[   70.431276][ T4233]  ? __rcu_read_unlock+0x4f/0x70
[   70.436252][ T4233]  ? xfd_validate_state+0x45/0xf0
[   70.441413][ T4233]  ? save_fpregs_to_fpstate+0x100/0x160
[   70.447035][ T4233]  ? _raw_spin_unlock+0x26/0x50
[   70.452025][ T4233]  ? finish_task_switch+0xad/0x2b0
[   70.457281][ T4233]  ? __schedule+0x6b9/0xb30
[   70.461877][ T4233]  ? should_fail_ex+0x30/0x280
[   70.466703][ T4233]  ? selinux_bpf_prog_load+0x36/0xf0
[   70.472081][ T4233]  ? should_failslab+0x8c/0xb0
[   70.477040][ T4233]  ? __kmalloc_cache_noprof+0x189/0x320
[   70.482736][ T4233]  ? selinux_bpf_prog_load+0xbf/0xf0
[   70.488116][ T4233]  ? security_bpf_prog_load+0x2c/0xa0
[   70.493557][ T4233]  bpf_prog_load+0xedd/0x1070
[   70.498284][ T4233]  ? security_bpf+0x2b/0x90
[   70.502856][ T4233]  __sys_bpf+0x462/0x7b0
[   70.507144][ T4233]  __x64_sys_bpf+0x41/0x50
[   70.511633][ T4233]  x64_sys_call+0x2aea/0x2ff0
[   70.516333][ T4233]  do_syscall_64+0xd2/0x200
[   70.520928][ T4233]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.527158][ T4233]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.532993][ T4233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.538932][ T4233] RIP: 0033:0x7f036f3debe9
[   70.543386][ T4233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.563233][ T4233] RSP: 002b:00007f036de3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   70.571702][ T4233] RAX: ffffffffffffffda RBX: 00007f036f605fa0 RCX: 00007f036f3debe9
[   70.579755][ T4233] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[   70.587739][ T4233] RBP: 00007f036f461e19 R08: 0000000000000000 R09: 0000000000000000
[   70.595812][ T4233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   70.603872][ T4233] R13: 00007f036f606038 R14: 00007f036f605fa0 R15: 00007ffd5dac1468
[   70.611901][ T4233]  </TASK>
[   70.614973][ T4233] ---[ end trace 0000000000000000 ]---
[   70.963427][ T4239] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.113647][ T4239] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.202149][ T4248] loop4: detected capacity change from 0 to 512
[   71.220055][ T4248] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.250356][ T4239] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.266948][ T4248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.288177][ T4248] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.311288][ T4239] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.323646][ T4248] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.232: iget: bad i_size value: 2533274857506816
[   71.398361][   T51] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.407404][   T51] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.444711][ T4233]  (4233) used greatest stack depth: 10328 bytes left
[   71.477802][ T4256] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.509366][   T51] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.537135][   T51] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.546779][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.627293][ T4256] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.686559][ T4268] netlink: 28 bytes leftover after parsing attributes in process `syz.2.238'.
[   71.737197][ T4256] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.752842][ T4271] batadv1: entered promiscuous mode
[   71.873655][ T4272] lo speed is unknown, defaulting to 1000
[   72.263082][ T4256] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.278124][   T29] kauditd_printk_skb: 99 callbacks suppressed
[   72.284460][   T29] audit: type=1400 audit(1754568932.165:2311): avc:  denied  { shutdown } for  pid=4279 comm="syz.3.242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   72.321609][   T29] audit: type=1400 audit(1754568932.175:2312): avc:  denied  { write } for  pid=4279 comm="syz.3.242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   72.362093][   T29] audit: type=1400 audit(1754568932.255:2313): avc:  denied  { mount } for  pid=4273 comm="syz.4.241" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   72.392314][   T51] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.544469][   T51] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.622350][   T51] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.719533][   T51] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.840239][ T4290] loop2: detected capacity change from 0 to 512
[   72.874417][ T4292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.884155][   T29] audit: type=1400 audit(1754568932.785:2314): avc:  denied  { name_bind } for  pid=4293 comm="syz.4.249" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   72.908712][ T4290] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.921859][ T4292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.929598][ T4290] EXT4-fs: old and new quota format mixing
[   73.292940][ T4306] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4306 comm=syz.4.250
[   73.476534][ T4309] netlink: 16 bytes leftover after parsing attributes in process `syz.3.251'.
[   73.487427][ T4309] process 'syz.3.251' launched '/dev/fd/4' with NULL argv: empty string added
[   73.501811][   T29] audit: type=1400 audit(1754568933.395:2315): avc:  denied  { execute_no_trans } for  pid=4308 comm="syz.3.251" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=60 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   73.629445][   T29] audit: type=1400 audit(1754568933.525:2316): avc:  denied  { mount } for  pid=4313 comm="syz.3.253" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   73.633235][ T4314] netlink: 12 bytes leftover after parsing attributes in process `syz.3.253'.
[   73.713529][ T4314] lo speed is unknown, defaulting to 1000
[   73.826912][   T29] audit: type=1400 audit(1754568933.715:2317): avc:  denied  { unmount } for  pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   73.873333][   T29] audit: type=1326 audit(1754568933.765:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.3.257" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f319c7bebe9 code=0x0
[   73.998350][ T4332] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.011837][ T4332] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.328992][ T4337] wireguard0: entered promiscuous mode
[   74.533888][ T4343] loop2: detected capacity change from 0 to 512
[   74.559674][ T4343] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.596451][ T4343] EXT4-fs (loop2): 1 orphan inode deleted
[   74.602404][ T4343] EXT4-fs (loop2): 1 truncate cleaned up
[   74.623227][ T4343] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.658340][   T29] audit: type=1326 audit(1754568934.545:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4342 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ef43ebe9 code=0x7ffc0000
[   74.690504][ T4343] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   74.745981][ T4343] EXT4-fs (loop2): Remounting filesystem read-only
[   74.767725][   T29] audit: type=1326 audit(1754568934.545:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4342 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ef43ebe9 code=0x7ffc0000
[   74.776000][ T4343] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[   74.823694][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.910595][ T4353] loop2: detected capacity change from 0 to 1024
[   74.917726][ T4353] ext4: Unknown parameter 'uid<00000000000000000000'
[   75.163802][ T4356] loop3: detected capacity change from 0 to 1024
[   75.170875][ T4356] EXT4-fs: Ignoring removed orlov option
[   75.192250][ T4356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.216680][ T4356] SELinux:  policydb version -957581230 does not match my version range 15-35
[   75.225831][ T4356] SELinux: failed to load policy
[   75.226412][ T4363] netlink: 28 bytes leftover after parsing attributes in process `syz.4.266'.
[   75.238811][ T4356] EXT4-fs: Ignoring sb option on remount
[   75.245667][ T4356] EXT4-fs: Ignoring removed orlov option
[   75.251784][ T4356] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.258627][ T4356] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[   75.266838][ T4356] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   75.322700][ T4364] batadv0: entered promiscuous mode
[   75.409965][ T4368] netlink: 14 bytes leftover after parsing attributes in process `syz.4.268'.
[   75.421233][ T4356] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.267: bg 0: block 88: padding at end of block bitmap is not set
[   75.606175][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.764825][ T4396] loop3: detected capacity change from 0 to 512
[   75.772794][ T4396] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   75.785942][ T4396] EXT4-fs (loop3): 1 truncate cleaned up
[   75.792616][ T4396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.977909][ T4400] netlink: 14 bytes leftover after parsing attributes in process `syz.4.275'.
[   75.990796][ T4402] siw: device registration error -23
[   76.012224][ T4402] binfmt_misc: register: failed to install interpreter file ./file2
[   76.326574][ T4411] lo speed is unknown, defaulting to 1000
[   76.718393][ T4415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.281'.
[   76.731942][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.758101][ T4415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.281'.
[   76.778582][ T4415] netlink: 'syz.2.281': attribute type 27 has an invalid length.
[   76.795215][ T4415] 0��{X��: left allmulticast mode
[   76.836313][ T4422] netlink: 14 bytes leftover after parsing attributes in process `syz.3.283'.
[   76.838816][ T4415] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.852537][ T4415] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.920377][ T4415] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.041771][ T4421] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.055466][ T4421] 8021q: adding VLAN 0 to HW filter on device team0
[   77.075031][ T4421] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   77.098885][ T4427] loop4: detected capacity change from 0 to 512
[   77.114020][ T4427] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.146059][   T23] syz1: Port: 1 Link DOWN
[   77.150733][ T4427] EXT4-fs: old and new quota format mixing
[   77.176142][ T4430] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.186405][   T37] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.190923][ T4430] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.221238][ T4425] lo speed is unknown, defaulting to 1000
[   77.273734][   T37] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.296576][   T37] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.314071][   T37] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.341940][ T4436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.359148][ T4436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.374280][ T4434] loop2: detected capacity change from 0 to 256
[   77.378988][ T4435] lo speed is unknown, defaulting to 1000
[   77.384826][ T4434] vfat: Unknown parameter 'shor�name'
[   77.504929][   T29] kauditd_printk_skb: 149 callbacks suppressed
[   77.504947][   T29] audit: type=1326 audit(1754568937.395:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.538268][   T29] audit: type=1326 audit(1754568937.415:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.561778][   T29] audit: type=1326 audit(1754568937.415:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.585360][   T29] audit: type=1326 audit(1754568937.415:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.608838][   T29] audit: type=1326 audit(1754568937.415:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.632409][   T29] audit: type=1326 audit(1754568937.415:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.655866][   T29] audit: type=1326 audit(1754568937.415:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.679287][   T29] audit: type=1326 audit(1754568937.415:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.702635][   T29] audit: type=1326 audit(1754568937.415:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.726252][   T29] audit: type=1326 audit(1754568937.415:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4441 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   77.761739][ T4446] netlink: 14 bytes leftover after parsing attributes in process `syz.0.291'.
[   77.937027][ T4449] loop4: detected capacity change from 0 to 256
[   77.945415][ T4449] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   77.965105][ T4449] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   77.973904][ T4449] FAT-fs (loop4): Filesystem has been set read-only
[   78.469029][ T4463] lo speed is unknown, defaulting to 1000
[   78.680887][ T4465] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.694517][ T4465] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.714333][ T4465] loop4: detected capacity change from 0 to 256
[   78.754093][ T4465] vfat: Unknown parameter 'shor�name'
[   78.876180][ T4467] netlink: 60 bytes leftover after parsing attributes in process `syz.0.298'.
[   78.885249][ T4467] netlink: 60 bytes leftover after parsing attributes in process `syz.0.298'.
[   78.906015][ T4467] netlink: 60 bytes leftover after parsing attributes in process `syz.0.298'.
[   79.187274][ T4481] loop3: detected capacity change from 0 to 512
[   79.207161][ T4481] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.222959][ T4481] EXT4-fs: old and new quota format mixing
[   79.262122][ T4485] block device autoloading is deprecated and will be removed.
[   79.368618][ T4488] loop0: detected capacity change from 0 to 8192
[   79.599379][ T4491] loop0: detected capacity change from 0 to 2048
[   79.621818][ T4491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.649568][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.357049][ T4501] lo: entered allmulticast mode
[   80.368278][ T4501] tunl0: entered allmulticast mode
[   80.376485][ T4501] gre0: entered allmulticast mode
[   80.383728][ T4501] gretap0: entered allmulticast mode
[   80.389945][ T4502] SELinux:  policydb version -957581230 does not match my version range 15-35
[   80.399075][ T4501] erspan0: entered allmulticast mode
[   80.403080][ T4502] SELinux: failed to load policy
[   80.410754][ T4501] ip_vti0: entered allmulticast mode
[   80.435506][ T4501] ip6_vti0: entered allmulticast mode
[   80.445762][ T4501] sit0: entered allmulticast mode
[   80.457288][ T4501] ip6tnl0: entered allmulticast mode
[   80.467367][ T4501] ip6gre0: entered allmulticast mode
[   80.475770][ T4501] syz_tun: entered allmulticast mode
[   80.485873][ T4501] ip6gretap0: entered allmulticast mode
[   80.510086][ T4501] bridge0: entered allmulticast mode
[   80.536104][ T4501] vcan0: entered allmulticast mode
[   80.571042][ T4501] bond0: entered allmulticast mode
[   80.585398][ T4501] team0: entered allmulticast mode
[   80.617106][ T4501] dummy0: entered allmulticast mode
[   80.627498][ T4510] loop0: detected capacity change from 0 to 512
[   80.635295][ T4501] nlmon0: entered allmulticast mode
[   80.644892][ T4510] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   80.658983][ T4501] caif0: entered allmulticast mode
[   80.664197][ T4501] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   80.682525][ T4510] EXT4-fs (loop0): orphan cleanup on readonly fs
[   80.689405][ T4510] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.309: Block bitmap for bg 0 marked uninitialized
[   80.715693][ T4510] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   80.733011][ T4510] EXT4-fs (loop0): 1 orphan inode deleted
[   80.739354][ T4510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   80.779275][ T4510] netlink: 'syz.0.309': attribute type 4 has an invalid length.
[   80.824862][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.835132][ T4513] futex_wake_op: syz.3.310 tries to shift op by -1; fix this program
[   80.982361][ T4521] netlink: 'syz.1.313': attribute type 21 has an invalid length.
[   81.021306][ T4523] loop0: detected capacity change from 0 to 256
[   81.039701][ T4523] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   81.053460][ T4523] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   81.062164][ T4523] FAT-fs (loop0): Filesystem has been set read-only
[   81.070208][ T4525] vhci_hcd: invalid port number 236
[   81.121890][ T4528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.131245][ T4528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.221093][ T4531] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   81.353515][ T4537] netlink: 'syz.3.321': attribute type 4 has an invalid length.
[   81.366112][ T3376] lo speed is unknown, defaulting to 1000
[   81.372006][ T3376] syz0: Port: 1 Link DOWN
[   81.456551][ T4544] loop2: detected capacity change from 0 to 512
[   81.465563][ T4544] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   81.477915][ T4544] EXT4-fs (loop2): orphan cleanup on readonly fs
[   81.495126][ T4544] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.323: Block bitmap for bg 0 marked uninitialized
[   81.525320][ T4544] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   81.543758][ T4543] loop3: detected capacity change from 0 to 8192
[   81.603152][ T4544] EXT4-fs (loop2): 1 orphan inode deleted
[   81.645471][ T4543] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   81.654081][ T4543] FAT-fs (loop3): Filesystem has been set read-only
[   81.663364][ T4544] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   81.696498][ T4544] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   81.712252][ T4543] __nla_validate_parse: 4 callbacks suppressed
[   81.712327][ T4543] netlink: 76 bytes leftover after parsing attributes in process `syz.3.324'.
[   81.747332][ T4544] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   81.886898][ T4544] netlink: 'syz.2.323': attribute type 4 has an invalid length.
[   81.930658][ T4552] netlink: 14 bytes leftover after parsing attributes in process `syz.3.326'.
[   81.940490][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.010782][ T4556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.328'.
[   82.027387][ T4559] loop4: detected capacity change from 0 to 512
[   82.035297][ T4559] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   82.064272][ T4559] EXT4-fs (loop4): 1 orphan inode deleted
[   82.070100][ T4559] EXT4-fs (loop4): 1 truncate cleaned up
[   82.083246][ T4559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.102353][ T4559] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   82.117232][ T4559] EXT4-fs (loop4): Remounting filesystem read-only
[   82.124019][ T4559] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[   82.168792][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.220819][ T4567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.243609][ T4568] loop4: detected capacity change from 0 to 512
[   82.258510][ T4567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.275320][ T4568] EXT4-fs: Ignoring removed mblk_io_submit option
[   82.282473][ T4570] loop2: detected capacity change from 0 to 512
[   82.292385][ T4567] loop0: detected capacity change from 0 to 256
[   82.300646][ T4567] vfat: Unknown parameter 'shor�name'
[   82.307647][ T4568] EXT4-fs (loop4): failed to initialize system zone (-117)
[   82.322732][ T4570] EXT4-fs: Ignoring removed nobh option
[   82.324451][ T4568] EXT4-fs (loop4): mount failed
[   82.390353][ T4570] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.333: bg 0: block 393: padding at end of block bitmap is not set
[   82.423738][ T4570] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   82.433183][ T4570] EXT4-fs (loop2): 2 truncates cleaned up
[   82.439956][ T4570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.447293][ T4576] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4576 comm=syz.3.335
[   82.465019][ T4576] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4576 comm=syz.3.335
[   82.507959][ T4580] loop3: detected capacity change from 0 to 512
[   82.550030][ T4580] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   82.560064][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.610369][ T4584] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4584 comm=syz.2.337
[   82.629087][ T4580] EXT4-fs (loop3): invalid journal inode
[   82.640027][ T4580] EXT4-fs (loop3): can't get journal size
[   82.650241][ T4568] netlink: 'syz.4.331': attribute type 1 has an invalid length.
[   82.708984][ T4580] EXT4-fs (loop3): 1 truncate cleaned up
[   82.720213][ T4580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.734712][ T4568] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.801995][   T29] kauditd_printk_skb: 339 callbacks suppressed
[   82.802009][   T29] audit: type=1326 audit(1754568942.695:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.836888][   T29] audit: type=1326 audit(1754568942.725:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.860310][   T29] audit: type=1326 audit(1754568942.725:2821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.880800][ T4580] netlink: 40 bytes leftover after parsing attributes in process `syz.3.336'.
[   82.883984][   T29] audit: type=1326 audit(1754568942.725:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.916486][   T29] audit: type=1326 audit(1754568942.725:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.940063][   T29] audit: type=1326 audit(1754568942.725:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.963471][   T29] audit: type=1326 audit(1754568942.725:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   82.987222][   T29] audit: type=1326 audit(1754568942.755:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   83.010738][   T29] audit: type=1326 audit(1754568942.755:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4587 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f319c7f14a5 code=0x7ffc0000
[   83.034493][   T29] audit: type=1326 audit(1754568942.755:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4579 comm="syz.3.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f319c7bebe9 code=0x7ffc0000
[   83.042877][ T4592] netlink: 'syz.4.338': attribute type 4 has an invalid length.
[   83.175175][ T4598] netlink: 20 bytes leftover after parsing attributes in process `syz.4.341'.
[   83.350621][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.395640][ T4604] loop3: detected capacity change from 0 to 512
[   83.407984][ T4604] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.422455][ T4604] EXT4-fs (loop3): 1 orphan inode deleted
[   83.428536][ T4604] EXT4-fs (loop3): 1 truncate cleaned up
[   83.451245][ T4604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.470208][ T4604] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   83.486083][ T4604] EXT4-fs (loop3): Remounting filesystem read-only
[   83.492727][ T4604] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[   83.522166][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.577228][ T4614] loop3: detected capacity change from 0 to 128
[   83.706743][ T4623] loop4: detected capacity change from 0 to 512
[   83.714414][ T4623] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   83.729946][ T4623] EXT4-fs (loop4): orphan cleanup on readonly fs
[   83.745882][ T4623] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.350: Block bitmap for bg 0 marked uninitialized
[   83.759618][ T4623] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   83.761208][ T4624] lo speed is unknown, defaulting to 1000
[   83.776477][ T4623] EXT4-fs (loop4): 1 orphan inode deleted
[   83.787100][ T4623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   83.816694][ T4623] netlink: 'syz.4.350': attribute type 4 has an invalid length.
[   83.838667][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.875417][ T4631] loop3: detected capacity change from 0 to 736
[   83.908473][ T4633] netlink: 4 bytes leftover after parsing attributes in process `syz.4.354'.
[   83.923635][ T4633] netlink: 4 bytes leftover after parsing attributes in process `syz.4.354'.
[   83.935228][ T4633] netlink: 'syz.4.354': attribute type 27 has an invalid length.
[   83.955502][ T4633] 0��{X��: left allmulticast mode
[   84.056518][ T4634] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.065853][ T4634] 8021q: adding VLAN 0 to HW filter on device team0
[   84.075735][ T4634] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   84.091892][   T12] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.101588][   T12] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.111161][   T12] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.119933][   T12] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.170132][ T4636] loop4: detected capacity change from 0 to 512
[   84.177586][ T4636] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   84.197952][ T4636] EXT4-fs (loop4): 1 truncate cleaned up
[   84.204062][ T4638] loop3: detected capacity change from 0 to 2048
[   84.204495][ T4636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.271295][ T4638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.294998][ T4643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.356'.
[   84.337016][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.362116][ T4643] lo speed is unknown, defaulting to 1000
[   84.519421][ T4651] lo speed is unknown, defaulting to 1000
[   84.652463][ T4657] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   84.671120][  T803] IPVS: starting estimator thread 0...
[   84.676888][ T4653] ucma_write: process 207 (syz.2.360) changed security contexts after opening file descriptor, this is not allowed.
[   84.759974][ T4659] IPVS: using max 2304 ests per chain, 115200 per kthread
[   84.771787][ T4666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.375'.
[   84.802492][ T4666] random: crng reseeded on system resumption
[   84.870439][ T4670] netlink: 'syz.1.366': attribute type 1 has an invalid length.
[   84.929851][ T4670] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.946314][ T4675] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.970322][ T4675] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   85.185985][ T4675] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   85.213806][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.245117][ T4670] gretap0: entered promiscuous mode
[   85.335135][ T4670] bond1: (slave gretap0): making interface the new active one
[   85.343021][ T4670] bond1: (slave gretap0): Enslaving as an active interface with an up link
[   85.375239][ T4670] macvlan2: entered promiscuous mode
[   85.380651][ T4670] macvlan2: entered allmulticast mode
[   85.390469][ T4670] bond1: entered promiscuous mode
[   85.396071][ T4670] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   85.428980][ T4670] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap0
[   85.442386][ T4670] bond1: left promiscuous mode
[   85.673554][ T4695] netlink: 60 bytes leftover after parsing attributes in process `syz.3.384'.
[   85.881140][ T4702] netlink: 'syz.1.376': attribute type 10 has an invalid length.
[   85.917546][ T4701] loop4: detected capacity change from 0 to 1024
[   85.974998][ T4702] team0: Port device dummy0 added
[   85.989692][ T4701] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   86.150551][ T4701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.225182][ T4701] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.374: missing EA_INODE flag
[   86.244926][ T4706] netlink: 'syz.1.376': attribute type 10 has an invalid length.
[   86.246587][ T4701] EXT4-fs (loop4): Remounting filesystem read-only
[   86.321024][ T4706] team0: Port device dummy0 removed
[   86.323982][ T4706] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   86.347183][ T4720] tipc: Started in network mode
[   86.347241][ T4720] tipc: Node identity ac1414aa, cluster identity 4711
[   86.347604][ T4720] tipc: Enabled bearer <udp:syz2>, priority 10
[   86.350090][ T4720] tipc: Enabled bearer <eth:team0>, priority 0
[   86.491384][ T4731] lo speed is unknown, defaulting to 1000
[   86.561382][ T4731] lo speed is unknown, defaulting to 1000
[   86.906074][ T4740] lo: entered allmulticast mode
[   86.944836][ T4740] tunl0: entered allmulticast mode
[   86.973494][ T4740] gre0: entered allmulticast mode
[   86.989459][ T4740] erspan0: entered allmulticast mode
[   86.995559][ T4740] ip_vti0: entered allmulticast mode
[   87.003402][ T4740] ip6_vti0: entered allmulticast mode
[   87.010914][ T4740] sit0: entered allmulticast mode
[   87.017040][ T4740] ip6tnl0: entered allmulticast mode
[   87.025299][ T4740] ip6gre0: entered allmulticast mode
[   87.032263][ T4740] syz_tun: entered allmulticast mode
[   87.046368][ T4740] ip6gretap0: entered allmulticast mode
[   87.072729][ T4740] bridge0: entered allmulticast mode
[   87.086118][ T4740] vcan0: entered allmulticast mode
[   87.093209][ T4740] bond0: entered allmulticast mode
[   87.098574][ T4740] dummy0: entered allmulticast mode
[   87.105134][ T4740] team0: entered allmulticast mode
[   87.111949][ T4740] nlmon0: entered allmulticast mode
[   87.126246][ T4740] caif0: entered allmulticast mode
[   87.131501][ T4740] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   87.149581][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.170297][ T4743] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (1024)
[   87.179555][ T4743] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[   87.191133][ T4748] __nla_validate_parse: 7 callbacks suppressed
[   87.191161][ T4748] netlink: 12 bytes leftover after parsing attributes in process `syz.0.387'.
[   87.277320][ T4755] netlink: 4 bytes leftover after parsing attributes in process `syz.0.390'.
[   87.348287][   T23] tipc: Node number set to 2886997162
[   87.526913][ T4762] netlink: 'syz.0.393': attribute type 4 has an invalid length.
[   87.815172][   T29] kauditd_printk_skb: 363 callbacks suppressed
[   87.815191][   T29] audit: type=1400 audit(1754568947.705:3192): avc:  denied  { setopt } for  pid=4765 comm="syz.0.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   87.841494][   T29] audit: type=1400 audit(1754568947.705:3193): avc:  denied  { accept } for  pid=4765 comm="syz.0.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.865307][ T4768] loop2: detected capacity change from 0 to 512
[   87.884045][ T4768] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.396: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[   87.903447][ T4768] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.396: Bad quota inode: 3, type: 0
[   87.904532][   T29] audit: type=1326 audit(1754568947.795:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   87.937672][   T29] audit: type=1326 audit(1754568947.795:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   87.944235][ T4768] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   87.961232][   T29] audit: type=1326 audit(1754568947.795:3196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   87.977360][ T4768] EXT4-fs (loop2): mount failed
[   88.028674][   T29] audit: type=1326 audit(1754568947.835:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   88.052186][   T29] audit: type=1326 audit(1754568947.835:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   88.075673][   T29] audit: type=1326 audit(1754568947.835:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   88.099126][   T29] audit: type=1326 audit(1754568947.835:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   88.122720][   T29] audit: type=1326 audit(1754568947.835:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4776 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   88.137350][ T4779] netlink: 104 bytes leftover after parsing attributes in process `syz.0.397'.
[   88.186521][ T4779] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   88.200378][ T4784] loop4: detected capacity change from 0 to 512
[   88.219257][ T4784] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.244721][ T4784] EXT4-fs: old and new quota format mixing
[   88.321408][ T4790] netlink: 4 bytes leftover after parsing attributes in process `syz.3.401'.
[   88.342349][ T4790] netlink: 4 bytes leftover after parsing attributes in process `syz.3.401'.
[   88.355651][ T4790] netlink: 'syz.3.401': attribute type 27 has an invalid length.
[   88.364106][ T4795] netlink: 'syz.2.403': attribute type 1 has an invalid length.
[   88.371325][ T4790] lo: left allmulticast mode
[   88.376821][ T4790] tunl0: left allmulticast mode
[   88.383542][ T4790] gre0: left allmulticast mode
[   88.393334][ T4790] gretap0: left allmulticast mode
[   88.400929][ T4790] erspan0: left allmulticast mode
[   88.408563][ T4790] ip_vti0: left allmulticast mode
[   88.423653][ T4790] ip6_vti0: left allmulticast mode
[   88.431395][ T4790] sit0: left allmulticast mode
[   88.440523][ T4790] ip6tnl0: left allmulticast mode
[   88.445792][ T4798] loop4: detected capacity change from 0 to 2048
[   88.448059][ T4790] ip6gre0: left allmulticast mode
[   88.460707][ T4790] syz_tun: left allmulticast mode
[   88.468471][ T4790] ip6gretap0: left allmulticast mode
[   88.475757][ T4790] bridge0: left allmulticast mode
[   88.482642][ T4790] vcan0: left allmulticast mode
[   88.483506][ T4798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.499874][ T4790] bond0: left allmulticast mode
[   88.507062][ T4790] team0: left allmulticast mode
[   88.514815][ T4790] dummy0: left allmulticast mode
[   88.522538][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.531741][ T4790] nlmon0: left allmulticast mode
[   88.538094][ T4790] caif0: left allmulticast mode
[   88.617065][ T4790] gretap1: left promiscuous mode
[   88.631546][ T4795] 8021q: adding VLAN 0 to HW filter on device bond1
[   88.644796][ T4796] 8021q: adding VLAN 0 to HW filter on device bond1
[   88.664403][ T4796] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   88.676740][ T4796] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   88.700379][ T4799] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.709810][ T4799] 8021q: adding VLAN 0 to HW filter on device team0
[   88.720105][ T4799] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.740071][ T4800] gretap0: entered promiscuous mode
[   88.747540][ T4800] bond1: (slave gretap0): making interface the new active one
[   88.760975][ T4800] bond1: (slave gretap0): Enslaving as an active interface with an up link
[   88.773025][ T4803] macvlan2: entered promiscuous mode
[   88.778604][ T4803] macvlan2: entered allmulticast mode
[   88.785527][ T4803] bond1: entered promiscuous mode
[   88.792382][ T4803] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   88.803678][ T4803] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap0
[   88.815763][ T4803] bond1: left promiscuous mode
[   88.828883][  T556] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.837333][ T2955] lo speed is unknown, defaulting to 1000
[   88.843203][ T2955] syz0: Port: 1 Link ACTIVE
[   88.854770][  T556] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.863951][  T556] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.883057][  T556] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.886954][ T4818] netlink: 14 bytes leftover after parsing attributes in process `syz.3.408'.
[   88.901531][ T4803] syz.2.403 (4803) used greatest stack depth: 9968 bytes left
[   89.311541][ T4831] loop3: detected capacity change from 0 to 512
[   89.349483][ T4831] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.490337][ T4831] EXT4-fs: old and new quota format mixing
[   89.632216][ T4834] loop4: detected capacity change from 0 to 512
[   89.640105][ T4834] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   89.657842][ T4834] EXT4-fs (loop4): orphan cleanup on readonly fs
[   89.671199][ T4834] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.414: Block bitmap for bg 0 marked uninitialized
[   89.685616][ T4834] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   89.696570][ T4834] EXT4-fs (loop4): 1 orphan inode deleted
[   89.705779][ T4839] loop3: detected capacity change from 0 to 128
[   89.712604][ T4834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   89.734284][ T4839] netlink: 'syz.3.425': attribute type 39 has an invalid length.
[   89.753430][ T4834] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   89.774312][ T4834] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   89.787517][ T4834] netlink: 'syz.4.414': attribute type 4 has an invalid length.
[   89.875812][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.002046][ T4844] netlink: 'syz.1.417': attribute type 1 has an invalid length.
[   90.017390][ T4844] 8021q: adding VLAN 0 to HW filter on device bond2
[   90.064528][ T4857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.420'.
[   90.078659][ T4854] netlink: 'syz.2.431': attribute type 27 has an invalid length.
[   90.088126][ T4857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.420'.
[   90.112276][ T4856] netlink: 'syz.4.421': attribute type 1 has an invalid length.
[   90.123553][ T4854] tipc: Resetting bearer <eth:team0>
[   90.131512][ T4857] netlink: 'syz.1.420': attribute type 27 has an invalid length.
[   90.143678][ T4854] gretap0: left promiscuous mode
[   90.151149][ T4857] lo: left allmulticast mode
[   90.166793][ T4857] tunl0: left allmulticast mode
[   90.191326][ T4857] gre0: left allmulticast mode
[   90.235964][ T4857] 0��{X��: left allmulticast mode
[   90.261407][ T4857] erspan0: left allmulticast mode
[   90.276846][ T4857] ip_vti0: left allmulticast mode
[   90.287328][ T4857] ip6_vti0: left allmulticast mode
[   90.300891][ T4857] sit0: left allmulticast mode
[   90.333754][ T4857] ip6tnl0: left allmulticast mode
[   90.356609][ T4857] ip6gre0: left allmulticast mode
[   90.366720][ T4857] syz_tun: left allmulticast mode
[   90.402280][ T4857] ip6gretap0: left allmulticast mode
[   90.422549][ T4857] bridge0: left allmulticast mode
[   90.447923][ T4857] vcan0: left allmulticast mode
[   90.456331][ T4857] bond0: left allmulticast mode
[   90.466353][ T4857] team0: left allmulticast mode
[   90.480060][ T4857] dummy0: left allmulticast mode
[   90.496408][ T4857] nlmon0: left allmulticast mode
[   90.510003][ T4857] caif0: left allmulticast mode
[   90.598641][ T4857] gretap0: left promiscuous mode
[   90.612482][ T4856] 8021q: adding VLAN 0 to HW filter on device bond2
[   90.643112][ T4858] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.652570][ T4858] 8021q: adding VLAN 0 to HW filter on device team0
[   90.661277][ T4858] tipc: Resetting bearer <eth:team0>
[   90.675854][ T4858] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.696739][ T4859] 8021q: adding VLAN 0 to HW filter on device bond2
[   90.708931][ T4859] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   90.737742][ T4859] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   90.772114][ T4860] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.780942][ T4860] 8021q: adding VLAN 0 to HW filter on device team0
[   90.793714][ T4860] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.812362][ T4861] gretap0: entered promiscuous mode
[   90.823936][ T4881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.833622][ T4881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.843714][ T4861] bond2: (slave gretap0): making interface the new active one
[   90.857313][ T4881] loop2: detected capacity change from 0 to 256
[   90.864652][ T4861] bond2: (slave gretap0): Enslaving as an active interface with an up link
[   90.874854][ T4881] vfat: Unknown parameter 'shor�name'
[   90.881060][ T4862] macvlan2: entered promiscuous mode
[   90.886442][ T4862] macvlan2: entered allmulticast mode
[   90.900088][ T4862] bond2: entered promiscuous mode
[   90.905658][ T4862] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   90.919771][ T4862] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap0
[   90.936993][ T4862] bond2: left promiscuous mode
[   90.962572][   T51] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   90.972216][   T51] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.010575][   T51] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.019545][   T51] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.031368][ T4885] netlink: 14 bytes leftover after parsing attributes in process `syz.1.426'.
[   91.198228][ T4893] loop4: detected capacity change from 0 to 1024
[   91.207600][ T4893] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   91.291922][ T4895] netlink: 32 bytes leftover after parsing attributes in process `syz.1.429'.
[   91.310352][ T4893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.325312][ T4893] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.428: missing EA_INODE flag
[   91.337920][ T4893] EXT4-fs (loop4): Remounting filesystem read-only
[   91.563053][ T4901] lo speed is unknown, defaulting to 1000
[   91.641978][ T4901] lo speed is unknown, defaulting to 1000
[   92.078142][ T4906] sd 0:0:1:0: device reset
[   92.084216][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.097725][ T4906] SELinux:  Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped).
[   92.294385][ T4919] bridge0: entered promiscuous mode
[   92.299872][ T4919] macsec1: entered promiscuous mode
[   92.306083][ T4919] bridge0: port 3(macsec1) entered blocking state
[   92.312625][ T4919] bridge0: port 3(macsec1) entered disabled state
[   92.320098][ T4919] macsec1: entered allmulticast mode
[   92.325435][ T4919] bridge0: entered allmulticast mode
[   92.331351][ T4919] macsec1: left allmulticast mode
[   92.336485][ T4919] bridge0: left allmulticast mode
[   92.346341][ T4919] bridge0: left promiscuous mode
[   92.400453][ T4928] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[   92.426552][ T4928] bond_slave_1: entered promiscuous mode
[   92.433133][ T4928] __nla_validate_parse: 1 callbacks suppressed
[   92.433151][ T4928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.440'.
[   92.450476][ T4928] bond_slave_1 (unregistering): left promiscuous mode
[   92.538030][ T4930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'.
[   92.547574][ T4930] netlink: 24 bytes leftover after parsing attributes in process `syz.0.441'.
[   92.562512][ T4930] random: crng reseeded on system resumption
[   92.638263][ T4938] netlink: 'syz.0.443': attribute type 1 has an invalid length.
[   92.645973][ T4938] netlink: 224 bytes leftover after parsing attributes in process `syz.0.443'.
[   92.900083][ T4944] lo speed is unknown, defaulting to 1000
[   92.975751][ T4944] lo speed is unknown, defaulting to 1000
[   93.869652][ T4956] loop3: detected capacity change from 0 to 2048
[   93.893652][ T4956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   93.971724][ T4963] loop2: detected capacity change from 0 to 512
[   94.068250][   T29] kauditd_printk_skb: 253 callbacks suppressed
[   94.068267][   T29] audit: type=1400 audit(1754568953.955:3455): avc:  denied  { write } for  pid=4955 comm="syz.3.448" path="/100/file2/cgroup.controllers" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.104318][ T4961] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   94.124491][ T4961] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1720 with error 28
[   94.137248][ T4961] EXT4-fs (loop3): This should not happen!! Data will be lost
[   94.137248][ T4961] 
[   94.146995][ T4961] EXT4-fs (loop3): Total free blocks count 0
[   94.153135][ T4961] EXT4-fs (loop3): Free/Dirty block details
[   94.159154][ T4961] EXT4-fs (loop3): free_blocks=2415919104
[   94.164907][ T4961] EXT4-fs (loop3): dirty_blocks=1728
[   94.170426][ T4961] EXT4-fs (loop3): Block reservation details
[   94.176538][ T4961] EXT4-fs (loop3): i_reserved_data_blocks=108
[   94.267842][ T4973] netlink: 8 bytes leftover after parsing attributes in process `syz.4.452'.
[   94.288668][ T4973] random: crng reseeded on system resumption
[   94.340578][   T29] audit: type=1400 audit(1754568954.235:3456): avc:  denied  { ioctl } for  pid=4974 comm="syz.2.453" path="socket:[11324]" dev="sockfs" ino=11324 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   94.366741][   T29] audit: type=1400 audit(1754568954.265:3457): avc:  denied  { write } for  pid=4974 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[   94.386684][   T29] audit: type=1400 audit(1754568954.265:3458): avc:  denied  { read } for  pid=4974 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[   94.428561][   T29] audit: type=1400 audit(1754568954.315:3459): avc:  denied  { map } for  pid=4974 comm="syz.2.453" path="socket:[11327]" dev="sockfs" ino=11327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.452489][   T29] audit: type=1400 audit(1754568954.315:3460): avc:  denied  { read } for  pid=4974 comm="syz.2.453" path="socket:[11327]" dev="sockfs" ino=11327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.746419][ T4989] loop2: detected capacity change from 0 to 2048
[   94.817921][ T4986] tipc: Started in network mode
[   94.822959][ T4986] tipc: Node identity 4e7c85ed1469, cluster identity 4711
[   94.830254][ T4986] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   94.929814][ T1569] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[   95.077826][ T4986] netlink: 'syz.1.456': attribute type 13 has an invalid length.
[   95.111005][ T4988] tipc: Disabling bearer <eth:syzkaller0>
[   95.581731][ T4995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.619405][ T4995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.651638][ T4995] loop3: detected capacity change from 0 to 256
[   95.669244][ T4986] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   95.685426][ T4995] vfat: Unknown parameter 'shor�name'
[   95.752022][ T4991] bridge_slave_0: left allmulticast mode
[   95.757834][ T4991] bridge_slave_0: left promiscuous mode
[   95.763922][ T4991] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.781223][ T4989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.807663][   T29] audit: type=1400 audit(1754568955.695:3461): avc:  denied  { create } for  pid=4984 comm="syz.2.457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   95.827284][   T29] audit: type=1400 audit(1754568955.695:3462): avc:  denied  { bind } for  pid=4984 comm="syz.2.457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   95.850428][ T4991] bridge_slave_1: left allmulticast mode
[   95.856295][ T4991] bridge_slave_1: left promiscuous mode
[   95.856497][ T4991] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.884283][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.894044][ T4991] bond0: (slave bond_slave_0): Releasing backup interface
[   95.911805][ T4991] bond0: (slave bond_slave_1): Releasing backup interface
[   95.944728][ T4991] team0: Port device team_slave_0 removed
[   95.948760][   T29] audit: type=1400 audit(1754568955.835:3463): avc:  denied  { setopt } for  pid=5002 comm="syz.2.461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   95.972230][ T4991] team0: Port device team_slave_1 removed
[   95.995542][   T29] audit: type=1400 audit(1754568955.885:3464): avc:  denied  { lock } for  pid=5002 comm="syz.2.461" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=11232 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   95.995852][ T4991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.028845][ T4991] batman_adv: batadv0: Removing interface: batadv_slave_0
[   96.049659][ T4991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.057173][ T4991] batman_adv: batadv0: Removing interface: batadv_slave_1
[   96.108125][ T4999] lo speed is unknown, defaulting to 1000
[   96.170249][ T5013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'.
[   96.195614][ T5013] random: crng reseeded on system resumption
[   96.238494][ T5019] netlink: 24 bytes leftover after parsing attributes in process `syz.0.468'.
[   96.250179][ T5017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.467'.
[   96.317584][ T5021] pim6reg: entered allmulticast mode
[   96.325344][ T5021] pim6reg: left allmulticast mode
[   96.367618][ T5023] futex_wake_op: syz.1.470 tries to shift op by -1; fix this program
[   96.438797][ T5028] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   96.505508][ T5030] random: crng reseeded on system resumption
[   96.702176][ T5037] lo speed is unknown, defaulting to 1000
[   96.882707][ T5036] loop3: detected capacity change from 0 to 1024
[   96.978373][ T5036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.999996][ T5036] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.155707][ T5048] loop4: detected capacity change from 0 to 2048
[   97.170470][ T5048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.215945][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.378942][ T5061] netlink: 14 bytes leftover after parsing attributes in process `syz.0.479'.
[   97.447785][ T5069] openvswitch: netlink: Message has 6 unknown bytes.
[   97.478947][ T5068] lo speed is unknown, defaulting to 1000
[   97.569528][ T5077] netlink: 216 bytes leftover after parsing attributes in process `syz.1.480'.
[   97.578705][ T5077] netlink: 24 bytes leftover after parsing attributes in process `syz.1.480'.
[   97.587594][ T5077] netlink: 16 bytes leftover after parsing attributes in process `syz.1.480'.
[   97.683945][ T5086] futex_wake_op: syz.4.482 tries to shift op by -1; fix this program
[   97.712837][ T5036] syz.3.475 (5036) used greatest stack depth: 7312 bytes left
[   97.763737][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.941110][ T5114] loop2: detected capacity change from 0 to 512
[   97.961207][ T5114] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.996847][ T5119] loop3: detected capacity change from 0 to 2048
[   98.016634][ T5114] EXT4-fs (loop2): 1 orphan inode deleted
[   98.022462][ T5114] EXT4-fs (loop2): 1 truncate cleaned up
[   98.052515][ T5119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.081215][ T5114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.154297][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.230296][ T5144] loop3: detected capacity change from 0 to 512
[   98.255449][ T5144] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.280249][ T5144] EXT4-fs (loop3): failed to initialize system zone (-117)
[   98.296258][ T5144] EXT4-fs (loop3): mount failed
[   98.412732][ T5144] netlink: 'syz.3.490': attribute type 1 has an invalid length.
[   98.430009][ T5159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.444383][ T5159] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.458174][ T5144] 8021q: adding VLAN 0 to HW filter on device bond2
[   98.466379][ T5159] loop4: detected capacity change from 0 to 256
[   98.475420][ T5159] vfat: Unknown parameter 'shor�name'
[   98.518961][ T5167] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[   98.542722][ T5167] bond_slave_1: entered promiscuous mode
[   98.550398][ T5167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.493'.
[   98.582159][ T5167] bond_slave_1 (unregistering): left promiscuous mode
[   98.814115][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.856098][ T5177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.496'.
[   99.106526][ T5185] lo speed is unknown, defaulting to 1000
[   99.239620][   T29] kauditd_printk_skb: 238 callbacks suppressed
[   99.239706][   T29] audit: type=1326 audit(1754568959.125:3703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   99.269372][   T29] audit: type=1326 audit(1754568959.125:3704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   99.488940][ T5188] netlink: 14 bytes leftover after parsing attributes in process `syz.3.499'.
[   99.865008][   T29] audit: type=1326 audit(1754568959.745:3705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   99.895486][ T5193] loop3: detected capacity change from 0 to 2048
[   99.931661][   T29] audit: type=1326 audit(1754568959.825:3706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[   99.932399][ T5193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.955170][   T29] audit: type=1326 audit(1754568959.825:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[  100.169538][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.186249][ T5178] netlink: 104 bytes leftover after parsing attributes in process `syz.0.497'.
[  100.292206][   T29] audit: type=1326 audit(1754568960.075:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[  100.316023][   T29] audit: type=1326 audit(1754568960.075:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[  100.339642][   T29] audit: type=1326 audit(1754568960.075:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[  100.363270][   T29] audit: type=1326 audit(1754568960.075:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0ab8d1ebe9 code=0x7ffc0000
[  100.386567][   T29] audit: type=1400 audit(1754568960.075:3712): avc:  denied  { nlmsg_read } for  pid=5175 comm="syz.0.497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  101.915899][ T5226] loop3: detected capacity change from 0 to 512
[  102.082759][ T5226] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.107514][ T5226] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5226 comm=syz.3.509
[  102.314709][ T5233] ==================================================================
[  102.322841][ T5233] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark
[  102.331118][ T5233] 
[  102.333458][ T5233] write to 0xffff888106a369a4 of 4 bytes by task 5226 on cpu 1:
[  102.341116][ T5233]  xas_set_mark+0x12b/0x140
[  102.346153][ T5233]  __folio_start_writeback+0x1dd/0x440
[  102.351750][ T5233]  ext4_bio_write_folio+0x5ad/0x9f0
[  102.357072][ T5233]  mpage_process_page_bufs+0x4a1/0x620
[  102.362597][ T5233]  mpage_prepare_extent_to_map+0x786/0xc00
[  102.368419][ T5233]  ext4_do_writepages+0x708/0x2750
[  102.373567][ T5233]  ext4_writepages+0x176/0x300
[  102.378339][ T5233]  do_writepages+0x1c6/0x310
[  102.382935][ T5233]  file_write_and_wait_range+0x156/0x2c0
[  102.388600][ T5233]  generic_buffers_fsync_noflush+0x45/0x120
[  102.394690][ T5233]  ext4_sync_file+0x1ab/0x690
[  102.399450][ T5233]  vfs_fsync_range+0x10d/0x130
[  102.404233][ T5233]  ext4_buffered_write_iter+0x34f/0x3c0
[  102.409826][ T5233]  ext4_file_write_iter+0xdbf/0xf00
[  102.415074][ T5233]  iter_file_splice_write+0x5f2/0x970
[  102.415266][ T5238] lo speed is unknown, defaulting to 1000
[  102.420470][ T5233]  direct_splice_actor+0x153/0x2a0
[  102.420498][ T5233]  splice_direct_to_actor+0x30f/0x680
[  102.420521][ T5233]  do_splice_direct+0xda/0x150
[  102.441743][ T5233]  do_sendfile+0x380/0x650
[  102.446213][ T5233]  __x64_sys_sendfile64+0x105/0x150
[  102.451444][ T5233]  x64_sys_call+0x2bb0/0x2ff0
[  102.456153][ T5233]  do_syscall_64+0xd2/0x200
[  102.460717][ T5233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.466784][ T5233] 
[  102.469119][ T5233] read to 0xffff888106a369a4 of 4 bytes by task 5233 on cpu 0:
[  102.476766][ T5233]  filemap_write_and_wait_range+0xfc/0x340
[  102.482697][ T5233]  filemap_invalidate_pages+0xa4/0x1a0
[  102.488184][ T5233]  kiocb_invalidate_pages+0x6e/0x80
[  102.493429][ T5233]  __iomap_dio_rw+0x5d4/0x1250
[  102.498215][ T5233]  iomap_dio_rw+0x40/0x90
[  102.502608][ T5233]  ext4_file_write_iter+0xad9/0xf00
[  102.507918][ T5233]  iter_file_splice_write+0x5f2/0x970
[  102.513473][ T5233]  direct_splice_actor+0x153/0x2a0
[  102.518598][ T5233]  splice_direct_to_actor+0x30f/0x680
[  102.524077][ T5233]  do_splice_direct+0xda/0x150
[  102.528889][ T5233]  do_sendfile+0x380/0x650
[  102.533343][ T5233]  __x64_sys_sendfile64+0x105/0x150
[  102.538563][ T5233]  x64_sys_call+0x2bb0/0x2ff0
[  102.543357][ T5233]  do_syscall_64+0xd2/0x200
[  102.548170][ T5233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.554078][ T5233] 
[  102.556405][ T5233] value changed: 0x0a000021 -> 0x04000021
[  102.562168][ T5233] 
[  102.564520][ T5233] Reported by Kernel Concurrency Sanitizer on:
[  102.570769][ T5233] CPU: 0 UID: 0 PID: 5233 Comm: syz.3.509 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  102.584411][ T5233] Tainted: [W]=WARN
[  102.588233][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.598384][ T5233] ==================================================================
[  102.618760][ T5238] lo speed is unknown, defaulting to 1000
[  102.843666][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.