last executing test programs:

2.393589418s ago: executing program 4 (id=826):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
fdatasync(0xffffffffffffffff)
r1 = syz_open_dev$loop(&(0x7f0000000340), 0x3, 0x800)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c000000020601040000000000000000000000000500040000000000070001000600000016000300686173683a6e65742c706f72742c6e657400000005000500020000000c000780050015000f0000000900020073797a31"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000b060101000000000000000000000000100007800c00098008000140e000000205000100070000000900020073797a31"], 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
modify_ldt$read(0x0, 0x0, 0x0)

2.324657689s ago: executing program 4 (id=827):
socket$inet6(0xa, 0x3, 0x3c)
socket(0x10, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x11, r0, 0x0)
syz_read_part_table(0x604, &(0x7f0000002240)="$eJzs3L1rVWccB/DvTXJyjILp4ORS49BJKIpbm6FKvFU6hKtSSB3sG0WaKULgSi9N0aUZLMkgHbtIIR1snBodOin6H4iDRcjgUmgX+zLklHvvIemlQZSGQvHzGc5zzu8+PN/fA8/63PC/NpSifqvK3vD6Bxl9xvxqfOt9IWdXpk6crKqqOpM0ci5FJoq9q0lGMrhqDiYD617/ZvftL399u1h5ePrpa+fvLA5trlnmlSR7BpoY266V8kX3ys67MXl3/PKVuebV7kezs77xbvL9L1OttXcWl1dPFcc/6tY/T+7V8/sHYywX086lfJr3R54z6I33vtj6aAzkL3Tz25MXHjQ761+vPD68sb85/MMnb/5x4PZXPx5J5rsR0+kd9i3POuQvYHP/df78xNLMcufYoZv7rh1t37rfejL8e9VXRxbZ+SYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgxN7qPK3PNq+3JCw+andG63FobyfLqqaXjj+rCvXocqceLaedSiiSzmc3HmXv+yJnG3/Mn745f3sz/c3fy+PDG/uZvRf37kd6zkenuMPRvdrq9wfzO+vzE0sxy59ihm/uuHW3fut96MtyfN1vmw9RNlTvfBgAAAAAAAAAAAAAAAAAAAC+5qRMnD0y/1TqTNHJuV5KfP+vdsq/Kse/Su3nfd7AeH5XJ3iTXd/X/C2Dl4emno+fvLP5UX4pfSJmFJHu+XTubvNovNv4RW2xX5L/3VwAAAP//S26IOQ==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x147842, 0x1)
preadv2(r2, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

2.15028533s ago: executing program 2 (id=830):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0xc, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x300, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.14967359s ago: executing program 4 (id=832):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x14, 0x2, 0x6, 0x301}, 0x14}}, 0x0)

2.11509163s ago: executing program 2 (id=833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x9d})
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0))
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)

2.09135993s ago: executing program 0 (id=834):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@newqdisc={0x174, 0x24, 0x0, 0x0, 0x0, {}, [@TCA_STAB={0x148, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x31, 0x8000, 0xbf6, 0x0, 0x8, 0x5, 0x4}}, {0xc, 0x2, [0x4, 0x401, 0x646, 0x4d]}}, {{0x1c, 0x1, {0x4, 0x9, 0x6, 0x8, 0x0, 0x10000, 0x7, 0x3}}, {0xa, 0x2, [0x5, 0x800, 0x4]}}, {{0x1c, 0x1, {0x9, 0x6, 0x0, 0x7f, 0x2, 0x7, 0x6, 0x2}}, {0x8, 0x2, [0x7ff, 0xfffd]}}, {{0x1c, 0x1, {0x9, 0xd, 0xff5b, 0x81a5, 0x2, 0x3, 0x6, 0x6}}, {0x10, 0x2, [0x4, 0xfffe, 0x7c, 0x1, 0x400, 0x9]}}, {{0x1c, 0x1, {0x5, 0x5, 0x3, 0x0, 0x2, 0xe, 0x5, 0x6}}, {0x10, 0x2, [0x1, 0xb7a0, 0x63, 0x9, 0x4, 0x5]}}, {{0x1c, 0x1, {0x6, 0x8, 0xc7, 0x9f1, 0x1, 0x4, 0xffff, 0x5}}, {0xe, 0x2, [0x2fff, 0x4, 0x14, 0x4, 0x800]}}, {{0x1c, 0x1, {0x4, 0x7, 0x4, 0xffffffff, 0x6, 0xe, 0xfd8b, 0x1}}, {0x6, 0x2, [0x6]}}, {{0x1c, 0x1, {0x0, 0x8, 0xe, 0x7, 0x1, 0x3ff, 0xffffff1a, 0x4}}, {0xc, 0x2, [0x8, 0x6, 0x5b, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xc1d0}]}, 0x174}}, 0x200108d4)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48010}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x9, 0x2}, {0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040080}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x1901000000000000)

2.06216413s ago: executing program 3 (id=835):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

2.00477416s ago: executing program 2 (id=837):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000000c0), 0x10)
sendto$l2tp(r0, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$l2tp(0x2, 0x2, 0x73)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
sendto$l2tp(r1, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x4044890, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
close(r0)

1.973625151s ago: executing program 3 (id=838):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
mount(0x0, 0x0, 0x0, 0x1000, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x1, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eeb1948bf42bc7fc2cb274849c9524154fa24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a8684853abf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000400000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f500000010000000000944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a808000000000000000562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844892f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b57"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r0}, 0x10)
unshare(0x46060480)
r1 = io_uring_setup(0x7c91, &(0x7f0000000180)={0x0, 0x0, 0x2})
io_uring_setup(0x75e5, &(0x7f00000000c0)={0x0, 0x0, 0x22, 0x0, 0x0, 0x0, r1})

1.969615821s ago: executing program 0 (id=839):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ipvlan1\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c00000010000305000000000000ffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b0001006d616373656300001c000280050007000000000005000a0000000000050009000000000008000500", @ANYRES32=r4], 0x5c}}, 0x0)

1.894293111s ago: executing program 4 (id=840):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x800000, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)

1.893958831s ago: executing program 2 (id=841):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
setns(0xffffffffffffffff, 0x80)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001"], 0x118}}, 0x0)

1.827463782s ago: executing program 0 (id=844):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
syz_clone3(&(0x7f00000008c0)={0x10860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r2], 0x1}, 0x58)
listen(r1, 0x1d)
close(r1)

1.810915291s ago: executing program 3 (id=845):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f00000003c0))

1.634817722s ago: executing program 1 (id=847):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)

1.115254415s ago: executing program 0 (id=848):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x10400, 0x0)
vmsplice(r1, &(0x7f00000013c0)=[{&(0x7f0000000280)='-', 0x1}, {&(0x7f0000000100)="a7", 0x1}, {&(0x7f0000000880)="9f", 0x1}, {&(0x7f0000000300)='b', 0x1}], 0x4, 0x0)
ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000240))
close_range(r1, 0xffffffffffffffff, 0x0)

1.115071795s ago: executing program 1 (id=849):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x9d})
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0))
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)

1.030335336s ago: executing program 2 (id=850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_XDP={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}}, 0x0)

808.281587ms ago: executing program 3 (id=851):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prlimit64(0x0, 0xe, 0x0, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bridge_slave_1\x00', 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010102}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x2, 0xe, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_address={0x3, 0x6, 0x6c}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast2, @in=@private=0xa010100}}]}, 0x80}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

799.125877ms ago: executing program 1 (id=861):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x19, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4000, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000e80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_queued_recursive\x00', 0x26e1, 0x0)

748.318117ms ago: executing program 4 (id=852):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000540)='./file2\x00', 0x200801d, &(0x7f00000000c0), 0xfe, 0x4eb, &(0x7f0000000c40)="$eJzs3d9rHFsdAPDvTLL3Nm2um6si14K12EpStJuksW3woSqIPhXU+l5jsg0hm2xJNm2zFE3xDxBEVPBFn3wR/AMU6ZPPIhT0XVQU0VYffKiO7O5sTONuftD9UZLPB07mnNnZ/Z6TZc7OmTPMBHBqXYyIqYjIsiy7EhHFfH2ap9hppcZ2L54/XmykJLLszt+SSPJ17c96O1+ey992JiK+8sWIryf/H3dzu766UKmUN/LydG0teZll9asrawvL5eXy+tzc7I35m/PX52d60s6JiLj1+T9979s/+cKtX37y4e/v/mXqG60GtuxtRy+1ml5o/i/aRiNiox/BhmS02cKW60OuCwAAB2sc778/Ij4WEVeiGCPNozkAAADgJMk+Mx4vk9b8HwAAAHAypRExHklayq/3HY80LZVa1/B+MM6mlepm7RNZcfd8wUQU0nsrlfJMfu3ARBSSRnk2v8a2Xb62rzwXEe9GxHeLY81yabFaWRrqmQ8AAAA4Pc7tG///s9ga/wMAAAAnzMSwKwAAAAD0nfE/AAAAnHzG/wAAAHCifen27UbK2s+/XnqwvbVafXB1qby5WlrbWiwtVjful5ar1eXmPfvWDvu8SrV6/1OxvvVoulberE1vbtfvrlW31mt3V155BDYAAAAwQO9+9OnvkojY+fRY2l73Vr4sRGQjezceHXj1gD5Kj7PxH/tXD2DwRoZdAWBojn1I/6tf9KciwMAVhl0BYOgO6we6Xrzz697XBQAA6I/JD+/O/zdT7Jn/T4ZaM6Df8vn/xL4Op4/5fzi9zP/B6VU46AjAoABOvPQIu/rrz/9n2bEqBQAA9Nx4MyVpKR8HjEealkoR7zQfC1BI7q1UyjMR8b6I+G2x8HajPNt8Z+L0AAAAAAAAAAAAAAAAAAAAAAAAAAAcUZYlkQEAAAAnWkT65yR//tdk8fL4/vMDbyX/KjaXEfHwh3e+/2ihVtuYbaz/++762g/y9deGcQYDAAAA2K89Tm+P4wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgl148f7zYToOM+9fPRcREp/ijcaa5PBOFiDj7jyRG97wviYiRHsTfeRIR73WKnzSqFRN5LfbHTyNibMjxz/UgPpxmTxv9z2c77X9pXGwuO+9/o3l6Xd37v3S3/xvp0v+9c8QY55/9bLpr/CcR50c79z/t+EmX+JeOGP9rX63Xu72W/ThisuPvT/JKrOna2v3pze361ZW1heXycnl9bm72xvzN+evzM9P3Virl/G/HGN/5yM//c1D7z3aJP3FI+y8fsf3/fvbo+Qda2cK+lwrxoyybutT5+38vIj6UteyN3/7t+3j+O9AoT7bzO638Xhd++psLB7V/qUv7D/v+p47Y/itf/tYfjrgpADAAm9v11YVKpbwhI9O3zFgMMOhCvAlNrq8ufDPfx96Ir+DYmSF3TAAAQM/976A/n0AAAAAAAAAAAAAAAAAAAAAABu6w24BFD24ntj/mznCaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwoP8GAAD//4dq3u8=")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x45e, &(0x7f00000009c0)="$eJzs289vFFUcAPDvTLtF+dWK+ANErRJj44+WFlQOXjSaeMBIogc81m0hhIUaWhMhRKoxeDExJHo2Hk38C7x5IerJxKveDQlRLqCnmpmdLbvb3bbAdhfYzycZ+t68N8z7dubNvJk3DaBvjWb/JBFbI+KPiBiuZhsrjFZ/XL96rvzv1XPlJJaW3v07yetdu3quXKta225LkRlLI9LPk2InjebPnD0xXanMni7yEwsnP5yYP3P2xUsnp4/NHps9NXXw4IH9k6+8PPVSR+LM4rq2+5O5Pbveev/i2+UjFz/45YesvVuL8sNxI45OGc0C/2cp11z2TKd31mPb6tLJYH3J9u43hnUbiIjscJXy/j8cA3Hj4A3Hm5/1tHHAhsruTZvaFy8uAfewJHrdAqA3ajf67Dm+tnRp6HFHuPJa9QEoi/t6sVRLBiMt6pSanm87aTQijiz+9222RNP7FACAjfBl+ZtD8UKr8V8aD9fV217MoYxExAMRsSMiHoyInRHxUERe95GIePQm9988NbRy/JNevqXA1ikb/71azG01jv9qo78YGShy2/L4S8nR45XZfcXvZCxKm7L85Cr7+OmN379qV1Y//suWbP+1sWDRjsuDTS/oZqYXpvNBaQdc+TRi92Cr+JPlmYAkInZFxO6GLddswPLEz/Hnvt/TrtLa8a9icF21VrX0XcSz1eO/GE3x1yT185PHV8xPTtwXldl9E7WzYqVff7tweOXaueWjesvxd0B2/Dc3nv/NVUaS+vna+Zvfx4U/v2j7THOr5/9Q8l5+PRoq1n08vbBwejJiKDmU5xvWT93YtpbPfpaK+Mf2tu7/O4ptsvgfi4jsJH48Ip6IiCeLtj8VEU9HxN5V4v/59fZlt3X+d0AW/0zL69/y+d90/G8+MXDi0o/t9r++438gT40Va/Lr3xrW28Db+d0BAADA3SLNv4FP0vHldJqOj1e/4d8Zm9PK3PzC80fnPjo1U/1WfiRKae1N13Dd+9DJZLH4H6v5qeJdca18f/He+OuB+/P8eHmuMtPj2KHfbWnT/zN/DfS6dcCGazWPNjXUg4YAXdfc/9PG7Pl3utkYoKs68B0NcJdao/+n3WoH0H3u/9C/WvX/8015cwFwb3L/h/6l/0P/0v+hf+n/0Jdu5+/6Jfo5Eekd0QyJDUr0+soEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGf8HAAD//yzS7W0=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x20000000000000}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)

747.646827ms ago: executing program 0 (id=863):
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, 0x0)
syz_emit_ethernet(0xe6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x4)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x1, 0x1}, 0x0)

569.313328ms ago: executing program 0 (id=853):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc644240945fc5df846ba39e38efc8aec53ef3336edc8b34345245ccb129039638ada63a724ef5a396879010187d3ce7b84dd94f77100f4f8c17cd3fa7c86bfd86df0591ab397de730befc33843cfd1c85cb8b50e796f64b76d3e3cb2c6f9d7b6822e32be3d26250d6", 0x81}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000000340)={<r4=>0xffffffffffffffff})
vmsplice(r4, 0x0, 0x0, 0xa)

200.60024ms ago: executing program 1 (id=854):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r3, &(0x7f0000004740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

118.38714ms ago: executing program 2 (id=855):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xf3a, 0x6)
syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)

58.50297ms ago: executing program 1 (id=856):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000000c0)='./file1\x00', 0x88, &(0x7f0000000580)=ANY=[@ANYBLOB="73686f77657865632c6e6f646f74732c7379735f696d6d757461626c652c646f74732c6e66732c6e6f646f74732c6e6f646f74732c64656275672c646f74732c756d61736b3d30303030303030303030303030303030303030303230302c00c4cd878e2e225ee8a12ec0f0234a613f191236529e2eb19792d74d539f7b74148c4cd01ca5836451894237f5161f323e3dff6322349bb51c07b887571b07ed2b9f7e59a22824b104346da8", @ANYRESOCT], 0x1, 0x1ff, &(0x7f00000002c0)="$eJzs3MtqU1scBvB12p5ecuhldEAnLnSik02tTxCkBTGg1EbUgbBLUw2JSckOmoiDjh35HMWhM0F8gb6FsyJIRx0ZaZNerTqxjZLfD8L6wkdgLULCfweytx68eVZZzZLVtBmGxmMYCmE97IQws5t6/umtQ3t5NBy1Hq7NPt9+fe/ho9v5QmF+McaF/NKNuRjj1KUPL169vfyx+d/9d1Pvx8LmzOOtL3OfNv/fvLD1delpOYvlLNbqzZjG5Xq9mS5XS3GlnFWSGO9WS2lWiuVaVmoc61er9bW1dkxrK5O5tUYpy2Jaa8dKqR2b9dhstGP6JC3XYpIkcTIX+JXixuJimu/3LjhbjUY+HQ4hTHzXFDf6siEAoK/M/4PM/D8Iduf/XO/ze5z5HwAAAAAAAAAAAAAA/gY7nc50p9OZ3l/3H2MhhPEQwv7zfu+Ts+H9H2xH/rg3HsLn9VaxVeyu3X7hVmF+Nu6ZOXzVdqtVHD7or3f7eLz/N+R6/dyp/Wi4eqXb73Y37xRO9BNh5eyPDwAAAAMhiQdOvb5Pkh/13XTk94ET1+8j4eLIuR0DAAAA+Ims/bKSVqulhiAIwkHo9zcTAADwux0O/f3eCQAAAAAAAAAAAAAAAAAAAAyu87idWL/PCAAAAAAAAAAAAAAAAAAAAAAAAH+KbwEAAP//VuHQrA==")
rename(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_opts(r2, 0x29, 0x35, &(0x7f0000000140)=@routing={0x29, 0x0, 0x1, 0x9}, 0x8)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffdfd)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)

58.34987ms ago: executing program 3 (id=857):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
fdatasync(0xffffffffffffffff)
r1 = syz_open_dev$loop(&(0x7f0000000340), 0x3, 0x800)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c000000020601040000000000000000000000000500040000000000070001000600000016000300686173683a6e65742c706f72742c6e657400000005000500020000000c000780050015000f0000000900020073797a31"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000b060101000000000000000000000000100007800c00098008000140e000000205000100070000000900020073797a31"], 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
modify_ldt$read(0x0, 0x0, 0x0)

37.49105ms ago: executing program 4 (id=858):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f0000000380)="13", 0x1}], 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000040)=ANY=[], 0xff2e)
ioctl$TCXONC(r2, 0x540a, 0x2)

13.54796ms ago: executing program 1 (id=859):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1008002, &(0x7f0000000800), 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
creat(&(0x7f0000000240)='./bus\x00', 0x124)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
dup2(r2, r2)

0s ago: executing program 3 (id=860):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r2 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x30000009})
epoll_pwait2(r3, &(0x7f0000000380)=[{}], 0x1, 0x0, 0x0, 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
writev(r4, &(0x7f0000000280)=[{&(0x7f0000000300)="e7", 0x1}], 0x1)

kernel console output (not intermixed with test programs):

aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.572825][ T3459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'.
[   32.582623][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.591480][ T3459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'.
[   32.613521][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.623910][ T3318] veth0_macvtap: entered promiscuous mode
[   32.637679][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.648264][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.658333][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.668819][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.679656][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.687956][ T3324] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.696827][ T3324] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.706047][ T3324] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.714881][ T3324] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.735200][ T3318] veth1_macvtap: entered promiscuous mode
[   32.743467][ T3465] netlink: 'syz.3.7': attribute type 10 has an invalid length.
[   32.761837][ T3329] veth0_macvtap: entered promiscuous mode
[   32.769760][ T3465] batman_adv: batadv0: Adding interface: team0
[   32.776016][ T3465] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.801290][ T3465] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   32.811614][ T3468] netlink: 'syz.3.7': attribute type 10 has an invalid length.
[   32.814400][ T3329] veth1_macvtap: entered promiscuous mode
[   32.819287][ T3468] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7'.
[   32.828943][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.844197][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.854392][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.864969][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.874853][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.885613][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.896227][   T29] kauditd_printk_skb: 50 callbacks suppressed
[   32.896243][   T29] audit: type=1400 audit(1732316691.034:142): avc:  denied  { create } for  pid=3466 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   32.897022][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.902360][   T29] audit: type=1400 audit(1732316691.034:143): avc:  denied  { setopt } for  pid=3466 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   32.949455][   T29] audit: type=1400 audit(1732316691.034:144): avc:  denied  { create } for  pid=3466 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   32.966273][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.968772][   T29] audit: type=1400 audit(1732316691.034:145): avc:  denied  { setopt } for  pid=3466 comm="syz.1.8" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   32.979173][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.999059][   T29] audit: type=1400 audit(1732316691.034:146): avc:  denied  { connect } for  pid=3466 comm="syz.1.8" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   33.008853][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.039424][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.049307][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.059834][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.069820][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.080261][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.090976][ T3329] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.098408][ T3468] team0: entered promiscuous mode
[   33.103455][ T3468] team_slave_0: entered promiscuous mode
[   33.109195][ T3468] team_slave_1: entered promiscuous mode
[   33.117501][ T3468] 8021q: adding VLAN 0 to HW filter on device team0
[   33.124511][ T3468] batman_adv: batadv0: Interface activated: team0
[   33.131329][ T3468] batman_adv: batadv0: Interface deactivated: team0
[   33.138161][ T3468] batman_adv: batadv0: Removing interface: team0
[   33.148422][ T3468] bridge0: port 3(team0) entered blocking state
[   33.153109][ T3472] loop1: detected capacity change from 0 to 512
[   33.154722][ T3468] bridge0: port 3(team0) entered disabled state
[   33.161360][ T3472] EXT4-fs: Ignoring removed oldalloc option
[   33.169060][ T3468] team0: entered allmulticast mode
[   33.178556][ T3468] team_slave_0: entered allmulticast mode
[   33.181960][ T3472] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   33.184506][ T3468] team_slave_1: entered allmulticast mode
[   33.197518][ T3472] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   33.205676][ T3468] bridge0: port 3(team0) entered blocking state
[   33.219322][ T3468] bridge0: port 3(team0) entered forwarding state
[   33.229134][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.239644][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.249547][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.260034][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.269895][ T3318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.280462][ T3318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.291752][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.299972][ T3468] syz.3.7 (3468) used greatest stack depth: 10672 bytes left
[   33.300379][ T3318] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.308370][ T3472] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   33.316142][ T3318] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.316262][ T3318] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.331050][ T3472] EXT4-fs (loop1): 1 truncate cleaned up
[   33.337971][ T3318] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.348499][ T3472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.377369][   T29] audit: type=1400 audit(1732316691.544:147): avc:  denied  { mount } for  pid=3471 comm="syz.1.10" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   33.412584][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.423190][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.433067][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.443557][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.453486][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.463942][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.473774][ T3329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.484358][ T3329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.494887][ T3329] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.507346][ T3476] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   33.521426][   T29] audit: type=1400 audit(1732316691.694:148): avc:  denied  { ioctl } for  pid=3475 comm="syz.3.11" path="socket:[3702]" dev="sockfs" ino=3702 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   33.547285][ T3329] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.556312][ T3329] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.565160][ T3329] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.573921][ T3329] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.585130][   T29] audit: type=1400 audit(1732316691.694:149): avc:  denied  { setattr } for  pid=3471 comm="syz.1.10" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   33.649810][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.655124][   T29] audit: type=1326 audit(1732316691.814:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3480 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4b9d1e819 code=0x7ffc0000
[   33.681974][   T29] audit: type=1400 audit(1732316691.814:151): avc:  denied  { read } for  pid=3481 comm="syz.3.12" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   33.770347][ T3483] bond_slave_1: mtu less than device minimum
[   33.792820][ T3489] syzkaller0: entered allmulticast mode
[   33.831700][ T3489] syzkaller0 (unregistering): left allmulticast mode
[   33.879896][ T3500] vlan2: entered promiscuous mode
[   33.885023][ T3500] syz_tun: entered promiscuous mode
[   33.890363][ T3500] vlan2: entered allmulticast mode
[   33.895609][ T3500] syz_tun: entered allmulticast mode
[   33.904269][ T3500] team0: Device vlan2 is up. Set it down before adding it as a team port
[   33.919212][ T3500] syz_tun: left allmulticast mode
[   33.924392][ T3500] syz_tun: left promiscuous mode
[   33.972019][ T3507] loop1: detected capacity change from 0 to 512
[   34.059753][ T3514] netlink: 48 bytes leftover after parsing attributes in process `syz.2.24'.
[   34.070370][ T3507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.084723][ T3507] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.138827][ T3520] loop4: detected capacity change from 0 to 128
[   34.161522][ T3522] syz.0.27 (3522) used greatest stack depth: 9928 bytes left
[   34.205624][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.221869][ T3520] syz.4.26: attempt to access beyond end of device
[   34.221869][ T3520] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[   34.283701][ T3520] syz.4.26: attempt to access beyond end of device
[   34.283701][ T3520] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[   34.307408][ T3530] loop2: detected capacity change from 0 to 512
[   34.315705][ T3520] syz.4.26: attempt to access beyond end of device
[   34.315705][ T3520] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   34.329142][ T3530] =======================================================
[   34.329142][ T3530] WARNING: The mand mount option has been deprecated and
[   34.329142][ T3530]          and is ignored by this kernel. Remove the mand
[   34.329142][ T3530]          option from the mount to silence this warning.
[   34.329142][ T3530] =======================================================
[   34.376593][ T3520] syz.4.26: attempt to access beyond end of device
[   34.376593][ T3520] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   34.391877][ T3520] syz.4.26: attempt to access beyond end of device
[   34.391877][ T3520] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   34.410749][ T3520] syz.4.26: attempt to access beyond end of device
[   34.410749][ T3520] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   34.461691][ T3530] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   34.469807][ T3530] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   34.479090][ T3530] System zones: 0-1, 15-15, 18-18, 34-34
[   34.484941][ T3530] EXT4-fs (loop2): orphan cleanup on readonly fs
[   34.491464][ T3530] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   34.506063][ T3530] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   34.533275][ T3530] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.31: bad orphan inode 16
[   34.556053][ T3530] ext4_test_bit(bit=15, block=18) = 1
[   34.561490][ T3530] is_bad_inode(inode)=0
[   34.565693][ T3530] NEXT_ORPHAN(inode)=0
[   34.569838][ T3530] max_ino=32
[   34.573041][ T3530] i_nlink=2
[   34.579494][ T3530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   34.594545][ T3538] loop0: detected capacity change from 0 to 128
[   34.633459][ T3543] loop1: detected capacity change from 0 to 512
[   34.647556][ T3538] syz.0.35: attempt to access beyond end of device
[   34.647556][ T3538] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[   34.671893][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.699858][ T3543] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.712678][ T3543] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.793753][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.011653][ T3571] pim6reg1: entered promiscuous mode
[   35.017334][ T3571] pim6reg1: entered allmulticast mode
[   35.074355][ T3575] loop3: detected capacity change from 0 to 128
[   35.081015][ T3575] EXT4-fs: Ignoring removed nobh option
[   35.095083][ T3575] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   35.107799][ T3575] ext4 filesystem being mounted at /6/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   35.138197][ T3320] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   35.187266][ T3580] loop3: detected capacity change from 0 to 2048
[   35.227671][ T3580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.229338][ T3588] loop4: detected capacity change from 0 to 128
[   35.248187][ T3580] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   35.263275][ T3580] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 2 with error 28
[   35.275713][ T3580] EXT4-fs (loop3): This should not happen!! Data will be lost
[   35.275713][ T3580] 
[   35.285476][ T3580] EXT4-fs (loop3): Total free blocks count 0
[   35.291526][ T3580] EXT4-fs (loop3): Free/Dirty block details
[   35.294000][ T3588] syz.4.52: attempt to access beyond end of device
[   35.294000][ T3588] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[   35.297473][ T3580] EXT4-fs (loop3): free_blocks=2415919104
[   35.316766][ T3580] EXT4-fs (loop3): dirty_blocks=32
[   35.321943][ T3580] EXT4-fs (loop3): Block reservation details
[   35.325585][ T3588] syz.4.52: attempt to access beyond end of device
[   35.325585][ T3588] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[   35.327959][ T3580] EXT4-fs (loop3): i_reserved_data_blocks=2
[   35.345340][ T3587] syz.4.52: attempt to access beyond end of device
[   35.345340][ T3587] loop4: rw=524288, sector=145, nr_sectors = 32 limit=128
[   35.561678][ T3580] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   35.613579][ T3610] syz.1.59[3610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.613654][ T3610] syz.1.59[3610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.628620][ T3610] syz.1.59[3610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.656503][ T3614] loop4: detected capacity change from 0 to 512
[   35.676432][ T3614] EXT4-fs: Ignoring removed oldalloc option
[   35.683101][ T3614] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   35.694432][ T3614] EXT4-fs (loop4): 1 truncate cleaned up
[   35.701340][ T3614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.719315][ T3580] syz.3.49 (3580) used greatest stack depth: 9784 bytes left
[   35.770408][ T3617] mmap: syz.2.63 (3617): VmData 29036544 exceed data ulimit 3626. Update limits or use boot option ignore_rlimit_data.
[   35.896498][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.072167][ T3636] loop3: detected capacity change from 0 to 1024
[   36.101983][ T3620] loop0: detected capacity change from 0 to 8192
[   36.108743][ T3620] vfat: Unknown parameter ''
[   36.167898][ T3636] EXT4-fs: Ignoring removed orlov option
[   36.173615][ T3636] EXT4-fs: Ignoring removed nomblk_io_submit option
[   36.221086][ T3642] tipc: Started in network mode
[   36.226236][ T3642] tipc: Node identity a68bea17f551, cluster identity 4711
[   36.233810][ T3642] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[   36.235205][ T3636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.241701][ T3642] ªªªªªª: renamed from syzkaller0
[   36.266406][ T3642] tipc: Disabling bearer <eth:syzkaller0>
[   36.413543][ T3650] Zero length message leads to an empty skb
[   36.493602][ T3650] loop1: detected capacity change from 0 to 1024
[   36.559034][ T3650] EXT4-fs: Ignoring removed nomblk_io_submit option
[   36.600837][ T3650] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   36.667617][ T3650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.770352][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.783671][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.808900][ T3661] ALSA: seq fatal error: cannot create timer (-22)
[   36.816211][ T3661] ALSA: seq fatal error: cannot create timer (-22)
[   36.939695][ T3669] loop3: detected capacity change from 0 to 128
[   36.973265][ T3667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.027031][ T3667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.047443][ T3673] netlink: 'syz.4.83': attribute type 1 has an invalid length.
[   37.055127][ T3673] netlink: 15999 bytes leftover after parsing attributes in process `syz.4.83'.
[   37.560713][ T3709] dvmrp15: entered allmulticast mode
[   37.608360][ T3711] loop4: detected capacity change from 0 to 1024
[   37.638584][ T3711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.362701][ T3740] serio: Serial port ptm0
[   38.408124][ T3745] ALSA: seq fatal error: cannot create timer (-22)
[   38.423551][   T29] kauditd_printk_skb: 211 callbacks suppressed
[   38.423568][   T29] audit: type=1400 audit(1732316696.584:362): avc:  denied  { write } for  pid=3746 comm="syz.3.111" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   38.489994][   T29] audit: type=1400 audit(1732316696.604:363): avc:  denied  { open } for  pid=3746 comm="syz.3.111" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   38.514039][   T29] audit: type=1400 audit(1732316696.624:364): avc:  denied  { read } for  pid=3746 comm="syz.3.111" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   38.594765][ T3758] netlink: 'syz.3.115': attribute type 10 has an invalid length.
[   38.607031][   T29] audit: type=1326 audit(1732316696.704:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.630095][   T29] audit: type=1326 audit(1732316696.704:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.653114][   T29] audit: type=1326 audit(1732316696.704:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.676063][   T29] audit: type=1326 audit(1732316696.704:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.699164][   T29] audit: type=1326 audit(1732316696.704:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.721950][   T29] audit: type=1326 audit(1732316696.704:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.745107][   T29] audit: type=1326 audit(1732316696.704:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3751 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   38.774340][ T3758] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.808770][ T3758] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   38.818593][ T3760] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.114'.
[   38.829100][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.830817][ T3756] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.114'.
[   39.275150][ T3782] TCP: out of memory -- consider tuning tcp_mem
[   39.332125][ T3787] loop2: detected capacity change from 0 to 1024
[   39.359640][ T3787] EXT4-fs: Ignoring removed orlov option
[   39.365421][ T3787] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.448124][ T3787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.611435][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.927865][ T3830] loop2: detected capacity change from 0 to 512
[   40.004963][ T3830] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.138019][ T3850] tipc: Started in network mode
[   40.142969][ T3850] tipc: Node identity 6e85475c87f3, cluster identity 4711
[   40.150217][ T3850] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[   40.189078][ T3853] ªªªªªª: renamed from syzkaller0
[   40.198908][ T3853] tipc: Disabling bearer <eth:syzkaller0>
[   40.230999][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.296202][ T3860] loop2: detected capacity change from 0 to 128
[   40.328197][ T3860] EXT4-fs: Mount option(s) incompatible with ext2
[   40.341043][ T3860] loop2: detected capacity change from 0 to 128
[   40.355420][ T3862] loop3: detected capacity change from 0 to 512
[   40.369379][ T3860] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   40.386472][ T3862] EXT4-fs: Ignoring removed nobh option
[   40.412581][ T3860] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.486191][ T3862] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.505076][ T3862] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.605701][ T3320] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   40.632088][ T3324] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.736132][ T3879] loop0: detected capacity change from 0 to 512
[   40.753569][ T3879] EXT4-fs: Ignoring removed bh option
[   40.784464][ T3879] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   40.820450][ T3879] EXT4-fs (loop0): 1 truncate cleaned up
[   40.831077][ T3879] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.954761][ T3892] syzkaller0: entered promiscuous mode
[   40.960369][ T3892] syzkaller0: entered allmulticast mode
[   41.032654][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.143429][ T3915] loop1: detected capacity change from 0 to 512
[   41.156593][ T3915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.166606][ T3915] EXT4-fs (loop1): orphan cleanup on readonly fs
[   41.179646][ T3915] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.160: bg 0: block 248: padding at end of block bitmap is not set
[   41.195743][ T3915] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.160: Failed to acquire dquot type 1
[   41.207541][ T3915] EXT4-fs (loop1): 1 truncate cleaned up
[   41.213809][ T3915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.256953][ T3915] syz.1.160 (3915) used greatest stack depth: 9296 bytes left
[   41.264864][ T3920] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.272087][ T3920] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.295892][ T3920] bridge0: entered allmulticast mode
[   41.308196][ T3920] bridge_slave_1: left allmulticast mode
[   41.311142][ T3925] 9pnet_fd: Insufficient options for proto=fd
[   41.313869][ T3920] bridge_slave_1: left promiscuous mode
[   41.323641][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.325612][ T3920] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.340529][ T3926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.163'.
[   41.371035][ T3920] bridge_slave_0: left allmulticast mode
[   41.376776][ T3920] bridge_slave_0: left promiscuous mode
[   41.382589][ T3920] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.440246][ T3929] team1: Mode "" not found
[   41.486187][ T3932] loop0: detected capacity change from 0 to 1024
[   41.497743][ T3932] EXT4-fs: Ignoring removed orlov option
[   41.503580][ T3932] EXT4-fs: Ignoring removed nomblk_io_submit option
[   41.570480][ T3932] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.667193][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.670252][ T3943] loop2: detected capacity change from 0 to 2048
[   41.699909][ T3943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.719275][ T3949] loop0: detected capacity change from 0 to 512
[   41.757259][ T3949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.790320][ T3949] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.857804][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.954946][ T3955] netlink: 2048 bytes leftover after parsing attributes in process `syz.0.172'.
[   41.964137][ T3955] netlink: 24 bytes leftover after parsing attributes in process `syz.0.172'.
[   41.999368][ T3952] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   42.018729][ T3952] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   42.031146][ T3952] EXT4-fs (loop2): This should not happen!! Data will be lost
[   42.031146][ T3952] 
[   42.040893][ T3952] EXT4-fs (loop2): Total free blocks count 0
[   42.047126][ T3952] EXT4-fs (loop2): Free/Dirty block details
[   42.053134][ T3952] EXT4-fs (loop2): free_blocks=2415919104
[   42.058920][ T3952] EXT4-fs (loop2): dirty_blocks=8224
[   42.064238][ T3952] EXT4-fs (loop2): Block reservation details
[   42.070369][ T3952] EXT4-fs (loop2): i_reserved_data_blocks=514
[   42.110480][   T11] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   42.161925][ T3957] loop4: detected capacity change from 0 to 1024
[   42.171432][ T3957] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.313312][ T3957] mmap: syz.4.174 (3957) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   42.383906][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.452766][ T3977] syzkaller0: entered promiscuous mode
[   42.458362][ T3977] syzkaller0: entered allmulticast mode
[   42.570774][ T3982] loop4: detected capacity change from 0 to 2048
[   42.599890][ T3982] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.773164][ T3991] loop3: detected capacity change from 0 to 128
[   42.803950][ T3989] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   42.875637][ T3989] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   42.888276][ T3989] EXT4-fs (loop4): This should not happen!! Data will be lost
[   42.888276][ T3989] 
[   42.898733][ T3989] EXT4-fs (loop4): Total free blocks count 0
[   42.904754][ T3989] EXT4-fs (loop4): Free/Dirty block details
[   42.909953][ T3999] loop0: detected capacity change from 0 to 512
[   42.910813][ T3989] EXT4-fs (loop4): free_blocks=2415919104
[   42.910832][ T3989] EXT4-fs (loop4): dirty_blocks=8224
[   42.928338][ T3989] EXT4-fs (loop4): Block reservation details
[   42.934337][ T3989] EXT4-fs (loop4): i_reserved_data_blocks=514
[   42.956786][ T3999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.978995][ T3999] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.979702][ T4004] syz.3.191[4004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.989577][ T4004] syz.3.191[4004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.001059][ T4004] syz.3.191[4004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.029163][   T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   43.074369][ T4006] serio: Serial port pts0
[   43.085622][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.396759][ T4034] futex_wake_op: syz.0.203 tries to shift op by 35; fix this program
[   43.461470][ T4039] loop3: detected capacity change from 0 to 128
[   43.479679][   T29] kauditd_printk_skb: 149 callbacks suppressed
[   43.479693][   T29] audit: type=1400 audit(1732316702.645:519): avc:  denied  { write } for  pid=4035 comm="syz.2.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.512420][   T29] audit: type=1400 audit(1732316702.675:520): avc:  denied  { read } for  pid=4038 comm="syz.0.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   43.519973][ T4039] bio_check_eod: 5 callbacks suppressed
[   43.519993][ T4039] syz.3.215: attempt to access beyond end of device
[   43.519993][ T4039] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   43.582837][ T4039] syz.3.215: attempt to access beyond end of device
[   43.582837][ T4039] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   43.599608][ T4048] syz.4.209[4048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.599765][ T4048] syz.4.209[4048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.612475][ T4039] syz.3.215: attempt to access beyond end of device
[   43.612475][ T4039] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   43.632140][ T4048] syz.4.209[4048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.649130][ T4039] syz.3.215: attempt to access beyond end of device
[   43.649130][ T4039] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   43.674094][ T4039] syz.3.215: attempt to access beyond end of device
[   43.674094][ T4039] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   43.687220][ T4039] syz.3.215: attempt to access beyond end of device
[   43.687220][ T4039] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   43.736525][ T4052] loop2: detected capacity change from 0 to 512
[   43.787951][ T4052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.832119][ T4052] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.834497][ T4063] loop0: detected capacity change from 0 to 2048
[   43.867705][ T4067] loop3: detected capacity change from 0 to 512
[   43.885688][ T4063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.901022][ T4067] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.918736][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.943186][ T4067] EXT4-fs (loop3): orphan cleanup on readonly fs
[   43.977474][ T4071] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.984725][ T4071] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.000542][ T4071] bridge0: entered allmulticast mode
[   44.011329][ T4071] bridge_slave_1: left allmulticast mode
[   44.017079][ T4071] bridge_slave_1: left promiscuous mode
[   44.022876][ T4071] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.031935][ T4071] bridge_slave_0: left allmulticast mode
[   44.037657][ T4071] bridge_slave_0: left promiscuous mode
[   44.043414][ T4071] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.056379][ T4067] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.216: bg 0: block 248: padding at end of block bitmap is not set
[   44.072056][ T4067] Quota error (device loop3): write_blk: dquota write failed
[   44.079561][ T4067] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   44.089727][ T4067] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.216: Failed to acquire dquot type 1
[   44.098184][ T4074] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   44.105585][ T4067] EXT4-fs (loop3): 1 truncate cleaned up
[   44.123098][ T4067] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.134844][ T4074] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   44.144432][ T4075] serio: Serial port pts0
[   44.147790][ T4074] EXT4-fs (loop0): This should not happen!! Data will be lost
[   44.147790][ T4074] 
[   44.161891][ T4074] EXT4-fs (loop0): Total free blocks count 0
[   44.167932][ T4074] EXT4-fs (loop0): Free/Dirty block details
[   44.173892][ T4074] EXT4-fs (loop0): free_blocks=2415919104
[   44.179658][ T4074] EXT4-fs (loop0): dirty_blocks=8224
[   44.185194][ T4074] EXT4-fs (loop0): Block reservation details
[   44.191260][ T4074] EXT4-fs (loop0): i_reserved_data_blocks=514
[   44.210337][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.249842][ T2284] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   44.266913][   T29] audit: type=1326 audit(1732316703.435:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   44.291569][ T4084] loop4: detected capacity change from 0 to 1024
[   44.298750][ T4084] EXT4-fs: Ignoring removed orlov option
[   44.304442][ T4084] EXT4-fs: Ignoring removed nomblk_io_submit option
[   44.330738][   T29] audit: type=1326 audit(1732316703.435:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   44.354031][   T29] audit: type=1326 audit(1732316703.435:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8aca33e853 code=0x7ffc0000
[   44.377120][   T29] audit: type=1326 audit(1732316703.435:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8aca33d2ff code=0x7ffc0000
[   44.400225][   T29] audit: type=1326 audit(1732316703.435:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f8aca33e8a7 code=0x7ffc0000
[   44.423412][   T29] audit: type=1326 audit(1732316703.465:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4083 comm="syz.4.223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8aca33d1b0 code=0x7ffc0000
[   44.449689][ T4084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.505328][ T4094] loop1: detected capacity change from 0 to 128
[   44.520393][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.537637][ T4094] syz.1.225: attempt to access beyond end of device
[   44.537637][ T4094] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[   44.565739][ T4094] syz.1.225: attempt to access beyond end of device
[   44.565739][ T4094] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[   44.583017][ T4094] syz.1.225: attempt to access beyond end of device
[   44.583017][ T4094] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[   44.596526][ T4094] syz.1.225: attempt to access beyond end of device
[   44.596526][ T4094] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[   44.648117][ T4106] loop1: detected capacity change from 0 to 512
[   44.667167][ T4106] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.680931][ T4106] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   44.725543][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.793581][ T4114] loop1: detected capacity change from 0 to 2048
[   44.821064][ T4114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.011764][ T4128] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   45.029416][ T4128] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   45.041772][ T4128] EXT4-fs (loop1): This should not happen!! Data will be lost
[   45.041772][ T4128] 
[   45.051487][ T4128] EXT4-fs (loop1): Total free blocks count 0
[   45.057619][ T4128] EXT4-fs (loop1): Free/Dirty block details
[   45.063673][ T4128] EXT4-fs (loop1): free_blocks=2415919104
[   45.069608][ T4128] EXT4-fs (loop1): dirty_blocks=8224
[   45.074972][ T4128] EXT4-fs (loop1): Block reservation details
[   45.081043][ T4128] EXT4-fs (loop1): i_reserved_data_blocks=514
[   45.172738][   T11] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   45.187116][ T4154] bridge0: port 3(team0) entered disabled state
[   45.193827][ T4154] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.201620][ T4154] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.209159][ T4154] bridge0: entered allmulticast mode
[   45.219218][ T4154] team0: left allmulticast mode
[   45.224138][ T4154] team_slave_0: left allmulticast mode
[   45.229915][ T4154] team_slave_1: left allmulticast mode
[   45.235637][ T4154] bridge0: port 3(team0) entered disabled state
[   45.245638][ T4154] bridge_slave_1: left allmulticast mode
[   45.251404][ T4154] bridge_slave_1: left promiscuous mode
[   45.257232][ T4154] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.267920][ T4154] bridge_slave_0: left allmulticast mode
[   45.273633][ T4154] bridge_slave_0: left promiscuous mode
[   45.279645][ T4154] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.320851][ T4160] serio: Serial port pts0
[   45.447940][ T4175] ------------[ cut here ]------------
[   45.453570][ T4175] refcount_t: underflow; use-after-free.
[   45.459702][ T4175] WARNING: CPU: 1 PID: 4175 at lib/refcount.c:28 refcount_warn_saturate+0x1c6/0x230
[   45.464648][ T4177] netlink: 4 bytes leftover after parsing attributes in process `syz.3.243'.
[   45.469302][ T4175] Modules linked in:
[   45.469330][ T4175] CPU: 1 UID: 0 PID: 4175 Comm: syz.2.245 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   45.492509][ T4175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   45.502683][ T4175] RIP: 0010:refcount_warn_saturate+0x1c6/0x230
[   45.509104][ T4175] Code: 72 ff ff ff e8 3b 5c 70 ff 48 c7 c7 e9 37 b3 86 e8 4f a6 89 ff c6 05 41 22 f3 04 01 90 48 c7 c7 7b 34 1c 86 e8 8b f5 51 ff 90 <0f> 0b 90 90 e9 43 ff ff ff e8 0c 5c 70 ff 48 c7 c7 e6 37 b3 86 e8
[   45.528977][ T4175] RSP: 0018:ffffc90011767cd8 EFLAGS: 00010246
[   45.535172][ T4175] RAX: d4e2f2afa7eb7e00 RBX: ffff8881049c47e4 RCX: 0000000000080000
[   45.543872][ T4175] RDX: ffffc90002f0d000 RSI: 0000000000001833 RDI: 0000000000001834
[   45.552115][ T4175] RBP: 0000000000000003 R08: ffffffff81120ca7 R09: 0000000000000000
[   45.560240][ T4175] R10: 0001ffffffffffff R11: ffff888104954200 R12: ffff888117f5d868
[   45.568298][ T4175] R13: ffff888117f5d818 R14: ffff8881049c47e4 R15: 0000000000000000
[   45.576313][ T4175] FS:  00007fc4b83976c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
[   45.585468][ T4175] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   45.592166][ T4175] CR2: 00007f57e0ceef98 CR3: 000000011816a000 CR4: 00000000003506f0
[   45.600181][ T4175] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   45.608205][ T4175] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   45.616422][ T4175] Call Trace:
[   45.619731][ T4175]  <TASK>
[   45.622672][ T4175]  ? __warn+0x141/0x350
[   45.626861][ T4175]  ? report_bug+0x315/0x420
[   45.631443][ T4175]  ? refcount_warn_saturate+0x1c6/0x230
[   45.637099][ T4175]  ? handle_bug+0x60/0x90
[   45.641491][ T4175]  ? exc_invalid_op+0x1a/0x50
[   45.646398][ T4175]  ? asm_exc_invalid_op+0x1a/0x20
[   45.651667][ T4175]  ? __warn_printk+0x167/0x1b0
[   45.656576][ T4175]  ? refcount_warn_saturate+0x1c6/0x230
[   45.662297][ T4175]  ? refcount_warn_saturate+0x1c5/0x230
[   45.667933][ T4175]  sk_skb_reason_drop+0xe9/0x290
[   45.672928][ T4175]  j1939_session_put+0x157/0x2a0
[   45.677974][ T4175]  j1939_sk_release+0x278/0x4f0
[   45.682918][ T4175]  ? __pfx_autoremove_wake_function+0x10/0x10
[   45.689369][ T4175]  sock_close+0x68/0x150
[   45.693692][ T4175]  ? __pfx_sock_close+0x10/0x10
[   45.698819][ T4175]  __fput+0x17a/0x6d0
[   45.702845][ T4175]  ____fput+0x1c/0x30
[   45.706952][ T4175]  task_work_run+0x13a/0x1a0
[   45.711637][ T4175]  syscall_exit_to_user_mode+0xa8/0x120
[   45.717498][ T4175]  do_syscall_64+0xd6/0x1c0
[   45.722060][ T4175]  ? clear_bhb_loop+0x55/0xb0
[   45.726884][ T4175]  ? clear_bhb_loop+0x55/0xb0
[   45.731595][ T4175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.737695][ T4175] RIP: 0033:0x7fc4b9d1e819
[   45.742136][ T4175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.762315][ T4175] RSP: 002b:00007fc4b8397038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   45.770780][ T4175] RAX: 0000000000000000 RBX: 00007fc4b9ed5fa0 RCX: 00007fc4b9d1e819
[   45.778870][ T4175] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000004
[   45.786973][ T4175] RBP: 00007fc4b9d9175e R08: 0000000000000000 R09: 0000000000000000
[   45.795112][ T4175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   45.803220][ T4175] R13: 0000000000000000 R14: 00007fc4b9ed5fa0 R15: 00007ffd141c6ce8
[   45.811248][ T4175]  </TASK>
[   45.814280][ T4175] ---[ end trace 0000000000000000 ]---
[   45.914695][ T4182] syzkaller0: entered promiscuous mode
[   45.920265][ T4182] syzkaller0: entered allmulticast mode
[   46.429178][ T4223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.249'.
[   46.458700][ T4223] team1: Mode "" not found
[   46.553605][ T4234] loop4: detected capacity change from 0 to 2048
[   46.576469][ T4236] syzkaller0: entered allmulticast mode
[   46.592972][ T4236] syzkaller0 (unregistering): left allmulticast mode
[   46.600223][ T4234]  loop4: p1 < > p4
[   46.605742][ T4234] loop4: p4 size 8388608 extends beyond EOD, truncated
[   46.615549][ T4242] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'.
[   46.651579][ T4240] vlan2: entered allmulticast mode
[   46.655079][ T3021]  loop4: p1 < > p4
[   46.657259][ T4240] bond0: entered allmulticast mode
[   46.661682][ T3021] loop4: p4 size 8388608 extends beyond EOD, 
[   46.665800][ T4240] bond_slave_0: entered allmulticast mode
[   46.665861][ T4240] bond_slave_1: entered allmulticast mode
[   46.671983][ T3021] truncated
[   46.687225][ T4240] bond0: left allmulticast mode
[   46.692212][ T4240] bond_slave_0: left allmulticast mode
[   46.697826][ T4240] bond_slave_1: left allmulticast mode
[   46.708238][ T3312] udevd[3312]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   46.708333][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   46.764133][ T4246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.262'.
[   46.795465][ T4246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.262'.
[   46.843829][ T4254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.267'.
[   46.874054][ T4256] loop3: detected capacity change from 0 to 1024
[   46.885231][ T4256] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.919789][ T4262] netlink: 4 bytes leftover after parsing attributes in process `syz.1.266'.
[   46.953132][ T4262] team1: Mode "" not found
[   47.036372][ T4268] syzkaller0: entered allmulticast mode
[   47.048255][ T4272] vlan2: entered promiscuous mode
[   47.053573][ T4272] vlan2: entered allmulticast mode
[   47.058813][ T4272] hsr_slave_1: entered allmulticast mode
[   47.074295][ T4268] syzkaller0 (unregistering): left allmulticast mode
[   47.181765][ T4278] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   47.292495][ T4283] pim6reg1: entered promiscuous mode
[   47.297867][ T4283] pim6reg1: entered allmulticast mode
[   47.463866][ T4308] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[   47.492650][ T4306] tipc: Disabling bearer <eth:syzkaller0>
[   47.585979][ T4316] pim6reg1: entered promiscuous mode
[   47.591437][ T4316] pim6reg1: entered allmulticast mode
[   47.662832][    C0] hrtimer: interrupt took 46914 ns
[   47.950453][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.001816][ T4350] delete_channel: no stack
[   48.241757][ T4369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'.
[   48.250965][ T4368] serio: Serial port pts0
[   48.353659][ T4378] vlan2: entered allmulticast mode
[   48.359414][ T4378] bond0: entered allmulticast mode
[   48.364572][ T4378] bond_slave_0: entered allmulticast mode
[   48.370363][ T4378] bond_slave_1: entered allmulticast mode
[   48.376187][ T4378] batadv0: entered allmulticast mode
[   48.384503][ T4378] bond0: left allmulticast mode
[   48.389517][ T4378] bond_slave_0: left allmulticast mode
[   48.395088][ T4378] bond_slave_1: left allmulticast mode
[   48.400670][ T4378] batadv0: left allmulticast mode
[   48.827584][ T4387] loop1: detected capacity change from 0 to 1024
[   48.851407][ T4387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.180525][ T4415] loop3: detected capacity change from 0 to 128
[   49.231465][ T4421] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'.
[   49.391641][   T29] kauditd_printk_skb: 165 callbacks suppressed
[   49.391655][   T29] audit: type=1400 audit(1732316708.555:692): avc:  denied  { read } for  pid=4437 comm="syz.0.319" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   49.441720][   T29] audit: type=1400 audit(1732316708.595:693): avc:  denied  { open } for  pid=4437 comm="syz.0.319" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   49.465430][   T29] audit: type=1400 audit(1732316708.595:694): avc:  denied  { ioctl } for  pid=4437 comm="syz.0.319" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9375 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   49.545856][ T4446] loop2: detected capacity change from 0 to 2048
[   49.595493][ T4446]  loop2: p1 < > p4
[   49.600357][ T4446] loop2: p4 size 8388608 extends beyond EOD, truncated
[   49.635389][ T3021]  loop2: p1 < > p4
[   49.647342][ T3021] loop2: p4 size 8388608 extends beyond EOD, truncated
[   49.713261][ T3312] udevd[3312]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   49.717189][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   49.799381][   T29] audit: type=1400 audit(1732316708.955:695): avc:  denied  { read } for  pid=4453 comm="syz.2.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   49.936512][ T4466] serio: Serial port pts1
[   50.063165][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.093825][ T4479] loop1: detected capacity change from 0 to 512
[   50.102675][ T4479] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   50.133627][ T4479] EXT4-fs (loop1): 1 truncate cleaned up
[   50.140049][ T4479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.182537][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.188059][ T4483] loop3: detected capacity change from 0 to 1024
[   50.220571][ T4485] loop0: detected capacity change from 0 to 128
[   50.234133][ T4483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.273119][ T4485] bio_check_eod: 2 callbacks suppressed
[   50.273134][ T4485] syz.0.336: attempt to access beyond end of device
[   50.273134][ T4485] loop0: rw=2049, sector=177, nr_sectors = 1 limit=128
[   50.294629][ T4485] syz.0.336: attempt to access beyond end of device
[   50.294629][ T4485] loop0: rw=2049, sector=153, nr_sectors = 24 limit=128
[   50.304391][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.309955][ T4485] syz.0.336: attempt to access beyond end of device
[   50.309955][ T4485] loop0: rw=2049, sector=177, nr_sectors = 1 limit=128
[   50.330702][ T4485] Buffer I/O error on dev loop0, logical block 177, lost async page write
[   50.388212][ T4498] netlink: 'syz.4.341': attribute type 39 has an invalid length.
[   50.397079][   T29] audit: type=1400 audit(1732316709.555:696): avc:  denied  { connect } for  pid=4497 comm="syz.4.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   50.419794][ T4494] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.449435][ T4500] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   50.520007][ T4510] serio: Serial port pts0
[   50.626300][ T4526] loop4: detected capacity change from 0 to 128
[   50.647178][   T29] audit: type=1326 audit(1732316709.795:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4527 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   50.669154][ T4532] loop0: detected capacity change from 0 to 512
[   50.670498][   T29] audit: type=1326 audit(1732316709.795:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4527 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   50.700015][   T29] audit: type=1326 audit(1732316709.795:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4527 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   50.723522][   T29] audit: type=1326 audit(1732316709.795:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4527 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   50.747039][   T29] audit: type=1326 audit(1732316709.795:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4527 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   50.771187][ T4532] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   50.788416][ T4532] EXT4-fs (loop0): 1 truncate cleaned up
[   50.794359][ T4526] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   50.799674][ T4532] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.807950][ T4526] ext4 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   50.860083][ T4526] ref_ctr increment failed for inode: 0xc offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff8881180a7480
[   50.872574][ T4525] uprobe: syz.4.345:4525 failed to unregister, leaking uprobe
[   50.891631][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.941822][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   50.980473][ T4554] Â: renamed from pim6reg1
[   51.133843][ T4561] loop4: detected capacity change from 0 to 128
[   51.248435][ T4561] syz.4.353: attempt to access beyond end of device
[   51.248435][ T4561] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[   51.293809][ T4561] syz.4.353: attempt to access beyond end of device
[   51.293809][ T4561] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[   51.310603][ T4560] syz.4.353: attempt to access beyond end of device
[   51.310603][ T4560] loop4: rw=524288, sector=145, nr_sectors = 32 limit=128
[   51.326683][ T4560] syz.4.353: attempt to access beyond end of device
[   51.326683][ T4560] loop4: rw=524288, sector=185, nr_sectors = 184 limit=128
[   51.426924][ T4564] loop2: detected capacity change from 0 to 512
[   51.438915][ T4560] syz.4.353: attempt to access beyond end of device
[   51.438915][ T4560] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[   51.452089][ T4560] Buffer I/O error on dev loop4, logical block 177, async page read
[   51.501916][ T4564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.525094][ T4560] syz.4.353: attempt to access beyond end of device
[   51.525094][ T4560] loop4: rw=0, sector=178, nr_sectors = 1 limit=128
[   51.538379][ T4560] Buffer I/O error on dev loop4, logical block 178, async page read
[   51.550166][ T4564] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.596675][ T4560] syz.4.353: attempt to access beyond end of device
[   51.596675][ T4560] loop4: rw=0, sector=179, nr_sectors = 1 limit=128
[   51.609862][ T4560] Buffer I/O error on dev loop4, logical block 179, async page read
[   51.630215][ T4560] Buffer I/O error on dev loop4, logical block 180, async page read
[   51.648238][ T4560] Buffer I/O error on dev loop4, logical block 181, async page read
[   51.664463][ T4560] Buffer I/O error on dev loop4, logical block 182, async page read
[   51.672896][ T4560] Buffer I/O error on dev loop4, logical block 183, async page read
[   51.682288][ T4560] Buffer I/O error on dev loop4, logical block 184, async page read
[   51.692078][ T4560] Buffer I/O error on dev loop4, logical block 177, async page read
[   51.959404][ T4571] loop4: detected capacity change from 0 to 128
[   51.964379][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.049096][ T4581] ref_ctr increment failed for inode: 0x1ab offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88811bb56f40
[   52.060965][ T4577] uprobe: syz.3.362:4577 failed to unregister, leaking uprobe
[   52.146038][ T4588] netlink: 'syz.2.366': attribute type 10 has an invalid length.
[   52.158085][ T4588] geneve1: entered promiscuous mode
[   52.167549][ T4588] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   52.184664][ T4595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4595 comm=syz.3.367
[   52.205588][ T4595] netlink: 'syz.3.367': attribute type 1 has an invalid length.
[   52.232708][ T4595] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.286172][ T4591] syzkaller0: entered promiscuous mode
[   52.291706][ T4591] syzkaller0: entered allmulticast mode
[   52.306458][ T4595] bond1: (slave ip6gretap1): making interface the new active one
[   52.315503][ T4595] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   52.361875][ T4603] bond1: entered allmulticast mode
[   52.367116][ T4603] ip6gretap1: entered allmulticast mode
[   52.380278][ T4605] loop0: detected capacity change from 0 to 512
[   52.411282][ T4605] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.428881][ T4605] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.480832][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.504215][ T4617] loop0: detected capacity change from 0 to 128
[   52.565436][ T4619] netlink: 'syz.2.376': attribute type 39 has an invalid length.
[   52.682779][ T4635] loop0: detected capacity change from 0 to 128
[   52.697604][ T4635] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   52.731637][ T4635] ext4 filesystem being mounted at /75/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   52.828534][ T4635] EXT4-fs (loop0): shut down requested (0)
[   52.864460][ T3329] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   53.296362][ T4725] loop1: detected capacity change from 0 to 128
[   53.336574][ T4735] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   53.343127][ T4735] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   53.350911][ T4735] vhci_hcd vhci_hcd.0: Device attached
[   53.430190][ T4735] loop4: detected capacity change from 0 to 2048
[   53.466799][ T4735] EXT4-fs (loop4): failed to initialize system zone (-117)
[   53.474127][ T4735] EXT4-fs (loop4): mount failed
[   53.506450][ T4736] vhci_hcd: connection closed
[   53.506678][  T155] vhci_hcd: stop threads
[   53.515729][  T155] vhci_hcd: release socket
[   53.520252][  T155] vhci_hcd: disconnect device
[   53.545873][    T9] vhci_hcd: vhci_device speed not set
[   53.794718][ T4802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.403'.
[   53.832542][ T4809] Driver unsupported XDP return value 0 on prog  (id 322) dev N/A, expect packet loss!
[   54.147053][ T4869] ref_ctr increment failed for inode: 0x1e5 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff8881180a5f80
[   54.159227][ T4867] uprobe: syz.0.416:4867 failed to unregister, leaking uprobe
[   54.504834][   T29] kauditd_printk_skb: 103 callbacks suppressed
[   54.504848][   T29] audit: type=1326 audit(1732316713.665:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.534407][   T29] audit: type=1326 audit(1732316713.665:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.557710][   T29] audit: type=1326 audit(1732316713.665:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.581197][   T29] audit: type=1326 audit(1732316713.665:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.604478][   T29] audit: type=1326 audit(1732316713.665:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.628714][   T29] audit: type=1326 audit(1732316713.665:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.652498][   T29] audit: type=1326 audit(1732316713.665:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.676024][   T29] audit: type=1326 audit(1732316713.665:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.699616][   T29] audit: type=1326 audit(1732316713.665:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   54.723896][   T29] audit: type=1326 audit(1732316713.895:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e26be819 code=0x7ffc0000
[   55.142302][ T4939] tipc: Started in network mode
[   55.147264][ T4939] tipc: Node identity 829fee05dfce, cluster identity 4711
[   55.154673][ T4939] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[   55.167852][ T4939] ªªªªªª: renamed from syzkaller0
[   55.176133][ T4939] tipc: Disabling bearer <eth:syzkaller0>
[   55.275259][ T4956] loop0: detected capacity change from 0 to 512
[   55.329011][ T4956] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   55.337736][ T4956] System zones: 0-2, 18-18, 34-34
[   55.343670][ T4956] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.436: bg 0: block 248: padding at end of block bitmap is not set
[   55.365256][ T4956] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.436: Failed to acquire dquot type 1
[   55.401881][ T4956] EXT4-fs (loop0): 1 truncate cleaned up
[   55.408075][ T4956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.421552][ T4956] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.458742][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.612743][ T4994] loop0: detected capacity change from 0 to 1024
[   55.623067][ T4994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.759940][ T5013] tipc: Started in network mode
[   55.764879][ T5013] tipc: Node identity 26fa70696fac, cluster identity 4711
[   55.772194][ T5013] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[   55.780154][ T5013] ªªªªªª: renamed from syzkaller0
[   55.791700][ T5013] tipc: Disabling bearer <eth:syzkaller0>
[   55.917611][ T5037] netlink: 8 bytes leftover after parsing attributes in process `syz.4.452'.
[   56.300641][ T5076] netlink: 'syz.2.455': attribute type 39 has an invalid length.
[   56.496393][ T5103] loop2: detected capacity change from 0 to 256
[   56.653198][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.681283][ T5118] loop2: detected capacity change from 0 to 512
[   56.705841][ T5118] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   56.713988][ T5118] System zones: 0-2, 18-18, 34-34
[   56.719294][ T5115] loop4: detected capacity change from 0 to 512
[   56.721610][ T5118] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.462: bg 0: block 248: padding at end of block bitmap is not set
[   56.741917][ T5118] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.462: Failed to acquire dquot type 1
[   56.753917][ T5115] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   56.763402][ T5118] EXT4-fs (loop2): 1 truncate cleaned up
[   56.769643][ T5115] EXT4-fs (loop4): orphan cleanup on readonly fs
[   56.770729][ T5118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.788879][ T5118] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.789946][ T5115] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.463: bad orphan inode 15
[   56.822317][ T5115] ext4_test_bit(bit=14, block=18) = 1
[   56.827801][ T5115] is_bad_inode(inode)=0
[   56.832020][ T5115] NEXT_ORPHAN(inode)=1023
[   56.836674][ T5115] max_ino=32
[   56.840152][ T5115] i_nlink=0
[   56.844236][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.850535][ T5115] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2977: inode #15: comm syz.4.463: corrupted xattr block 19: e_value size too large
[   56.876146][ T5115] EXT4-fs warning (device loop4): ext4_evict_inode:276: xattr delete (err -117)
[   56.937323][ T5149] netlink: 'syz.0.466': attribute type 39 has an invalid length.
[   56.946125][ T5142] loop2: detected capacity change from 0 to 2048
[   56.977898][ T5142] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2 with error 28
[   56.990208][ T5142] EXT4-fs (loop2): This should not happen!! Data will be lost
[   56.990208][ T5142] 
[   57.000057][ T5142] EXT4-fs (loop2): Total free blocks count 0
[   57.006108][ T5142] EXT4-fs (loop2): Free/Dirty block details
[   57.012021][ T5142] EXT4-fs (loop2): free_blocks=0
[   57.017119][ T5142] EXT4-fs (loop2): dirty_blocks=0
[   57.022168][ T5142] EXT4-fs (loop2): Block reservation details
[   57.028354][ T5142] EXT4-fs (loop2): i_reserved_data_blocks=0
[   57.066873][ T5155] veth1_vlan: left promiscuous mode
[   57.191958][ T5164] pim6reg1: entered promiscuous mode
[   57.197434][ T5164] pim6reg1: entered allmulticast mode
[   57.231048][ T5175] loop1: detected capacity change from 0 to 512
[   57.243303][ T5175] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   57.259681][ T5175] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[   57.268117][ T5175] System zones: 1-12
[   57.272269][ T5175] EXT4-fs (loop1): 1 truncate cleaned up
[   57.455679][ T5194] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   57.462418][ T5194] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   57.468794][ T5192] loop4: detected capacity change from 0 to 2048
[   57.470079][ T5194] vhci_hcd vhci_hcd.0: Device attached
[   57.499491][ T5194] loop0: detected capacity change from 0 to 2048
[   57.514209][ T5202] syz.1.481[5202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.514335][ T5202] syz.1.481[5202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.522704][ T5192] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2 with error 28
[   57.549149][ T5192] EXT4-fs (loop4): This should not happen!! Data will be lost
[   57.549149][ T5192] 
[   57.558898][ T5192] EXT4-fs (loop4): Total free blocks count 0
[   57.559199][ T5202] syz.1.481[5202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.564910][ T5192] EXT4-fs (loop4): Free/Dirty block details
[   57.564928][ T5192] EXT4-fs (loop4): free_blocks=0
[   57.564943][ T5192] EXT4-fs (loop4): dirty_blocks=0
[   57.564957][ T5192] EXT4-fs (loop4): Block reservation details
[   57.579625][ T5194] EXT4-fs (loop0): failed to initialize system zone (-117)
[   57.582147][ T5192] EXT4-fs (loop4): i_reserved_data_blocks=0
[   57.587459][ T5194] EXT4-fs (loop0): mount failed
[   57.635390][ T5195] vhci_hcd: connection closed
[   57.635588][ T2284] vhci_hcd: stop threads
[   57.644582][ T2284] vhci_hcd: release socket
[   57.649121][ T2284] vhci_hcd: disconnect device
[   57.682133][ T5208] netlink: 'syz.1.482': attribute type 39 has an invalid length.
[   57.693855][ T5206] pim6reg1: entered promiscuous mode
[   57.699416][ T5206] pim6reg1: entered allmulticast mode
[   57.921666][ T5225] loop1: detected capacity change from 0 to 128
[   57.953371][ T5225] bio_check_eod: 221 callbacks suppressed
[   57.953391][ T5225] syz.1.489: attempt to access beyond end of device
[   57.953391][ T5225] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[   57.979499][ T5225] syz.1.489: attempt to access beyond end of device
[   57.979499][ T5225] loop1: rw=0, sector=177, nr_sectors = 1 limit=128
[   57.993473][ T5224] syz.1.489: attempt to access beyond end of device
[   57.993473][ T5224] loop1: rw=0, sector=177, nr_sectors = 1 limit=128
[   58.006770][ T5224] buffer_io_error: 215 callbacks suppressed
[   58.006781][ T5224] Buffer I/O error on dev loop1, logical block 177, async page read
[   58.020816][ T5224] syz.1.489: attempt to access beyond end of device
[   58.020816][ T5224] loop1: rw=0, sector=178, nr_sectors = 1 limit=128
[   58.033894][ T5224] Buffer I/O error on dev loop1, logical block 178, async page read
[   58.043794][ T5224] syz.1.489: attempt to access beyond end of device
[   58.043794][ T5224] loop1: rw=0, sector=179, nr_sectors = 1 limit=128
[   58.056865][ T5224] Buffer I/O error on dev loop1, logical block 179, async page read
[   58.065261][ T5224] syz.1.489: attempt to access beyond end of device
[   58.065261][ T5224] loop1: rw=0, sector=180, nr_sectors = 1 limit=128
[   58.078544][ T5224] Buffer I/O error on dev loop1, logical block 180, async page read
[   58.086727][ T5224] syz.1.489: attempt to access beyond end of device
[   58.086727][ T5224] loop1: rw=0, sector=181, nr_sectors = 1 limit=128
[   58.099823][ T5224] Buffer I/O error on dev loop1, logical block 181, async page read
[   58.107969][ T5224] syz.1.489: attempt to access beyond end of device
[   58.107969][ T5224] loop1: rw=0, sector=182, nr_sectors = 1 limit=128
[   58.121039][ T5224] Buffer I/O error on dev loop1, logical block 182, async page read
[   58.129190][ T5224] syz.1.489: attempt to access beyond end of device
[   58.129190][ T5224] loop1: rw=0, sector=183, nr_sectors = 1 limit=128
[   58.142338][ T5224] Buffer I/O error on dev loop1, logical block 183, async page read
[   58.150506][ T5224] syz.1.489: attempt to access beyond end of device
[   58.150506][ T5224] loop1: rw=0, sector=184, nr_sectors = 1 limit=128
[   58.163668][ T5224] Buffer I/O error on dev loop1, logical block 184, async page read
[   58.172292][ T5224] Buffer I/O error on dev loop1, logical block 177, async page read
[   58.186375][ T5224] Buffer I/O error on dev loop1, logical block 178, async page read
[   58.401513][ T5238] loop0: detected capacity change from 0 to 512
[   58.408679][ T5238] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   58.418271][ T5238] EXT4-fs (loop0): orphan cleanup on readonly fs
[   58.425491][ T5238] EXT4-fs error (device loop0): ext4_orphan_get:1415: comm syz.0.494: bad orphan inode 15
[   58.435918][ T5238] ext4_test_bit(bit=14, block=18) = 1
[   58.441346][ T5238] is_bad_inode(inode)=0
[   58.445569][ T5238] NEXT_ORPHAN(inode)=1023
[   58.449963][ T5238] max_ino=32
[   58.453220][ T5238] i_nlink=0
[   58.456589][ T5238] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2977: inode #15: comm syz.0.494: corrupted xattr block 19: e_value size too large
[   58.471099][ T5238] EXT4-fs warning (device loop0): ext4_evict_inode:276: xattr delete (err -117)
[   58.577151][ T5247] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'.
[   58.718741][ T5260] loop3: detected capacity change from 0 to 128
[   58.735858][ T5258] bond0: (slave bond_slave_0): Releasing backup interface
[   58.749795][ T5258] bond0: (slave bond_slave_1): Releasing backup interface
[   58.761878][ T5258] team0: Port device team_slave_0 removed
[   58.771488][ T5258] team0: Port device team_slave_1 removed
[   58.780520][ T5258] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.788148][ T5258] batman_adv: batadv0: Removing interface: batadv_slave_0
[   58.798751][ T5258] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.806276][ T5258] batman_adv: batadv0: Removing interface: batadv_slave_1
[   58.829768][ T5258] bond0: (slave geneve1): Releasing backup interface
[   58.850873][ T5263] vlan0: entered promiscuous mode
[   58.859122][ T5263] team0: Port device vlan0 added
[   58.867428][ T5267] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.879234][ T5268] tipc: Enabled bearer <eth:team0>, priority 0
[   58.886740][ T5264] pim6reg1: entered promiscuous mode
[   58.892133][ T5264] pim6reg1: entered allmulticast mode
[   58.917695][ T5267] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.968854][ T5267] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.987264][ T5273] syz.4.517[5273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.987400][ T5273] syz.4.517[5273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.999071][ T5273] syz.4.517[5273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.018735][ T5267] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.081755][ T5280] loop4: detected capacity change from 0 to 512
[   59.086679][ T5267] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.088803][ T5280] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   59.108734][ T5267] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.124762][ T5267] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.128187][ T5280] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[   59.140378][ T5267] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.142330][ T5280] System zones: 1-12
[   59.153510][ T5280] EXT4-fs (loop4): 1 truncate cleaned up
[   59.869107][   T29] kauditd_printk_skb: 144 callbacks suppressed
[   59.869124][   T29] audit: type=1326 audit(1732316719.035:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   59.882440][ T5294] loop2: detected capacity change from 0 to 1024
[   59.909789][ T5290] loop3: detected capacity change from 0 to 512
[   59.916835][   T29] audit: type=1326 audit(1732316719.065:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   59.940204][   T29] audit: type=1326 audit(1732316719.065:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   59.964230][   T29] audit: type=1326 audit(1732316719.065:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   59.988208][   T29] audit: type=1326 audit(1732316719.065:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   60.011605][   T29] audit: type=1326 audit(1732316719.065:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   60.034968][   T29] audit: type=1326 audit(1732316719.065:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   60.058653][   T29] audit: type=1326 audit(1732316719.065:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5287 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff76813e819 code=0x7ffc0000
[   60.081942][   T29] audit: type=1326 audit(1732316719.065:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   60.105318][   T29] audit: type=1326 audit(1732316719.065:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5288 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   60.123708][ T5290] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   60.129190][   T35] tipc: Node number set to 1565650437
[   60.143355][ T5291] hub 6-0:1.0: USB hub found
[   60.148267][ T5291] hub 6-0:1.0: 8 ports detected
[   60.159269][ T5290] System zones: 0-2, 18-18, 34-34
[   60.184803][ T5290] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.512: bg 0: block 248: padding at end of block bitmap is not set
[   60.214272][ T5290] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.512: Failed to acquire dquot type 1
[   60.233216][ T5290] EXT4-fs (loop3): 1 truncate cleaned up
[   60.239602][ T5290] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.258313][ T5309] loop1: detected capacity change from 0 to 512
[   60.270239][ T5309] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.304695][ T5309] EXT4-fs (loop1): 1 truncate cleaned up
[   60.355729][ T5312] pim6reg1: entered promiscuous mode
[   60.361157][ T5312] pim6reg1: entered allmulticast mode
[   60.395623][ T5314] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.476053][ T5314] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.490778][ T5327] loop1: detected capacity change from 0 to 512
[   60.508136][ T5327] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.517032][ T5325] netlink: 'syz.0.527': attribute type 15 has an invalid length.
[   60.556118][ T5314] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.626952][ T5314] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.707909][ T5341] loop1: detected capacity change from 0 to 512
[   60.757728][ T5341] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   60.795039][ T5341] System zones: 0-2, 18-18, 34-34
[   60.833783][ T5341] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.533: bg 0: block 248: padding at end of block bitmap is not set
[   60.862844][ T5341] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.533: Failed to acquire dquot type 1
[   60.894676][ T5341] EXT4-fs (loop1): 1 truncate cleaned up
[   60.901077][ T5341] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.918470][ T5359] loop4: detected capacity change from 0 to 512
[   60.931051][ T5357] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.954290][ T5359] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.008471][ T5357] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.070397][ T5357] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.094679][ T5375] netlink: 4 bytes leftover after parsing attributes in process `syz.4.545'.
[   61.159360][ T5357] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.241227][ T5357] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.253663][ T5357] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.267349][ T5357] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.278865][ T5357] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.427381][ T5391] loop1: detected capacity change from 0 to 512
[   61.437709][ T5388] loop2: detected capacity change from 0 to 2048
[   61.447093][ T5392] loop4: detected capacity change from 0 to 512
[   61.466425][ T5392] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   61.467215][ T5391] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.474517][ T5392] System zones: 0-2, 18-18, 34-34
[   61.490626][ T5388]  loop2: p1 < > p4
[   61.495899][ T5388] loop2: p4 size 8388608 extends beyond EOD, truncated
[   61.503100][ T5392] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.551: bg 0: block 248: padding at end of block bitmap is not set
[   61.527248][ T5392] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.551: Failed to acquire dquot type 1
[   61.553952][ T5392] EXT4-fs (loop4): 1 truncate cleaned up
[   61.561231][ T5392] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.573081][ T3771] udevd[3771]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   61.592809][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   61.626120][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   61.628955][ T3312] udevd[3312]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   61.711981][ T5404] bridge_slave_0: left allmulticast mode
[   61.717725][ T5404] bridge_slave_0: left promiscuous mode
[   61.723400][ T5404] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.767944][ T5404] bridge_slave_1: left allmulticast mode
[   61.773667][ T5404] bridge_slave_1: left promiscuous mode
[   61.779436][ T5404] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.795607][ T5404] bond0: (slave bond_slave_0): Releasing backup interface
[   61.805841][ T5404] bond0: (slave bond_slave_1): Releasing backup interface
[   61.824588][ T5404] team0: Port device team_slave_0 removed
[   61.833683][ T5404] team0: Port device team_slave_1 removed
[   61.840931][ T5404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.848654][ T5404] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.859672][ T5404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.867202][ T5404] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.887754][ T5415] tipc: Enabled bearer <eth:team0>, priority 0
[   62.029777][ T5426] hub 6-0:1.0: USB hub found
[   62.034554][ T5426] hub 6-0:1.0: 8 ports detected
[   62.108854][ T5429] netlink: 36 bytes leftover after parsing attributes in process `syz.4.560'.
[   62.118080][ T5429] netlink: 16 bytes leftover after parsing attributes in process `syz.4.560'.
[   62.127235][ T5429] netlink: 36 bytes leftover after parsing attributes in process `syz.4.560'.
[   62.136289][ T5429] netlink: 36 bytes leftover after parsing attributes in process `syz.4.560'.
[   62.400338][ T5314] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.411969][ T5314] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.423703][ T5314] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.435090][ T5314] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.478828][ T5433] syzkaller0: entered allmulticast mode
[   62.798036][ T5465] loop1: detected capacity change from 0 to 1024
[   62.848763][ T5469] loop4: detected capacity change from 0 to 2048
[   62.855190][ T5467] bridge_slave_0: left allmulticast mode
[   62.855262][ T5467] bridge_slave_0: left promiscuous mode
[   62.855348][ T5467] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.883452][ T5467] bridge_slave_1: left allmulticast mode
[   62.889218][ T5467] bridge_slave_1: left promiscuous mode
[   62.895010][ T5467] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.909195][ T5467] bond0: (slave bond_slave_0): Releasing backup interface
[   62.920395][ T5467] bond0: (slave bond_slave_1): Releasing backup interface
[   62.934039][ T5467] team0: Port device team_slave_0 removed
[   62.946965][ T5467] team0: Port device team_slave_1 removed
[   62.954330][ T5467] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.961900][ T5467] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.975459][ T5467] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.983211][ T5467] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.994579][ T5478] loop3: detected capacity change from 0 to 256
[   63.015974][   T35] tipc: Node number set to 1230401641
[   63.037588][ T5472] vlan0: entered promiscuous mode
[   63.049399][ T5478] msdos: Unknown parameter '"'
[   63.088058][ T5472] team0: Port device vlan0 added
[   63.115893][ T5475] tipc: Enabled bearer <eth:team0>, priority 0
[   63.422830][ T5498] loop0: detected capacity change from 0 to 512
[   63.446389][ T5500] netlink: 64 bytes leftover after parsing attributes in process `syz.2.591'.
[   63.467557][ T5498] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.715388][ T5506] netlink: 'syz.2.593': attribute type 15 has an invalid length.
[   63.814071][ T5513] loop1: detected capacity change from 0 to 2048
[   63.834123][ T5517] loop0: detected capacity change from 0 to 1024
[   63.855631][ T5513]  loop1: p1 < > p4
[   63.860209][ T5513] loop1: p4 size 8388608 extends beyond EOD, truncated
[   63.929520][ T3021]  loop1: p1 < > p4
[   63.939850][ T3021] loop1: p4 size 8388608 extends beyond EOD, truncated
[   63.942818][ T5523] loop2: detected capacity change from 0 to 512
[   63.954942][ T5523] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   64.002192][ T3866] udevd[3866]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   64.018675][ T5523] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.025282][ T5523] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #3: comm syz.2.602: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[   64.050544][ T5528] loop0: detected capacity change from 0 to 512
[   64.062159][ T3312] udevd[3312]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   64.084850][ T5523] EXT4-fs error (device loop2): ext4_quota_enable:7115: comm syz.2.602: Bad quota inode: 3, type: 0
[   64.098788][ T5523] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   64.113606][ T5523] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   64.152558][ T5528] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.603: bg 0: block 393: padding at end of block bitmap is not set
[   64.175558][ T5528] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   64.184635][ T5528] EXT4-fs (loop0): 2 truncates cleaned up
[   64.248713][   T35] tipc: Node number set to 1406855703
[   64.318769][ T5547] team0: Port device vlan0 removed
[   64.331611][   T36] tipc: Resetting bearer <eth:team0>
[   64.402412][ T5553] pim6reg1: entered promiscuous mode
[   64.407881][ T5553] pim6reg1: entered allmulticast mode
[   64.550968][ T5574] netlink: 'syz.4.621': attribute type 1 has an invalid length.
[   64.576196][ T5574] 8021q: adding VLAN 0 to HW filter on device bond1
[   64.593566][ T5574] 8021q: adding VLAN 0 to HW filter on device bond1
[   64.600886][ T5574] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[   64.613711][ T5574] bond1: (slave vcan1): Error -95 calling set_mac_address
[   64.745770][ T5604] netlink: 12 bytes leftover after parsing attributes in process `syz.4.623'.
[   64.912000][ T5625] loop1: detected capacity change from 0 to 1024
[   64.942705][   T29] kauditd_printk_skb: 446 callbacks suppressed
[   64.942727][   T29] audit: type=1400 audit(1732316724.105:1405): avc:  denied  { create } for  pid=5633 comm="syz.4.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.984960][   T29] audit: type=1400 audit(1732316724.135:1406): avc:  denied  { bind } for  pid=5633 comm="syz.4.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   65.004298][   T29] audit: type=1400 audit(1732316724.135:1407): avc:  denied  { name_bind } for  pid=5633 comm="syz.4.626" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[   65.024991][   T29] audit: type=1400 audit(1732316724.135:1408): avc:  denied  { node_bind } for  pid=5633 comm="syz.4.626" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[   65.045747][   T29] audit: type=1400 audit(1732316724.135:1409): avc:  denied  { setopt } for  pid=5633 comm="syz.4.626" lport=512 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   65.296316][   T29] audit: type=1400 audit(1732316724.465:1410): avc:  denied  { listen } for  pid=5672 comm="syz.1.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   65.316156][   T29] audit: type=1400 audit(1732316724.465:1411): avc:  denied  { read } for  pid=5672 comm="syz.1.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   65.339280][ T5678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.632'.
[   65.348167][ T5678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.632'.
[   65.359952][ T5678] erspan1: entered promiscuous mode
[   65.365245][ T5678] erspan1: entered allmulticast mode
[   65.406088][   T29] audit: type=1400 audit(1732316724.545:1412): avc:  denied  { append } for  pid=5676 comm="syz.2.632" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   65.483515][ T5709] serio: Serial port ptm0
[   65.507960][   T29] audit: type=1326 audit(1732316724.605:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5676 comm="syz.2.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4b9d1e819 code=0x7ffc0000
[   65.531675][   T29] audit: type=1326 audit(1732316724.605:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5676 comm="syz.2.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4b9d1e819 code=0x7ffc0000
[   65.669250][ T5718] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5718 comm=syz.1.636
[   65.719533][ T5729] loop1: detected capacity change from 0 to 512
[   65.757593][ T5729] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.777231][ T5729] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #18: comm syz.1.638: corrupted inode contents
[   65.789282][ T5729] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #18: comm syz.1.638: mark_inode_dirty error
[   65.801055][ T5729] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #18: comm syz.1.638: corrupted inode contents
[   65.813164][ T5729] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3006: inode #18: comm syz.1.638: mark_inode_dirty error
[   65.825430][ T5729] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3009: inode #18: comm syz.1.638: mark inode dirty (error -117)
[   65.838696][ T5729] EXT4-fs warning (device loop1): ext4_evict_inode:276: xattr delete (err -117)
[   65.967052][ T5739] process 'syz.1.640' launched './file1' with NULL argv: empty string added
[   66.403295][ T5770] syzkaller0: entered promiscuous mode
[   66.408950][ T5770] syzkaller0: entered allmulticast mode
[   66.457945][ T5773] syz.3.655[5773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.458020][ T5773] syz.3.655[5773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.469811][ T5773] syz.3.655[5773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.585744][ T5781] loop4: detected capacity change from 0 to 512
[   66.639004][ T5781] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.742974][ T5789] loop1: detected capacity change from 0 to 512
[   66.791032][ T3318] EXT4-fs unmount: 45 callbacks suppressed
[   66.791180][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.807493][ T5789] EXT4-fs (loop1): orphan cleanup on readonly fs
[   66.832772][ T5792] pim6reg1: entered promiscuous mode
[   66.838209][ T5792] pim6reg1: entered allmulticast mode
[   66.843882][ T5789] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   66.889179][ T5789] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   66.905755][ T5789] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.661: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   66.906498][ T5795] loop4: detected capacity change from 0 to 1024
[   66.945678][ T5789] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.661: couldn't read orphan inode 13 (err -117)
[   66.952937][ T5795] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.982901][ T5789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.003095][ T5795] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.053925][ T5789] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   67.094089][ T5789] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 2
[   67.129434][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.233309][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.301348][ T5816] pim6reg1: entered promiscuous mode
[   67.306951][ T5816] pim6reg1: entered allmulticast mode
[   67.328009][ T5822] syzkaller0: entered promiscuous mode
[   67.333639][ T5822] syzkaller0: entered allmulticast mode
[   67.465954][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.473725][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.481522][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.489723][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.497546][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.505436][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.513171][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.521171][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.528985][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.529028][ T5832] loop4: detected capacity change from 0 to 1024
[   67.536789][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.551523][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.559759][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.567617][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.575331][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.583066][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.590971][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.598744][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.606740][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.614464][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.622412][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.630139][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.637900][    T9] hid-generic 0000:1000000:0000.0001: unknown main item tag 0x0
[   67.646634][    T9] hid-generic 0000:1000000:0000.0001: hidraw0: <UNKNOWN> HID vffffff.fe Device [syz0] on syz1
[   67.710079][ T5847] syz.1.685 uses obsolete (PF_INET,SOCK_PACKET)
[   67.730002][ T5837] pim6reg1: entered promiscuous mode
[   67.735573][ T5837] pim6reg1: entered allmulticast mode
[   67.794409][ T5855] netlink: 4 bytes leftover after parsing attributes in process `syz.3.689'.
[   67.813416][ T5855] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.821313][ T5855] batman_adv: batadv0: Removing interface: batadv_slave_0
[   67.829437][ T5855] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.837146][ T5855] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.853483][ T5855] bond0: (slave batadv0): Releasing backup interface
[   67.916275][ T5861] loop2: detected capacity change from 0 to 2048
[   67.967336][ T5861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.981268][ T5871] loop1: detected capacity change from 0 to 164
[   67.991921][ T5871] rock: corrupted directory entry. extent=41, offset=65536, size=8
[   68.013729][ T5861] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2 with error 28
[   68.025997][ T5861] EXT4-fs (loop2): This should not happen!! Data will be lost
[   68.025997][ T5861] 
[   68.035743][ T5861] EXT4-fs (loop2): Total free blocks count 0
[   68.042161][ T5861] EXT4-fs (loop2): Free/Dirty block details
[   68.048285][ T5861] EXT4-fs (loop2): free_blocks=0
[   68.053259][ T5861] EXT4-fs (loop2): dirty_blocks=0
[   68.058322][ T5861] EXT4-fs (loop2): Block reservation details
[   68.064329][ T5861] EXT4-fs (loop2): i_reserved_data_blocks=0
[   68.155037][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.236593][ T5893] loop2: detected capacity change from 0 to 256
[   68.261520][ T5893] netlink: 24 bytes leftover after parsing attributes in process `syz.2.704'.
[   68.371044][ T5903] loop3: detected capacity change from 0 to 2048
[   68.399730][ T5903] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.415255][ T5911] loop4: detected capacity change from 0 to 128
[   68.497455][ T5911] bio_check_eod: 442 callbacks suppressed
[   68.497473][ T5911] syz.4.711: attempt to access beyond end of device
[   68.497473][ T5911] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[   68.535421][ T5921] pim6reg1: entered promiscuous mode
[   68.540910][ T5921] pim6reg1: entered allmulticast mode
[   68.549056][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.558351][ T5911] syz.4.711: attempt to access beyond end of device
[   68.558351][ T5911] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[   68.573462][ T5910] syz.4.711: attempt to access beyond end of device
[   68.573462][ T5910] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[   68.586612][ T5910] buffer_io_error: 438 callbacks suppressed
[   68.586665][ T5910] Buffer I/O error on dev loop4, logical block 177, async page read
[   68.601222][ T5910] syz.4.711: attempt to access beyond end of device
[   68.601222][ T5910] loop4: rw=0, sector=178, nr_sectors = 1 limit=128
[   68.614411][ T5910] Buffer I/O error on dev loop4, logical block 178, async page read
[   68.636567][ T5927] ALSA: seq fatal error: cannot create timer (-22)
[   68.647414][ T5910] syz.4.711: attempt to access beyond end of device
[   68.647414][ T5910] loop4: rw=0, sector=179, nr_sectors = 1 limit=128
[   68.660583][ T5910] Buffer I/O error on dev loop4, logical block 179, async page read
[   68.683896][ T5910] syz.4.711: attempt to access beyond end of device
[   68.683896][ T5910] loop4: rw=0, sector=180, nr_sectors = 1 limit=128
[   68.697223][ T5910] Buffer I/O error on dev loop4, logical block 180, async page read
[   68.705958][ T5910] syz.4.711: attempt to access beyond end of device
[   68.705958][ T5910] loop4: rw=0, sector=181, nr_sectors = 1 limit=128
[   68.719104][ T5910] Buffer I/O error on dev loop4, logical block 181, async page read
[   68.748564][ T5910] syz.4.711: attempt to access beyond end of device
[   68.748564][ T5910] loop4: rw=0, sector=182, nr_sectors = 1 limit=128
[   68.761765][ T5910] Buffer I/O error on dev loop4, logical block 182, async page read
[   68.770231][ T5910] syz.4.711: attempt to access beyond end of device
[   68.770231][ T5910] loop4: rw=0, sector=183, nr_sectors = 1 limit=128
[   68.783418][ T5910] Buffer I/O error on dev loop4, logical block 183, async page read
[   68.792926][ T5910] syz.4.711: attempt to access beyond end of device
[   68.792926][ T5910] loop4: rw=0, sector=184, nr_sectors = 1 limit=128
[   68.806296][ T5910] Buffer I/O error on dev loop4, logical block 184, async page read
[   68.817186][ T5910] Buffer I/O error on dev loop4, logical block 177, async page read
[   68.825712][ T5910] Buffer I/O error on dev loop4, logical block 178, async page read
[   68.973790][ T5946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.724'.
[   69.056888][ T5955] netlink: 12 bytes leftover after parsing attributes in process `syz.3.728'.
[   69.065899][ T5955] netlink: 'syz.3.728': attribute type 7 has an invalid length.
[   69.082927][ T5953] loop4: detected capacity change from 0 to 128
[   69.187584][ T5953] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   69.201057][ T5953] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.273469][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   69.309007][ T5966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.731'.
[   69.927667][ T5979] syzkaller0: entered promiscuous mode
[   69.933989][ T5979] syzkaller0: entered allmulticast mode
[   69.954126][ T5982] pim6reg1: entered promiscuous mode
[   69.959505][ T5982] pim6reg1: entered allmulticast mode
[   70.110647][   T29] kauditd_printk_skb: 150 callbacks suppressed
[   70.110666][   T29] audit: type=1326 audit(1732316729.275:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.0.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   70.140421][   T29] audit: type=1326 audit(1732316729.275:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.0.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   70.163873][   T29] audit: type=1326 audit(1732316729.275:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.0.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   70.187672][   T29] audit: type=1326 audit(1732316729.335:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5986 comm="syz.0.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   70.189059][ T5955] syz.3.728 (5955) used greatest stack depth: 6376 bytes left
[   70.261616][ T5993] loop4: detected capacity change from 0 to 128
[   70.276220][ T5996] loop0: detected capacity change from 0 to 256
[   70.312104][ T5996] FAT-fs (loop0): Directory bread(block 64) failed
[   70.318844][ T5996] FAT-fs (loop0): Directory bread(block 65) failed
[   70.327633][ T5996] FAT-fs (loop0): Directory bread(block 66) failed
[   70.334311][ T5996] FAT-fs (loop0): Directory bread(block 67) failed
[   70.341143][ T5996] FAT-fs (loop0): Directory bread(block 68) failed
[   70.348013][ T5996] FAT-fs (loop0): Directory bread(block 69) failed
[   70.353760][ T5997] netlink: 56 bytes leftover after parsing attributes in process `syz.1.743'.
[   70.354674][ T5996] FAT-fs (loop0): Directory bread(block 70) failed
[   70.370767][ T5996] FAT-fs (loop0): Directory bread(block 71) failed
[   70.377577][ T5996] FAT-fs (loop0): Directory bread(block 72) failed
[   70.384365][ T5996] FAT-fs (loop0): Directory bread(block 73) failed
[   70.431288][ T6012] syz.1.747[6012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.431340][ T6012] syz.1.747[6012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.443209][ T6012] syz.1.747[6012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.572567][   T29] audit: type=1400 audit(1732316729.735:1569): avc:  denied  { connect } for  pid=6021 comm="syz.1.751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   70.609176][ T6024] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.749'.
[   70.614931][ T6023] pim6reg1: entered promiscuous mode
[   70.623942][ T6023] pim6reg1: entered allmulticast mode
[   70.633219][   T29] audit: type=1400 audit(1732316729.735:1570): avc:  denied  { read } for  pid=6021 comm="syz.1.751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   70.794331][   T29] audit: type=1326 audit(1732316729.955:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6033 comm="syz.4.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   70.821880][   T29] audit: type=1326 audit(1732316729.985:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6033 comm="syz.4.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   70.845446][   T29] audit: type=1326 audit(1732316729.985:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6033 comm="syz.4.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   70.869300][   T29] audit: type=1326 audit(1732316729.985:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6033 comm="syz.4.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aca33e819 code=0x7ffc0000
[   70.899369][ T6037] loop1: detected capacity change from 0 to 128
[   71.043869][ T6045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.759'.
[   71.053412][ T6045] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.060922][ T6045] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.071679][ T6045] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.079230][ T6045] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.280329][ T6054] pim6reg1: entered promiscuous mode
[   71.286082][ T6054] pim6reg1: entered allmulticast mode
[   71.323653][ T6061] netlink: 24 bytes leftover after parsing attributes in process `syz.1.766'.
[   71.346575][ T6060] ref_ctr increment failed for inode: 0x395 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff8881180a5f80
[   71.366887][ T6058] uprobe: syz.4.765:6058 failed to unregister, leaking uprobe
[   71.460588][ T6073] loop2: detected capacity change from 0 to 512
[   71.477325][ T6075] netlink: 40 bytes leftover after parsing attributes in process `syz.0.772'.
[   71.490121][ T6075] all: renamed from ip6_vti0 (while UP)
[   71.507635][ T6073] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #17: comm syz.2.771: iget: bogus i_mode (0)
[   71.526008][ T6073] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.771: couldn't read orphan inode 17 (err -117)
[   71.539520][ T6073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.615769][ T6090] loop1: detected capacity change from 0 to 512
[   71.633532][ T6090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.646489][ T6090] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.692518][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.706069][ T6098] ref_ctr increment failed for inode: 0x2da offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88811bb564c0
[   71.729158][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.742314][ T6097] uprobe: syz.3.780:6097 failed to unregister, leaking uprobe
[   71.897880][ T6115] syzkaller0: entered promiscuous mode
[   71.903416][ T6115] syzkaller0: entered allmulticast mode
[   71.946021][ T6123] netlink: 'syz.3.789': attribute type 3 has an invalid length.
[   72.041193][ T6127] loop1: detected capacity change from 0 to 512
[   72.052767][ T6129] loop0: detected capacity change from 0 to 512
[   72.060647][ T6127] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #17: comm syz.1.792: iget: bogus i_mode (0)
[   72.072923][ T6127] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.792: couldn't read orphan inode 17 (err -117)
[   72.076709][ T6129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.097707][ T6129] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.103910][ T6127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.145202][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.208925][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.209188][ T6143] loop3: detected capacity change from 0 to 2048
[   72.265415][ T6143]  loop3: p2 < >
[   72.279062][ T3021]  loop3: p2 < >
[   72.322665][ T3312] udevd[3312]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   72.367967][ T6149] loop0: detected capacity change from 0 to 512
[   72.379121][ T6149] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   72.392264][ T6149] EXT4-fs (loop0): orphan cleanup on readonly fs
[   72.399796][ T6149] EXT4-fs warning (device loop0): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   72.415548][ T6149] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   72.443911][ T6149] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #16: comm syz.0.809: iget: immutable or append flags not allowed on symlinks
[   72.459808][ T6149] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.809: couldn't read orphan inode 16 (err -117)
[   72.543953][ T6149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.573563][ T6149] syz.0.809[6149] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.573669][ T6149] syz.0.809[6149] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.585067][ T6149] syz.0.809[6149] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.607168][ T6149] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   72.700054][ T3329] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.730201][ T6168] syz.0.805[6168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.730321][ T6168] syz.0.805[6168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.741853][ T6168] syz.0.805[6168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.869589][ T6181] loop3: detected capacity change from 0 to 512
[   72.889694][ T6179] vhci_hcd: invalid port number 255
[   72.895087][ T6179] vhci_hcd: default hub control req: 0400 v0000 i00ff l0
[   72.905325][ T6181] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #17: comm syz.3.810: iget: bogus i_mode (0)
[   72.920144][ T6181] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.810: couldn't read orphan inode 17 (err -117)
[   72.935375][ T6181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.953057][ T6181] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.810: bg 0: block 7: invalid block bitmap
[   72.984211][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.227516][ T6188] loop2: detected capacity change from 0 to 65536
[   73.457242][ T6204] loop3: detected capacity change from 0 to 256
[   73.519469][ T6209] loop3: detected capacity change from 0 to 128
[   73.536144][ T6211] loop2: detected capacity change from 0 to 128
[   73.578602][ T6211] bio_check_eod: 217 callbacks suppressed
[   73.578618][ T6211] syz.2.823: attempt to access beyond end of device
[   73.578618][ T6211] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[   73.581048][ T6217] netlink: 'syz.4.826': attribute type 1 has an invalid length.
[   73.593155][ T6211] syz.2.823: attempt to access beyond end of device
[   73.593155][ T6211] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[   73.601116][ T6217] netlink: 'syz.4.826': attribute type 9 has an invalid length.
[   73.609648][ T6210] syz.2.823: attempt to access beyond end of device
[   73.609648][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.640555][ T6210] syz.2.823: attempt to access beyond end of device
[   73.640555][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.653740][ T6210] syz.2.823: attempt to access beyond end of device
[   73.653740][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.659290][ T6220] loop4: detected capacity change from 0 to 2048
[   73.666867][ T6210] syz.2.823: attempt to access beyond end of device
[   73.666867][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.686346][ T6210] syz.2.823: attempt to access beyond end of device
[   73.686346][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.699697][ T6210] syz.2.823: attempt to access beyond end of device
[   73.699697][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.707409][ T6223] loop1: detected capacity change from 0 to 128
[   73.712894][ T6210] syz.2.823: attempt to access beyond end of device
[   73.712894][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.725492][ T6220]  loop4: p1 < > p4
[   73.732178][ T6210] syz.2.823: attempt to access beyond end of device
[   73.732178][ T6210] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   73.740951][ T6220] loop4: p4 size 8388608 extends beyond EOD, truncated
[   73.784553][ T6228] loop3: detected capacity change from 0 to 512
[   73.810680][ T6228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.823353][ T6228] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.862532][ T6238] loop2: detected capacity change from 0 to 512
[   73.880593][ T6238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.890198][ T6241] __nla_validate_parse: 1 callbacks suppressed
[   73.890219][ T6241] netlink: 24 bytes leftover after parsing attributes in process `syz.0.834'.
[   73.894067][ T6238] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.901676][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.948550][ T6248] netlink: 8 bytes leftover after parsing attributes in process `syz.3.835'.
[   73.952293][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.005829][ T6257] loop3: detected capacity change from 0 to 128
[   74.048836][ T6256] netlink: 8 bytes leftover after parsing attributes in process `syz.0.839'.
[   74.097026][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.106037][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.121287][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.165943][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.174919][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.189902][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.332930][ T6263] netlink: 36 bytes leftover after parsing attributes in process `syz.2.841'.
[   74.859461][ T6286] loop0: detected capacity change from 0 to 128
[   74.869848][ T6284] loop1: detected capacity change from 0 to 512
[   74.897417][ T6284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.910386][ T6284] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.969440][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.240481][ T6300] loop1: detected capacity change from 0 to 512
[   75.322767][ T6300] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.861: bg 0: block 393: padding at end of block bitmap is not set
[   75.407005][ T6305] loop4: detected capacity change from 0 to 512
[   75.428763][   T29] kauditd_printk_skb: 234 callbacks suppressed
[   75.428782][   T29] audit: type=1326 audit(1732316734.595:1808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.431572][ T6300] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   75.435987][   T29] audit: type=1326 audit(1732316734.595:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.490584][   T29] audit: type=1326 audit(1732316734.595:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.496059][ T6305] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   75.514134][   T29] audit: type=1326 audit(1732316734.595:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.525035][ T6300] EXT4-fs (loop1): 2 truncates cleaned up
[   75.545581][   T29] audit: type=1326 audit(1732316734.595:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.551810][ T6300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.574706][   T29] audit: type=1326 audit(1732316734.595:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.574737][   T29] audit: type=1326 audit(1732316734.595:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.606163][ T6305] EXT4-fs (loop4): orphan cleanup on readonly fs
[   75.610569][   T29] audit: type=1326 audit(1732316734.595:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.663767][   T29] audit: type=1326 audit(1732316734.595:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.687177][   T29] audit: type=1326 audit(1732316734.595:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6307 comm="syz.0.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7ff1f803e819 code=0x7ffc0000
[   75.712581][ T6305] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   75.727991][ T6305] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   75.734979][ T6305] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #16: comm syz.4.852: iget: immutable or append flags not allowed on symlinks
[   75.777491][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.786678][ T6305] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.852: couldn't read orphan inode 16 (err -117)
[   75.814106][ T6305] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.848110][ T6305] syz.4.852[6305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.848219][ T6305] syz.4.852[6305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.859950][ T6305] syz.4.852[6305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.872789][ T6305] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   75.915269][ T6319] netlink: 'syz.3.857': attribute type 1 has an invalid length.
[   75.921386][ T6321] loop1: detected capacity change from 0 to 128
[   75.925534][ T6319] netlink: 'syz.3.857': attribute type 9 has an invalid length.
[   75.938116][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.973776][ T6323] loop1: detected capacity change from 0 to 1024
[   75.983101][ T6323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.052553][ T6323] ==================================================================
[   76.060762][ T6323] BUG: KCSAN: data-race in __mark_inode_dirty / __writeback_single_inode
[   76.069238][ T6323] 
[   76.071567][ T6323] read-write to 0xffff8881066f8ab8 of 4 bytes by task 6332 on cpu 0:
[   76.079659][ T6323]  __writeback_single_inode+0x1f4/0x850
[   76.085282][ T6323]  writeback_single_inode+0x16c/0x3f0
[   76.090682][ T6323]  sync_inode_metadata+0x5c/0x90
[   76.095750][ T6323]  generic_buffers_fsync_noflush+0xd8/0x120
[   76.101674][ T6323]  ext4_sync_file+0x1ff/0x6c0
[   76.106369][ T6323]  vfs_fsync_range+0x116/0x130
[   76.111164][ T6323]  ext4_buffered_write_iter+0x326/0x370
[   76.116774][ T6323]  ext4_file_write_iter+0x383/0xf20
[   76.122258][ T6323]  iter_file_splice_write+0x5f1/0x980
[   76.127761][ T6323]  direct_splice_actor+0x160/0x2c0
[   76.132906][ T6323]  splice_direct_to_actor+0x302/0x670
[   76.138293][ T6323]  do_splice_direct+0xd7/0x150
[   76.143088][ T6323]  do_sendfile+0x398/0x660
[   76.147557][ T6323]  __x64_sys_sendfile64+0x110/0x150
[   76.152888][ T6323]  x64_sys_call+0xfbd/0x2dc0
[   76.157522][ T6323]  do_syscall_64+0xc9/0x1c0
[   76.162162][ T6323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.168174][ T6323] 
[   76.170689][ T6323] read to 0xffff8881066f8ab8 of 4 bytes by task 6323 on cpu 1:
[   76.178239][ T6323]  __mark_inode_dirty+0x58/0x7e0
[   76.183271][ T6323]  ext4_write_inline_data_end+0x584/0x7b0
[   76.189034][ T6323]  ext4_write_end+0x3eb/0x770
[   76.193725][ T6323]  generic_perform_write+0x33c/0x4a0
[   76.199146][ T6323]  ext4_buffered_write_iter+0x1ea/0x370
[   76.204746][ T6323]  ext4_file_write_iter+0x383/0xf20
[   76.209982][ T6323]  iter_file_splice_write+0x5f1/0x980
[   76.215389][ T6323]  direct_splice_actor+0x160/0x2c0
[   76.220516][ T6323]  splice_direct_to_actor+0x302/0x670
[   76.225898][ T6323]  do_splice_direct+0xd7/0x150
[   76.230688][ T6323]  do_sendfile+0x398/0x660
[   76.235116][ T6323]  __x64_sys_sendfile64+0x110/0x150
[   76.240340][ T6323]  x64_sys_call+0xfbd/0x2dc0
[   76.244937][ T6323]  do_syscall_64+0xc9/0x1c0
[   76.249564][ T6323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.255490][ T6323] 
[   76.257810][ T6323] value changed: 0x0000003a -> 0x00000002
[   76.263519][ T6323] 
[   76.265838][ T6323] Reported by Kernel Concurrency Sanitizer on:
[   76.271985][ T6323] CPU: 1 UID: 0 PID: 6323 Comm: syz.1.859 Tainted: G        W          6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   76.283729][ T6323] Tainted: [W]=WARN
[   76.287535][ T6323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   76.297629][ T6323] ==================================================================
[   76.911951][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.