last executing test programs:

2m54.958739059s ago: executing program 3 (id=679):
unshare(0x28000600)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x48002)
r1 = syz_open_procfs(0x0, &(0x7f00000021c0)='fd/3\x00')
writev(r1, &(0x7f0000000580)=[{&(0x7f0000002180)}, {&(0x7f0000000640)="6b628ec11af9b4", 0x7}], 0x2)

2m54.012339742s ago: executing program 3 (id=700):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

2m53.720972331s ago: executing program 0 (id=708):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0xd}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x6, 0x400, 0x9, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x75}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m53.701140512s ago: executing program 4 (id=710):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000000), &(0x7f0000000200)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)

2m53.645051718s ago: executing program 1 (id=711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='+}[@\x00\x1f\rR=\x1e>\x88\"\xe0,\xd2\xc7D\xec\xe6\xb7\x8cC\x96\x91\xe8\x8aH\x04<\n\xf4\xd7\x9d\x14U\x92@>c\t\x86\xc9\x1c\xc7\xa3i\xad98\b\xaf\x03\x00\xb1\x9bWnux\x91\xd0\x80\xf5\xae\xd5\\\x01d\x16\vlF\xaaB$\xec\xe5\xa7\x8e\x11\t0N\x8e\xd6\x7f\x9f{\xc0\x068,\x01\xde\xe5f7\xab~\xaf\xff\x14\xa1\xfaZ)\xba\xab\xdd\x19$\x1c\x00\xa7\x1c\xe5\xc9\xaa\xf7\xfd\xe0\xd9\xa8\x04\xf2/\xb1(\x14\x84\xf0}\x14\xa5')
r1 = socket(0x10, 0x3, 0x9)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000002100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)

2m53.634130149s ago: executing program 0 (id=712):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

2m53.583915764s ago: executing program 4 (id=713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x80800)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000140)={0x0, 0x0, 0xa21b})

2m53.547684978s ago: executing program 0 (id=714):
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0xffc0}], 0x1}, 0x80d1)

2m53.494056863s ago: executing program 4 (id=715):
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c000000000000000000000c850000006d00000095"], &(0x7f0000001800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='9p_protocol_dump\x00', r2}, 0x10)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

2m53.469016485s ago: executing program 0 (id=716):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x40, 0x32, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0x7}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m53.42204658s ago: executing program 1 (id=717):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040))
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000001c0), 0x4)

2m52.957291396s ago: executing program 4 (id=718):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x38, 0x24, 0xd0f, 0x4703d2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)

2m52.676179493s ago: executing program 1 (id=719):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r2, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

2m52.558961655s ago: executing program 1 (id=720):
syz_open_dev$tty1(0xc, 0x4, 0x2)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x0, 0xbfdfffbc}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xc}, 0x0, 0x7, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_enter(r0, 0x32d7, 0x0, 0x46, 0x0, 0x0)

2m52.555866735s ago: executing program 3 (id=721):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x4002}, 0x50)

2m52.434902207s ago: executing program 4 (id=725):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
read$nci(r0, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)

2m52.39626608s ago: executing program 3 (id=726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0x8}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)

2m52.227707087s ago: executing program 0 (id=729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}, @TCA_CT_MARK={0x8, 0x10, 0x80000000}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000800)

2m52.186018351s ago: executing program 3 (id=730):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

2m52.112308329s ago: executing program 1 (id=731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
truncate(0x0, 0x8)

2m51.911008418s ago: executing program 1 (id=732):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000090000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="290b000000000000000020000000050003"], 0x1c}}, 0x2404c044)

2m51.910764018s ago: executing program 32 (id=732):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000090000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="290b000000000000000020000000050003"], 0x1c}}, 0x2404c044)

2m51.874159452s ago: executing program 0 (id=734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x30, r2, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x6, @bearer=@l2={'ib', 0x3a, 'vxcan1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x800)

2m51.873897381s ago: executing program 33 (id=734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x30, r2, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x6, @bearer=@l2={'ib', 0x3a, 'vxcan1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x800)

2m51.230153405s ago: executing program 3 (id=737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

2m51.219203586s ago: executing program 34 (id=737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

2m51.216520376s ago: executing program 4 (id=738):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
setreuid(0x0, 0xee00)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

2m51.215655646s ago: executing program 35 (id=738):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
setreuid(0x0, 0xee00)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

1.725106181s ago: executing program 6 (id=6328):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x4, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x85)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000050c0200000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000e0010380dc010080080003400000000273000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c000240000000000000000e14000180090001006c617374"], 0x290}}, 0x0)

1.566375377s ago: executing program 6 (id=6337):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000040)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}], 0x1)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.547855999s ago: executing program 6 (id=6339):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1.424526661s ago: executing program 6 (id=6348):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000001400)=ANY=[], 0x835, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x5, 0x9, 0x3, 0x3})

806.900201ms ago: executing program 8 (id=6372):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x3, 0x288}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x80000}, 0x18)
io_uring_enter(r1, 0x3516, 0xddd3, 0x4, 0x0, 0x0)

785.109173ms ago: executing program 2 (id=6373):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0xffffffffffffff97, 0x2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x10, 0x2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x46)
setsockopt$inet_mreq(r0, 0x0, 0x9, &(0x7f0000000080)={@loopback, @multicast2}, 0x8)
connect$inet(r0, &(0x7f0000000040)={0x10, 0x2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

713.24572ms ago: executing program 2 (id=6374):
renameat2(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0xffffffffffffffff, 0x0, 0x7)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000240)={0x9, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e21, @local}}}, 0x108)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e24, @multicast1}}, 0xd, 0x3}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x33, &(0x7f0000000100)=0x9, 0x4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000100)=""/231, &(0x7f0000000200)=0xe7)

712.912831ms ago: executing program 2 (id=6375):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10000008ebc, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', r0}, 0x18)

679.020834ms ago: executing program 2 (id=6376):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{0x0, 0x0, 0x9c}, {}]}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x2000}, {0x0, 0x10000, 0x0, 0x0, 0x400}, {}, {0x0, 0x400}, {}, {0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x8001}, {}, {}, {}, {}, {}, {}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {0x7}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xd5}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x10}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x800, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x5, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x5}, {}, {0xffffffff}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x800000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x4}, {}, {0xa7}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, {0x0, 0x0, 0x1000}, {}, {0xd2, 0x0, 0x0, 0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x4, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1000000}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {0x523e}, {}, {0x4, 0x0, 0x0, 0x10}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x4}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x2}, {0x2}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

674.693964ms ago: executing program 8 (id=6377):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x4c, 0x2c, 0x42f, 0x870bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

595.135632ms ago: executing program 2 (id=6379):
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x0)

593.424012ms ago: executing program 5 (id=6380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x0, 0x0, 0x0)

567.909195ms ago: executing program 2 (id=6381):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigpending(0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x10000, 0x0, 0x0, 0x0, 0x2, 0x1}})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}})

566.488975ms ago: executing program 5 (id=6382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
pipe2(&(0x7f0000001040), 0x0)

550.848297ms ago: executing program 8 (id=6383):
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000090000000500000007"], 0x48)
r0 = timerfd_create(0x0, 0x800)
timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec21, 0x1000, 0x400001, 0x40000333}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

514.43241ms ago: executing program 5 (id=6385):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000500), 0x12)

481.205333ms ago: executing program 5 (id=6387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0xffe0, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)

437.985028ms ago: executing program 6 (id=6388):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=@newchain={0x24, 0x64, 0x100, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x4}, {0xf, 0xc}, {0x3, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002980)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {}, {0x1c, 0xc}}}, 0x24}}, 0x44050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002100010000000000fcdbdf2502000000000000000000000006001d"], 0x2c}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[], 0x4d8}, 0x1, 0x0, 0x0, 0x20040010}, 0x54)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000ac0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x1, 0xffff}, {0x10}}}, 0x24}}, 0x20000004)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

435.770578ms ago: executing program 5 (id=6389):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0x1a0)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

375.334954ms ago: executing program 8 (id=6390):
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

374.653394ms ago: executing program 7 (id=6391):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

321.443849ms ago: executing program 5 (id=6392):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0), 0x4)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)

321.001589ms ago: executing program 8 (id=6393):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x300, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {0x20}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

320.767889ms ago: executing program 6 (id=6394):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

295.320002ms ago: executing program 8 (id=6395):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="070528bd7000ffdbdf251800000004"], 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x48800)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000380)={0x0, 0x3, 0x3, 0x7fff, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
read$watch_queue(r2, &(0x7f0000001d40)=""/4095, 0xfff)

165.550404ms ago: executing program 7 (id=6396):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x2a)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000040))

107.23873ms ago: executing program 7 (id=6397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
dup3(r2, r1, 0x0)

82.716993ms ago: executing program 7 (id=6398):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd2e}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x88c, 0x30, 0xffff, 0x70bd29, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x7ff, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x5, 0x0, 0x4e16, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000002, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8a, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x3a4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x894e, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4000000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4000000, 0x9, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x10, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000, 0x0, 0x0, 0x319e, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x401]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)

65.020244ms ago: executing program 7 (id=6399):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f00000007c0)='T', 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
recvmsg$unix(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)=""/230, 0xe6}], 0x1}, 0x0)

0s ago: executing program 7 (id=6400):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f00000001c0)="f1", 0x1)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

ute type 1 has an invalid length.
[  170.691283][T13160] bond1: (slave gretap1): making interface the new active one
[  170.709741][T13160] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  170.813783][T13150] loop6: detected capacity change from 0 to 32768
[  170.873035][T13150]  loop6: p1 p2 p3 < p5 p6 >
[  170.878197][T13150] loop6: p2 size 16775168 extends beyond EOD, truncated
[  170.894195][T13150] loop6: p5 start 4294970168 is beyond EOD, truncated
[  171.248548][T13173] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4117'.
[  171.506858][T13199] loop6: detected capacity change from 0 to 1024
[  171.513822][T13199] EXT4-fs: Ignoring removed nobh option
[  171.519481][T13199] EXT4-fs: Ignoring removed bh option
[  171.543207][T13199] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.629781][T13210] EXT4-fs (loop6): shut down requested (0)
[  171.657183][T13212] sctp: [Deprecated]: syz.5.4135 (pid 13212) Use of struct sctp_assoc_value in delayed_ack socket option.
[  171.657183][T13212] Use struct sctp_sack_info instead
[  171.726920][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.736294][ T3581] Bluetooth: hci0: command 0x1003 tx timeout
[  171.742306][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  171.794418][T13221] loop6: detected capacity change from 0 to 512
[  171.921561][T13221] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  171.953054][T13221] EXT4-fs (loop6): mount failed
[  172.069376][T13233] netlink: 'syz.8.4143': attribute type 10 has an invalid length.
[  172.090586][T13233] team0: Port device dummy0 removed
[  172.104713][T13233] .`: (slave dummy0): Enslaving as an active interface with an up link
[  172.189456][T13240] serio: Serial port ptm0
[  172.466193][ T4685] Bluetooth: hci0: Frame reassembly failed (-84)
[  172.650965][T13285] SELinux: failed to load policy
[  172.663529][T13291] loop2: detected capacity change from 0 to 512
[  172.698418][T13291] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  172.713387][T13278] loop7: detected capacity change from 0 to 32768
[  172.720646][T13291] EXT4-fs (loop2): mount failed
[  172.765135][T13278]  loop7: p1 p2 p3 < p5 p6 >
[  172.780736][T13278] loop7: p2 size 16775168 extends beyond EOD, truncated
[  172.789515][T13278] loop7: p5 start 4294970168 is beyond EOD, truncated
[  172.796603][T13305] loop5: detected capacity change from 0 to 128
[  172.903107][T13315] sctp: [Deprecated]: syz.7.4181 (pid 13315) Use of struct sctp_assoc_value in delayed_ack socket option.
[  172.903107][T13315] Use struct sctp_sack_info instead
[  173.171554][T13329] netlink: 'syz.2.4187': attribute type 3 has an invalid length.
[  173.369608][T13347] loop7: detected capacity change from 0 to 128
[  173.375974][T13349] loop5: detected capacity change from 0 to 128
[  173.403809][T13349] bio_check_eod: 1 callbacks suppressed
[  173.403829][T13349] syz.5.4194: attempt to access beyond end of device
[  173.403829][T13349] loop5: rw=0, sector=121, nr_sectors = 128 limit=128
[  173.685607][T13350] loop2: detected capacity change from 0 to 32768
[  173.723394][T13350]  loop2: p1 p2 p3 < p5 p6 >
[  173.728604][T13350] loop2: p2 size 16775168 extends beyond EOD, truncated
[  173.736979][T13350] loop2: p5 start 4294970168 is beyond EOD, truncated
[  173.764893][   T29] kauditd_printk_skb: 130 callbacks suppressed
[  173.764913][   T29] audit: type=1326 audit(173.741:6452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.807235][   T29] audit: type=1326 audit(173.771:6453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.830320][   T29] audit: type=1326 audit(173.771:6454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.853346][   T29] audit: type=1326 audit(173.771:6455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.876329][   T29] audit: type=1326 audit(173.771:6456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.899541][   T29] audit: type=1400 audit(173.771:6457): avc:  denied  { read write } for  pid=13361 comm="syz.6.4196" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  173.923709][   T29] audit: type=1400 audit(173.771:6458): avc:  denied  { open } for  pid=13361 comm="syz.6.4196" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  173.947672][   T29] audit: type=1326 audit(173.771:6459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.970813][   T29] audit: type=1326 audit(173.771:6460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  173.993767][   T29] audit: type=1326 audit(173.771:6461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13361 comm="syz.6.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  174.032880][T13371] sctp: [Deprecated]: syz.2.4204 (pid 13371) Use of struct sctp_assoc_value in delayed_ack socket option.
[  174.032880][T13371] Use struct sctp_sack_info instead
[  174.118989][T13379] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  174.133901][T13379] vhci_hcd: invalid port number 253
[  174.139157][T13379] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  174.533809][ T3581] Bluetooth: hci0: command 0x1003 tx timeout
[  174.539919][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  175.040429][T13424] __nla_validate_parse: 8 callbacks suppressed
[  175.040450][T13424] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  175.086272][T13424] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  175.154159][T13435] netlink: 'syz.6.4230': attribute type 3 has an invalid length.
[  175.241902][T13442] loop5: detected capacity change from 0 to 512
[  175.254582][T13442] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  175.269779][T13442] EXT4-fs (loop5): mount failed
[  175.441467][T13457] loop2: detected capacity change from 0 to 128
[  175.455020][T13457] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  175.532120][ T4685] Bluetooth: hci0: Frame reassembly failed (-84)
[  175.636444][T13465] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  175.656095][T13465] vhci_hcd: invalid port number 253
[  175.661428][T13465] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  175.736904][T13470] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4244'.
[  175.860108][T13480] loop7: detected capacity change from 0 to 512
[  175.876132][T13480] EXT4-fs warning (device loop7): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  175.891391][T13480] EXT4-fs (loop7): mount failed
[  176.070593][T13504] netlink: 96 bytes leftover after parsing attributes in process `syz.7.4260'.
[  176.228212][T13518] netlink: 4276 bytes leftover after parsing attributes in process `syz.5.4268'.
[  176.239116][T13518] netlink: 4276 bytes leftover after parsing attributes in process `syz.5.4268'.
[  176.248325][T13518] netlink: 396 bytes leftover after parsing attributes in process `syz.5.4268'.
[  176.296659][T13527] netlink: 'syz.7.4273': attribute type 3 has an invalid length.
[  176.520371][T13546] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5)
[  176.526962][T13546] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  176.534825][T13546] vhci_hcd vhci_hcd.0: Device attached
[  176.541396][T13550] vhci_hcd: connection closed
[  176.541705][ T4685] vhci_hcd: stop threads
[  176.550795][ T4685] vhci_hcd: release socket
[  176.555238][ T4685] vhci_hcd: disconnect device
[  176.881464][T13575] loop6: detected capacity change from 0 to 1764
[  176.939647][T13581] loop7: detected capacity change from 0 to 1024
[  176.946464][T13581] EXT4-fs: Ignoring removed nobh option
[  176.952066][T13581] EXT4-fs: Ignoring removed bh option
[  176.965100][T13581] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.036416][T13587] EXT4-fs (loop7): shut down requested (0)
[  177.155038][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.572706][ T3581] Bluetooth: hci0: command 0x1003 tx timeout
[  177.578811][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  177.652734][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.772160][T13643] loop6: detected capacity change from 0 to 1024
[  177.807610][T13643] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.854001][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.916077][T13654] hsr1: left promiscuous mode
[  177.921654][T13654] gtp0: left promiscuous mode
[  178.032480][T13671] netlink: 'syz.7.4343': attribute type 2 has an invalid length.
[  178.321593][T13688] loop2: detected capacity change from 0 to 512
[  178.373753][T13688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.404645][T13688] delete_channel: no stack
[  178.413961][T13688] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.434159][T13693] SELinux: failed to load policy
[  178.553618][T13697] loop6: detected capacity change from 0 to 256
[  178.587878][T13697] FAT-fs (loop6): bogus number of FAT sectors
[  178.594049][T13697] FAT-fs (loop6): Can't find a valid FAT filesystem
[  178.761800][T13707] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13707 comm=syz.2.4347
[  178.774701][T13707] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13707 comm=syz.2.4347
[  178.830413][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  178.830432][   T29] audit: type=1400 audit(178.801:6729): avc:  denied  { write } for  pid=13708 comm="syz.6.4348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  178.945177][   T29] audit: type=1400 audit(178.911:6730): avc:  denied  { create } for  pid=13718 comm="syz.7.4352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  178.964353][   T29] audit: type=1400 audit(178.911:6731): avc:  denied  { connect } for  pid=13718 comm="syz.7.4352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  179.148055][T13738] loop5: detected capacity change from 0 to 1024
[  179.197775][T13738] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.238719][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.278404][   T29] audit: type=1400 audit(179.251:6732): avc:  denied  { read write } for  pid=5316 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  179.302086][   T29] audit: type=1400 audit(179.251:6733): avc:  denied  { open } for  pid=5316 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  179.325695][   T29] audit: type=1400 audit(179.251:6734): avc:  denied  { ioctl } for  pid=5316 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  179.336214][T13750] netlink: 'syz.7.4366': attribute type 4 has an invalid length.
[  179.403475][T13755] netlink: 'syz.7.4366': attribute type 4 has an invalid length.
[  179.432376][   T29] audit: type=1400 audit(179.251:6735): avc:  denied  { prog_load } for  pid=13751 comm="syz.6.4369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  179.451152][   T29] audit: type=1400 audit(179.251:6736): avc:  denied  { bpf } for  pid=13751 comm="syz.6.4369" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  179.471248][   T29] audit: type=1400 audit(179.281:6737): avc:  denied  { map_create } for  pid=13751 comm="syz.6.4369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  179.489991][   T29] audit: type=1400 audit(179.281:6738): avc:  denied  { map_read map_write } for  pid=13751 comm="syz.6.4369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  179.689108][T13773] loop8: detected capacity change from 0 to 256
[  179.761438][T13773] FAT-fs (loop8): bogus number of FAT sectors
[  179.767669][T13773] FAT-fs (loop8): Can't find a valid FAT filesystem
[  180.004128][T13800] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13800 comm=syz.8.4390
[  180.017029][T13800] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13800 comm=syz.8.4390
[  180.220476][T13817] loop7: detected capacity change from 0 to 256
[  180.228555][T13817] FAT-fs (loop7): bogus number of FAT sectors
[  180.234693][T13817] FAT-fs (loop7): Can't find a valid FAT filesystem
[  180.557788][T13856] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4413'.
[  180.574849][T13857] loop5: detected capacity change from 0 to 256
[  180.594663][T13857] FAT-fs (loop5): bogus number of FAT sectors
[  180.600812][T13857] FAT-fs (loop5): Can't find a valid FAT filesystem
[  180.991094][T13887] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  181.070610][T13892] IPv6: NLM_F_CREATE should be specified when creating new route
[  181.089773][T13893] netlink: 'syz.2.4432': attribute type 21 has an invalid length.
[  181.118774][T13893] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4432'.
[  181.127929][T13893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4432'.
[  181.179644][T13900] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4436'.
[  182.186722][T13951] loop7: detected capacity change from 0 to 164
[  182.235827][T13951] syz.7.4456: attempt to access beyond end of device
[  182.235827][T13951] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  182.273457][T13951] syz.7.4456: attempt to access beyond end of device
[  182.273457][T13951] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  182.437454][T13942] veth1_macvtap: left allmulticast mode
[  182.455097][T13942] macsec0: left promiscuous mode
[  182.477351][T13974] netlink: 'syz.7.4462': attribute type 21 has an invalid length.
[  182.504809][T13942] bond2: left promiscuous mode
[  182.509784][T13942] vxcan3: left promiscuous mode
[  182.538170][T13942] batman_adv: batadv0: Interface deactivated: vxlan0
[  182.556355][T13942] hsr1: left promiscuous mode
[  182.575186][T13942] hsr2: left promiscuous mode
[  182.603795][T13942] gtp0: left promiscuous mode
[  182.618526][ T4661] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  182.627485][ T4661] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.636461][T13974] netlink: 156 bytes leftover after parsing attributes in process `syz.7.4462'.
[  182.645574][T13974] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4462'.
[  182.654883][ T4661] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  182.663910][ T4661] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.710358][ T4661] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  182.719353][ T4661] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.752761][ T4661] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  182.761740][ T4661] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.809086][T13984] loop7: detected capacity change from 0 to 128
[  183.036971][T13998] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4469'.
[  183.047757][T13995] loop2: detected capacity change from 0 to 2048
[  183.069541][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.069541][ T4643] loop7: rw=1, sector=145, nr_sectors = 8 limit=128
[  183.083771][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.083771][ T4643] loop7: rw=1, sector=161, nr_sectors = 8 limit=128
[  183.097582][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.097582][ T4643] loop7: rw=1, sector=177, nr_sectors = 8 limit=128
[  183.111677][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.111677][ T4643] loop7: rw=1, sector=193, nr_sectors = 8 limit=128
[  183.125589][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.125589][ T4643] loop7: rw=1, sector=209, nr_sectors = 8 limit=128
[  183.149664][T13995]  loop2: p1 p2 p3
[  183.174628][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.174628][ T4643] loop7: rw=1, sector=225, nr_sectors = 8 limit=128
[  183.189269][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.189269][ T4643] loop7: rw=1, sector=241, nr_sectors = 8 limit=128
[  183.203888][ T4643] kworker/u8:31: attempt to access beyond end of device
[  183.203888][ T4643] loop7: rw=1, sector=257, nr_sectors = 8 limit=128
[  183.378863][T14014] loop6: detected capacity change from 0 to 2048
[  183.405344][T14014] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.523300][T14024] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  183.542793][T14024] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1184 with error 28
[  183.555531][T14024] EXT4-fs (loop6): This should not happen!! Data will be lost
[  183.555531][T14024] 
[  183.565315][T14024] EXT4-fs (loop6): Total free blocks count 0
[  183.571403][T14024] EXT4-fs (loop6): Free/Dirty block details
[  183.577349][T14024] EXT4-fs (loop6): free_blocks=2415919504
[  183.583162][T14024] EXT4-fs (loop6): dirty_blocks=1184
[  183.588529][T14024] EXT4-fs (loop6): Block reservation details
[  183.594572][T14024] EXT4-fs (loop6): i_reserved_data_blocks=74
[  183.678831][T14028] loop2: detected capacity change from 0 to 512
[  183.703101][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.744809][T14028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.774429][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.835480][T14047] sit0: left promiscuous mode
[  183.841479][T14047] macvlan2: left promiscuous mode
[  183.850635][T14047] ip6tnl2: left promiscuous mode
[  183.856464][T14050] netlink: 'syz.6.4492': attribute type 13 has an invalid length.
[  183.857582][T14047] gtp0: left promiscuous mode
[  183.864512][T14050] netlink: 'syz.6.4492': attribute type 17 has an invalid length.
[  183.880550][ T4677] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  183.897336][T14050] gretap0: entered promiscuous mode
[  183.911175][T14050] sit0: left promiscuous mode
[  183.930539][T14050] 8021q: adding VLAN 0 to HW filter on device .`
[  183.939306][T14050] 8021q: adding VLAN 0 to HW filter on device team0
[  183.961303][T14050] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  183.977585][ T4677] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  183.987539][ T4677] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  183.998993][ T4677] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  184.043759][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  184.043779][   T29] audit: type=1400 audit(184.021:6925): avc:  denied  { create } for  pid=14059 comm="syz.2.4496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.077996][T14057] loop8: detected capacity change from 0 to 2048
[  184.083610][   T29] audit: type=1400 audit(184.041:6926): avc:  denied  { setopt } for  pid=14059 comm="syz.2.4496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.103455][   T29] audit: type=1400 audit(184.041:6927): avc:  denied  { bind } for  pid=14059 comm="syz.2.4496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.122471][   T29] audit: type=1400 audit(184.041:6928): avc:  denied  { name_bind } for  pid=14059 comm="syz.2.4496" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  184.143842][   T29] audit: type=1400 audit(184.041:6929): avc:  denied  { node_bind } for  pid=14059 comm="syz.2.4496" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  184.164245][   T29] audit: type=1400 audit(184.041:6930): avc:  denied  { write } for  pid=14059 comm="syz.2.4496" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.184377][   T29] audit: type=1400 audit(184.041:6931): avc:  denied  { connect } for  pid=14059 comm="syz.2.4496" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.204623][   T29] audit: type=1400 audit(184.041:6932): avc:  denied  { name_connect } for  pid=14059 comm="syz.2.4496" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  184.226218][   T29] audit: type=1400 audit(184.041:6933): avc:  denied  { shutdown } for  pid=14059 comm="syz.2.4496" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.275705][T14057]  loop8: p1 p2 p3
[  184.288716][T14066] loop6: detected capacity change from 0 to 512
[  184.313437][   T29] audit: type=1400 audit(184.291:6934): avc:  denied  { ioctl } for  pid=14067 comm="syz.8.4500" path="socket:[46278]" dev="sockfs" ino=46278 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  184.345742][T14066] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.375298][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.667624][T14109] loop5: detected capacity change from 0 to 2048
[  184.750859][T14109] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.945011][T14109] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  184.964207][T14109] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 404 with error 28
[  184.976883][T14109] EXT4-fs (loop5): This should not happen!! Data will be lost
[  184.976883][T14109] 
[  184.986568][T14109] EXT4-fs (loop5): Total free blocks count 0
[  184.992574][T14109] EXT4-fs (loop5): Free/Dirty block details
[  184.998505][T14109] EXT4-fs (loop5): free_blocks=2415919504
[  185.004306][T14109] EXT4-fs (loop5): dirty_blocks=416
[  185.009576][T14109] EXT4-fs (loop5): Block reservation details
[  185.015743][T14109] EXT4-fs (loop5): i_reserved_data_blocks=26
[  185.063341][T14148] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4535'.
[  185.089309][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.480368][T14177] loop7: detected capacity change from 0 to 1024
[  185.495093][T14177] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.511015][T14177] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  185.526320][T14177] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  185.538578][T14177] EXT4-fs (loop7): This should not happen!! Data will be lost
[  185.538578][T14177] 
[  185.548350][T14177] EXT4-fs (loop7): Total free blocks count 0
[  185.554402][T14177] EXT4-fs (loop7): Free/Dirty block details
[  185.560309][T14177] EXT4-fs (loop7): free_blocks=4293918720
[  185.566100][T14177] EXT4-fs (loop7): dirty_blocks=16
[  185.571229][T14177] EXT4-fs (loop7): Block reservation details
[  185.577275][T14177] EXT4-fs (loop7): i_reserved_data_blocks=1
[  185.597723][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.682269][T14188] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4551'.
[  185.691334][T14188] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4551'.
[  185.700574][T14188] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4551'.
[  185.709562][T14188] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4551'.
[  185.800906][T14193] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4553'.
[  185.897669][T14198] loop8: detected capacity change from 0 to 1024
[  185.904666][T14198] EXT4-fs: Ignoring removed nobh option
[  185.910407][T14198] EXT4-fs: Ignoring removed bh option
[  185.929961][T14198] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.962782][T14209] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4558'.
[  185.988001][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.022448][T14214] loop8: detected capacity change from 0 to 512
[  186.050846][T14217] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4563'.
[  186.055401][T14214] EXT4-fs error (device loop8): ext4_xattr_inode_iget:446: comm syz.8.4560: error while reading EA inode 32 err=-116
[  186.073073][T14214] EXT4-fs (loop8): Remounting filesystem read-only
[  186.079790][T14214] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  186.115081][T14217] geneve2: entered promiscuous mode
[  186.132890][T14214] EXT4-fs (loop8): 1 orphan inode deleted
[  186.139355][T14214] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.153387][ T4643] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.183686][ T4643] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.198152][ T4643] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.200428][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.213688][ T4643] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.302014][T14250] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4573'.
[  186.316092][T14252] SELinux:  Context system_u:object_r:auditd_etc_t:s0 is not valid (left unmapped).
[  186.355164][T14256] loop2: detected capacity change from 0 to 512
[  186.366204][T14256] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.4579: error while reading EA inode 32 err=-116
[  186.383459][T14258] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4580'.
[  186.395585][T14258] geneve2: entered promiscuous mode
[  186.403649][ T4643] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.425980][T14256] EXT4-fs (loop2): Remounting filesystem read-only
[  186.430458][ T4643] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.432617][T14256] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  186.452015][T14256] EXT4-fs (loop2): 1 orphan inode deleted
[  186.461560][T14256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.474152][ T4643] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.482943][ T4643] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.510501][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.528531][T14272] netlink: 'syz.5.4584': attribute type 10 has an invalid length.
[  186.537168][T14272] netlink: 'syz.5.4584': attribute type 10 has an invalid length.
[  186.546517][T14272] team0: Port device dummy0 removed
[  186.553430][T14272] dummy0: entered promiscuous mode
[  186.574308][T14272] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  186.616055][T14282] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4591'.
[  186.681713][T14295] ipip0: entered promiscuous mode
[  186.882732][T14323] loop5: detected capacity change from 0 to 1024
[  186.894399][T14323] EXT4-fs: Ignoring removed nobh option
[  186.900158][T14323] EXT4-fs: Ignoring removed bh option
[  186.940909][T14323] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.012300][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.030608][T14342] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  187.056742][T14348] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  187.056742][T14348]    program syz.5.4621 not setting count and/or reply_len properly
[  187.085899][T14347] loop8: detected capacity change from 0 to 2048
[  187.183426][T14347]  loop8: unable to read partition table
[  187.189124][T14347] loop8: partition table beyond EOD, truncated
[  187.195329][T14347] loop_reread_partitions: partition scan of loop8 () failed (rc=-5)
[  187.380308][T14373] loop2: detected capacity change from 0 to 1024
[  187.387418][T14373] EXT4-fs: Ignoring removed nobh option
[  187.393335][T14373] EXT4-fs: Ignoring removed bh option
[  187.415821][T14373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.519016][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.690283][T14403] ipip0: entered promiscuous mode
[  187.731615][T14405] loop2: detected capacity change from 0 to 512
[  187.742209][T14407] netlink: 'syz.6.4650': attribute type 10 has an invalid length.
[  187.753746][T14405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.767336][T14407] netlink: 'syz.6.4650': attribute type 10 has an invalid length.
[  187.805343][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.821772][T14415] loop6: detected capacity change from 0 to 128
[  187.833140][T14415] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.963699][ T5319] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.353536][T14434] loop2: detected capacity change from 0 to 32768
[  189.022274][T14494] loop5: detected capacity change from 0 to 128
[  189.030487][T14494] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  189.068704][ T5316] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  189.333924][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  189.333997][   T29] audit: type=1400 audit(445.315:7128): avc:  denied  { read } for  pid=14537 comm="syz.8.4696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  189.390254][   T29] audit: type=1400 audit(445.365:7129): avc:  denied  { ioctl } for  pid=14541 comm="syz.8.4698" path="socket:[53170]" dev="sockfs" ino=53170 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  189.434324][   T29] audit: type=1326 audit(445.415:7130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.438089][T14546] netlink: 'syz.7.4700': attribute type 12 has an invalid length.
[  189.457668][   T29] audit: type=1326 audit(445.435:7131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.472132][T14546] netlink: 'syz.7.4700': attribute type 12 has an invalid length.
[  189.488597][   T29] audit: type=1326 audit(445.445:7132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.519385][   T29] audit: type=1326 audit(445.445:7133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.542584][   T29] audit: type=1326 audit(445.445:7134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.565870][   T29] audit: type=1326 audit(445.445:7135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.588962][   T29] audit: type=1326 audit(445.445:7136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.611980][   T29] audit: type=1326 audit(445.445:7137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14543 comm="syz.8.4699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  189.686741][T14558] netlink: 'syz.2.4707': attribute type 30 has an invalid length.
[  189.698338][ T4643] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  189.707785][ T4643] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  189.717213][ T4643] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  189.734998][ T4643] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  189.821829][T14575] bridge0: port 3(macsec1) entered blocking state
[  189.828586][T14575] bridge0: port 3(macsec1) entered disabled state
[  189.837396][T14575] macsec1: entered allmulticast mode
[  189.842791][T14575] bridge0: entered allmulticast mode
[  189.849374][T14575] macsec1: left allmulticast mode
[  189.854571][T14575] bridge0: left allmulticast mode
[  190.003704][T14596] loop5: detected capacity change from 0 to 4096
[  190.019754][T14596] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  190.034220][T14596] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.058504][T14605] loop2: detected capacity change from 0 to 512
[  190.073662][T14603] netlink: 'syz.7.4724': attribute type 30 has an invalid length.
[  190.113636][T14605] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4735: couldn't read orphan inode 26 (err -116)
[  190.126293][T14605] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.139487][T14605] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.211982][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.272172][T14630] bridge0: port 4(macsec1) entered blocking state
[  190.278815][T14630] bridge0: port 4(macsec1) entered disabled state
[  190.285646][T14630] macsec1: entered allmulticast mode
[  190.290957][T14630] bridge0: entered allmulticast mode
[  190.297413][T14630] macsec1: left allmulticast mode
[  190.302724][T14630] bridge0: left allmulticast mode
[  190.394674][T14640] loop6: detected capacity change from 0 to 512
[  190.433996][T14640] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.4739: couldn't read orphan inode 26 (err -116)
[  190.447140][T14640] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.460458][T14640] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.688826][T14671] __nla_validate_parse: 12 callbacks suppressed
[  190.688847][T14671] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4745'.
[  190.768109][T14678] geneve3: entered promiscuous mode
[  190.776349][  T294] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.792975][  T294] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.809359][  T294] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.818440][  T294] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.982367][T14685] loop6: detected capacity change from 0 to 32768
[  191.022981][T14685]  loop6: p2 p3 < p5 p6 >
[  191.027410][T14685] loop6: p2 size 16775168 extends beyond EOD, truncated
[  191.035445][T14685] loop6: p5 start 4294970168 is beyond EOD, truncated
[  191.187243][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.196301][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.221046][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.230183][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.257723][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.266876][T14702] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4766'.
[  191.444323][T14730] loop5: detected capacity change from 0 to 2048
[  191.454971][T14730] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.484547][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.513815][T14735] loop5: detected capacity change from 0 to 1024
[  191.536925][T14735] EXT4-fs (loop5): shut down requested (2)
[  191.543662][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.553841][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.563036][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.572217][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.583187][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.592322][T14735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  191.881739][T14766] can0: slcan on ttyS3.
[  191.909679][T14772] wireguard0: entered promiscuous mode
[  191.915296][T14772] wireguard0: entered allmulticast mode
[  191.923171][T14766] can0 (unregistered): slcan off ttyS3.
[  191.938783][T14766] Falling back ldisc for ttyS3.
[  192.107026][T14795] loop6: detected capacity change from 0 to 164
[  192.114551][T14795] Unable to read rock-ridge attributes
[  192.122574][T14795] Unable to read rock-ridge attributes
[  192.124741][T14797] pim6reg: entered allmulticast mode
[  192.133150][T14795] bio_check_eod: 104 callbacks suppressed
[  192.133173][T14795] syz.6.4805: attempt to access beyond end of device
[  192.133173][T14795] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  192.137251][T14797] pim6reg: left allmulticast mode
[  192.139247][T14795] syz.6.4805: attempt to access beyond end of device
[  192.139247][T14795] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  192.279288][T14816] loop5: detected capacity change from 0 to 1024
[  192.294205][T14816] EXT4-fs: Ignoring removed orlov option
[  192.300193][T14816] EXT4-fs: Ignoring removed orlov option
[  192.307807][T14818] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4815'.
[  192.325343][T14820] loop8: detected capacity change from 0 to 128
[  192.358415][T14820] syz.8.4817: attempt to access beyond end of device
[  192.358415][T14820] loop8: rw=2049, sector=153, nr_sectors = 8 limit=128
[  192.374793][T14830] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14830 comm=syz.6.4820
[  192.388280][T14830] netlink: 'syz.6.4820': attribute type 1 has an invalid length.
[  192.396475][T14820] syz.8.4817: attempt to access beyond end of device
[  192.396475][T14820] loop8: rw=2049, sector=169, nr_sectors = 8 limit=128
[  192.416100][T14820] syz.8.4817: attempt to access beyond end of device
[  192.416100][T14820] loop8: rw=2049, sector=185, nr_sectors = 8 limit=128
[  192.430190][T14820] syz.8.4817: attempt to access beyond end of device
[  192.430190][T14820] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  192.444262][T14820] syz.8.4817: attempt to access beyond end of device
[  192.444262][T14820] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  192.449502][T14836] bond0: (slave bridge4): making interface the new active one
[  192.458589][T14820] syz.8.4817: attempt to access beyond end of device
[  192.458589][T14820] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  192.479313][T14820] syz.8.4817: attempt to access beyond end of device
[  192.479313][T14820] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  192.493081][T14820] syz.8.4817: attempt to access beyond end of device
[  192.493081][T14820] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  192.507589][T14836] bond0: (slave bridge4): Enslaving as an active interface with an up link
[  192.597427][T14850] serio: Serial port ttyS3
[  192.657966][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.664258][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.670610][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.679522][T14862] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  192.690212][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.718542][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.733040][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.750153][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.756903][T14862] hsr0 speed is unknown, defaulting to 1000
[  192.847426][T14887] syzkaller1: entered promiscuous mode
[  192.853193][T14887] syzkaller1: entered allmulticast mode
[  192.992036][T14903] loop7: detected capacity change from 0 to 512
[  192.998551][T14902] loop5: detected capacity change from 0 to 2048
[  193.005516][T14903] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  193.016794][T14903] EXT4-fs (loop7): 1 truncate cleaned up
[  193.025464][T14903] EXT4-fs error (device loop7): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.7.4850: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  193.059629][T14903] EXT4-fs error (device loop7) in ext4_delete_entry:2739: Corrupt filesystem
[  193.072888][T14903] EXT4-fs warning (device loop7): ext4_rename_delete:3731: inode #2: comm syz.7.4850: Deleting old file: nlink 5, error=-117
[  193.108576][T14910] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4851'.
[  193.248932][T14919] loop5: detected capacity change from 0 to 512
[  193.255904][T14919] EXT4-fs: Ignoring removed orlov option
[  193.263234][T14919] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.4855: corrupted in-inode xattr: bad e_name length
[  193.277291][T14919] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4855: couldn't read orphan inode 15 (err -117)
[  193.294062][T14919] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 12: comm syz.5.4855: lblock 3 mapped to illegal pblock 12 (length 1)
[  193.395982][T14930] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4860'.
[  193.449724][T14937] netlink: 'syz.2.4863': attribute type 1 has an invalid length.
[  193.453177][T13976] hid_parser_main: 43 callbacks suppressed
[  193.453273][T13976] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  193.470990][T14937] bond0: (slave ip6gretap1): making interface the new active one
[  193.471424][T13976] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  193.479216][T14937] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  193.496312][T14937] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  193.504485][T14937] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  193.609344][T14954] loop2: detected capacity change from 0 to 736
[  193.697231][T14977] netlink: 'syz.7.4881': attribute type 1 has an invalid length.
[  193.920381][T15003] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  193.937489][T15003] SELinux: failed to load policy
[  193.994855][T15017] loop8: detected capacity change from 0 to 2048
[  194.042045][T15017] Alternate GPT is invalid, using primary GPT.
[  194.048539][T15017]  loop8: p2 p3 p7
[  194.103366][T15041] netlink: 'syz.8.4911': attribute type 4 has an invalid length.
[  194.354746][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  194.354762][   T29] audit: type=1326 audit(451.331:7491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.384772][   T29] audit: type=1326 audit(451.361:7492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.407930][   T29] audit: type=1326 audit(451.361:7493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.430863][   T29] audit: type=1326 audit(451.361:7494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.454169][   T29] audit: type=1326 audit(451.361:7495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.477211][   T29] audit: type=1326 audit(451.391:7496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.500197][   T29] audit: type=1326 audit(451.391:7497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.523113][   T29] audit: type=1326 audit(451.391:7498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.546087][   T29] audit: type=1326 audit(451.391:7499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.569117][   T29] audit: type=1326 audit(451.391:7500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.8.4920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  194.920041][T15106] hsr0 speed is unknown, defaulting to 1000
[  194.944041][T15112] sch_tbf: burst 2976 is lower than device lo mtu (11337746) !
[  195.128689][T15130] SELinux: failed to load policy
[  195.180602][T15142] hsr0 speed is unknown, defaulting to 1000
[  195.277941][T15151] loop5: detected capacity change from 0 to 1024
[  195.308623][T15151] EXT4-fs mount: 10 callbacks suppressed
[  195.308666][T15151] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.379282][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.449812][T15167] Unsupported xt match
[  195.449825][T15167] unable to load match
[  195.508681][T15173] policy can only be matched on NF_INET_PRE_ROUTING
[  195.508696][T15173] unable to load match
[  195.634122][T15183] macsec1: entered promiscuous mode
[  195.639470][T15183] bridge0: entered promiscuous mode
[  195.645411][T15183] bridge0: port 4(macsec1) entered blocking state
[  195.652090][T15183] bridge0: port 4(macsec1) entered disabled state
[  195.658986][T15183] macsec1: entered allmulticast mode
[  195.664339][T15183] bridge0: entered allmulticast mode
[  195.671789][T15183] macsec1: left allmulticast mode
[  195.677011][T15183] bridge0: left allmulticast mode
[  195.703717][T15183] bridge0: left promiscuous mode
[  195.809916][T15193] loop6: detected capacity change from 0 to 2048
[  195.825148][T15190] hsr0 speed is unknown, defaulting to 1000
[  195.834965][T15195] __nla_validate_parse: 9 callbacks suppressed
[  195.834982][T15195] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4981'.
[  195.869496][  T294] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  195.887537][T15195] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4981'.
[  195.932714][  T294] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  195.942447][T15193] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.965579][  T294] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  195.974705][  T294] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  195.994241][T15199] SELinux:  policydb table sizes (0,0) do not match mine (6,6)
[  196.001983][T15199] SELinux: failed to load policy
[  196.062732][T15203] hsr0 speed is unknown, defaulting to 1000
[  196.070114][T15208] netlink: 'syz.7.4986': attribute type 1 has an invalid length.
[  196.161838][T15208] 8021q: adding VLAN 0 to HW filter on device bond2
[  196.187982][T15213] 8021q: adding VLAN 0 to HW filter on device batadv1
[  196.220257][T15213] bond2: (slave batadv1): making interface the new active one
[  196.229652][T15213] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  196.231319][T15208] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4986'.
[  196.283941][T15208] bond2 (unregistering): (slave batadv1): Releasing active interface
[  196.303140][T15208] bond2 (unregistering): Released all slaves
[  196.324886][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.384548][T15228] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4994'.
[  196.447236][T15228] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4994'.
[  196.510128][T15233] loop6: detected capacity change from 0 to 512
[  196.526725][T15233] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  196.540289][T15233] EXT4-fs (loop6): 1 truncate cleaned up
[  196.546501][T15233] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.580426][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.702129][T15255] netlink: 'syz.6.5005': attribute type 29 has an invalid length.
[  196.711268][T15255] netlink: 'syz.6.5005': attribute type 29 has an invalid length.
[  196.729123][T15257] loop7: detected capacity change from 0 to 1024
[  196.736395][T15257] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  196.739249][T15255] netlink: 'syz.6.5005': attribute type 29 has an invalid length.
[  196.747455][T15257] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  196.766159][T15257] JBD2: no valid journal superblock found
[  196.771915][T15257] EXT4-fs (loop7): Could not load journal inode
[  196.783011][T15255] netlink: 'syz.6.5005': attribute type 29 has an invalid length.
[  196.795463][T15257] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  196.827093][T15259] loop7: detected capacity change from 0 to 1024
[  196.835551][T15259] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.979645][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.124433][T15299] bridge0: port 1(macsec1) entered blocking state
[  197.131047][T15299] bridge0: port 1(macsec1) entered disabled state
[  197.137965][T15299] macsec1: entered allmulticast mode
[  197.143337][T15299] bridge0: entered allmulticast mode
[  197.149264][T15299] macsec1: left allmulticast mode
[  197.154337][T15299] bridge0: left allmulticast mode
[  197.171531][T15302] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5034'.
[  197.180719][T15302] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5034'.
[  197.189690][T15302] netlink: 156 bytes leftover after parsing attributes in process `syz.8.5034'.
[  197.297517][T15320] loop8: detected capacity change from 0 to 512
[  197.324337][T15320] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.5029: couldn't read orphan inode 26 (err -116)
[  197.340003][T15320] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.353490][T15320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.417780][T15337] vhci_hcd: default hub control req: 4003 v0000 i0000 l31125
[  197.528297][T15356] loop6: detected capacity change from 0 to 1024
[  197.535386][T15356] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  197.546437][T15356] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  197.557325][T15356] JBD2: no valid journal superblock found
[  197.563148][T15356] EXT4-fs (loop6): Could not load journal inode
[  198.070097][T15376] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  198.788195][T15422] can0: slcan on ttyS3.
[  198.823699][T15422] can0 (unregistered): slcan off ttyS3.
[  198.832291][T15422] Falling back ldisc for ttyS3.
[  198.843913][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.851363][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.858860][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.866407][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.873970][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x2
[  198.881373][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.888894][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.896381][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.904466][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.911948][T13976] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.926236][T15432] geneve3: entered promiscuous mode
[  198.930598][T13976] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  199.171995][T15457] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5085'.
[  199.310342][T15455] loop5: detected capacity change from 0 to 32768
[  199.365634][T15455]  loop5: p2 p3 < p5 p6 >
[  199.370184][T15455] loop5: p2 size 16775168 extends beyond EOD, truncated
[  199.378676][T15455] loop5: p5 start 4294970168 is beyond EOD, truncated
[  199.416613][T15483] macvtap0: refused to change device tx_queue_len
[  199.519738][T15493] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5103'.
[  199.531035][   T29] kauditd_printk_skb: 846 callbacks suppressed
[  199.531054][   T29] audit: type=1326 audit(456.511:8347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.560196][   T29] audit: type=1326 audit(456.511:8348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.583132][   T29] audit: type=1326 audit(456.511:8349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.612893][   T29] audit: type=1326 audit(456.511:8350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.635956][   T29] audit: type=1326 audit(456.511:8351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.659054][   T29] audit: type=1326 audit(456.581:8352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.682138][   T29] audit: type=1326 audit(456.581:8353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.705229][   T29] audit: type=1326 audit(456.581:8354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.728202][   T29] audit: type=1326 audit(456.581:8355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.751066][   T29] audit: type=1326 audit(456.581:8356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15494 comm="syz.8.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  199.841446][T15509] loop5: detected capacity change from 0 to 1024
[  199.852009][T15509] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  199.865501][T15512] wireguard0: entered promiscuous mode
[  199.871037][T15512] wireguard0: entered allmulticast mode
[  199.876832][T15509] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  199.894067][T15509] EXT4-fs (loop5): orphan cleanup on readonly fs
[  199.900743][T15509] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.5118: Freeing blocks not in datazone - block = 0, count = 4096
[  199.914607][T15509] EXT4-fs (loop5): 1 orphan inode deleted
[  199.920995][T15509] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.946279][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.126896][T15528] hsr0 speed is unknown, defaulting to 1000
[  200.187857][T15534] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15534 comm=syz.8.5115
[  200.233351][T15534] netlink: 'syz.8.5115': attribute type 1 has an invalid length.
[  200.276694][T15536] loop5: detected capacity change from 0 to 764
[  200.310157][T15537] bond0: (slave bridge3): making interface the new active one
[  200.349163][T15523] rock: directory entry would overflow storage
[  200.355469][T15523] rock: sig=0x4f50, size=4, remaining=3
[  200.361193][T15523] iso9660: Corrupted directory entry in block 4 of inode 1792
[  200.372961][T15537] bond0: (slave bridge3): Enslaving as an active interface with an up link
[  200.422386][T15546] netlink: 'syz.6.5120': attribute type 4 has an invalid length.
[  200.474796][T15528] pimreg: entered allmulticast mode
[  200.486245][T15528] pimreg: left allmulticast mode
[  200.760672][T15587] program syz.2.5141 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.001456][T15618] loop8: detected capacity change from 0 to 256
[  201.135960][T15629] ipip0: entered promiscuous mode
[  201.144237][T15631] __nla_validate_parse: 2 callbacks suppressed
[  201.144317][T15631] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5159'.
[  201.231451][T15642] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5163'.
[  201.273389][T15644] loop6: detected capacity change from 0 to 1024
[  201.283878][T15644] EXT4-fs: Ignoring removed bh option
[  201.292222][T15650] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5168'.
[  201.302320][T15644] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  201.340757][T15644] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.361244][T15644] EXT4-fs error (device loop6): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.6.5165: path /956/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  201.464732][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.523535][T15668] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5173'.
[  202.263201][T15708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.274421][T15708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.402335][T15719] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  202.412956][T15719] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.454112][T15719] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  202.464567][T15719] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.524056][T15719] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  202.534527][T15719] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.598853][T15719] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  202.609327][T15719] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.732865][ T4677] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  202.741132][ T4677] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.803020][ T4677] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  202.811256][ T4677] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.868199][ T4677] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  202.876664][ T4677] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.920603][ T4677] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  202.929037][ T4677] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.098463][T15759] vhci_hcd: default hub control req: 4003 v0000 i0000 l31125
[  203.361039][T15780] hsr0 speed is unknown, defaulting to 1000
[  203.522169][T15776] hsr0 speed is unknown, defaulting to 1000
[  203.688722][T15782] hsr0 speed is unknown, defaulting to 1000
[  204.125410][T15783] pimreg: entered allmulticast mode
[  204.132787][T15780] pimreg: left allmulticast mode
[  204.148077][T15791] ipip1: entered promiscuous mode
[  204.177258][T15793] macsec1: entered promiscuous mode
[  204.182792][T15793] bridge0: entered promiscuous mode
[  204.190714][T15793] bridge0: port 1(macsec1) entered blocking state
[  204.197337][T15793] bridge0: port 1(macsec1) entered disabled state
[  204.208139][T15793] macsec1: entered allmulticast mode
[  204.213628][T15793] bridge0: entered allmulticast mode
[  204.222818][T15793] macsec1: left allmulticast mode
[  204.227908][T15793] bridge0: left allmulticast mode
[  204.243091][T15793] bridge0: left promiscuous mode
[  204.274793][T15797] syz_tun (unregistering): left allmulticast mode
[  204.281303][T15797] syz_tun (unregistering): left promiscuous mode
[  204.287751][T15797] bridge0: port 3(syz_tun) entered disabled state
[  204.405488][T15811] loop7: detected capacity change from 0 to 128
[  204.433523][T15811] bio_check_eod: 4 callbacks suppressed
[  204.433540][T15811] syz.7.5228: attempt to access beyond end of device
[  204.433540][T15811] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128
[  204.468668][T15811] syz.7.5228: attempt to access beyond end of device
[  204.468668][T15811] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128
[  204.496753][T15811] syz.7.5228: attempt to access beyond end of device
[  204.496753][T15811] loop7: rw=2049, sector=177, nr_sectors = 8 limit=128
[  204.517610][T15811] syz.7.5228: attempt to access beyond end of device
[  204.517610][T15811] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128
[  204.536219][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  204.536238][   T29] audit: type=1326 audit(461.511:8519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  204.565598][   T29] audit: type=1326 audit(461.511:8520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0f7a42af79 code=0x7ffc0000
[  204.588543][   T29] audit: type=1326 audit(461.511:8521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  204.602776][T15811] syz.7.5228: attempt to access beyond end of device
[  204.602776][T15811] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[  204.627880][T15811] syz.7.5228: attempt to access beyond end of device
[  204.627880][T15811] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[  204.643764][T15811] syz.7.5228: attempt to access beyond end of device
[  204.643764][T15811] loop7: rw=2049, sector=241, nr_sectors = 8 limit=128
[  204.647107][   T29] audit: type=1326 audit(461.611:8522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  204.668518][T15811] syz.7.5228: attempt to access beyond end of device
[  204.668518][T15811] loop7: rw=2049, sector=257, nr_sectors = 8 limit=128
[  204.680544][   T29] audit: type=1326 audit(461.611:8523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0f7a42af79 code=0x7ffc0000
[  204.716985][   T29] audit: type=1326 audit(461.611:8524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  204.737286][T15811] syz.7.5228: attempt to access beyond end of device
[  204.737286][T15811] loop7: rw=2049, sector=273, nr_sectors = 8 limit=128
[  204.739930][   T29] audit: type=1326 audit(461.621:8525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  204.776312][   T29] audit: type=1326 audit(461.621:8526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0f7a42af79 code=0x7ffc0000
[  204.799179][   T29] audit: type=1326 audit(461.621:8527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  204.914900][T15811] syz.7.5228: attempt to access beyond end of device
[  204.914900][T15811] loop7: rw=2049, sector=289, nr_sectors = 8 limit=128
[  204.952752][   T29] audit: type=1326 audit(461.641:8528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15814 comm="syz.6.5230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  205.136927][T15828] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5237'.
[  205.180274][T15830] loop7: detected capacity change from 0 to 512
[  205.202689][T15830] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  205.218136][T15830] EXT4-fs (loop7): 1 truncate cleaned up
[  205.226995][T15830] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.287220][T15833] loop5: detected capacity change from 0 to 512
[  205.350598][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.360417][T15833] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  205.371719][T15835] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  205.380814][T15839] loop6: detected capacity change from 0 to 128
[  205.409062][T15833] EXT4-fs (loop5): 1 truncate cleaned up
[  205.418053][T15839] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.449761][T15833] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.466600][T15843] hsr0 speed is unknown, defaulting to 1000
[  205.486724][ T5319] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  205.651216][T15843] pimreg: entered allmulticast mode
[  205.665665][T15861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.677002][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.694754][T15861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.702689][T15843] pimreg: left allmulticast mode
[  206.317642][T15880] hsr0 speed is unknown, defaulting to 1000
[  206.336009][T15882] loop8: detected capacity change from 0 to 1024
[  206.393264][T15882] EXT4-fs: Ignoring removed orlov option
[  206.429237][T15882] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.557166][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.682246][T15912] loop7: detected capacity change from 0 to 128
[  206.713002][T15912] EXT4-fs: Ignoring removed nobh option
[  206.734867][T15912] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  206.849536][T15919] macsec1: entered promiscuous mode
[  206.854833][T15919] bridge0: entered promiscuous mode
[  206.870986][ T5323] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  206.903277][T15919] bridge0: port 3(macsec1) entered blocking state
[  206.909845][T15919] bridge0: port 3(macsec1) entered disabled state
[  206.940139][T15919] macsec1: entered allmulticast mode
[  206.945654][T15919] bridge0: entered allmulticast mode
[  206.963620][T15919] macsec1: left allmulticast mode
[  206.968724][T15919] bridge0: left allmulticast mode
[  206.980225][T15919] bridge0: left promiscuous mode
[  207.159088][T15934] netlink: 280 bytes leftover after parsing attributes in process `syz.2.5277'.
[  207.494976][T15955] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5287'.
[  207.884322][T15974] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5296'.
[  207.997763][T15974] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5296'.
[  208.006928][T15974] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5296'.
[  208.015928][T15974] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5296'.
[  208.270625][T15991] 9pnet_fd: Insufficient options for proto=fd
[  208.285999][T15993] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.296445][T15993] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.337252][T15997] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5306'.
[  208.354458][T15993] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.364990][T15993] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.413508][T16007] netlink: 'syz.8.5310': attribute type 10 has an invalid length.
[  208.425068][T16007] team0 (unregistering): Port device team_slave_0 removed
[  208.433064][T16007] team0 (unregistering): Port device team_slave_1 removed
[  208.441089][T16007] team0 (unregistering): Port device macvlan2 removed
[  208.470523][T15993] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.480985][T15993] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.554736][T15993] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.565191][T15993] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.623815][T16020] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5315'.
[  208.647974][T16022] loop8: detected capacity change from 0 to 1024
[  208.656493][T16022] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.667643][T16022] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  208.678355][T16022] JBD2: no valid journal superblock found
[  208.684198][T16022] EXT4-fs (loop8): Could not load journal inode
[  208.696627][T16022] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  208.702859][ T4653] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  208.714506][ T4653] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.762333][ T4653] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  208.770718][ T4653] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  208.814517][ T4653] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  208.822927][ T4653] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.835086][ T4653] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  208.843467][ T4653] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.893472][T16042] serio: Serial port ttyS3
[  208.956041][T16053] siw: device registration error -23
[  209.011060][T16059] netlink: 19 bytes leftover after parsing attributes in process `syz.5.5330'.
[  209.134873][T16064] hsr0 speed is unknown, defaulting to 1000
[  209.305180][T16079] loop6: detected capacity change from 0 to 512
[  209.336543][T16079] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  209.400329][T16079] EXT4-fs (loop6): 1 truncate cleaned up
[  209.410192][T16079] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.450449][T16085] loop7: detected capacity change from 0 to 512
[  209.477253][T16085] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.548828][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.567769][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.644317][T16098] loop5: detected capacity change from 0 to 1024
[  209.651642][T16098] EXT4-fs: Ignoring removed oldalloc option
[  209.657832][T16098] EXT4-fs: Ignoring removed bh option
[  209.667333][T16098] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.759893][T16104] netlink: 'syz.7.5346': attribute type 10 has an invalid length.
[  209.775809][T16104] team0 (unregistering): Port device team_slave_0 removed
[  209.796970][T16104] team0 (unregistering): Port device team_slave_1 removed
[  209.818367][T16104] team0 (unregistering): Port device dummy0 removed
[  209.931310][T16098] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.5344: Allocating blocks 1-17 which overlap fs metadata
[  210.019396][T16111] loop7: detected capacity change from 0 to 128
[  210.027551][T16111] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  210.088595][ T5323] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.105740][T16116] 9pnet_fd: Insufficient options for proto=fd
[  210.124314][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.190901][T16127] rdma_op ffff88812cefd180 conn xmit_rdma 0000000000000000
[  210.197966][T16129] bridge_slave_0: left promiscuous mode
[  210.203924][T16129] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.206043][   T29] kauditd_printk_skb: 460 callbacks suppressed
[  210.206064][   T29] audit: type=1326 audit(467.181:8989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.241375][   T29] audit: type=1326 audit(467.181:8990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.264543][   T29] audit: type=1326 audit(467.181:8991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.270074][T16129] bridge_slave_1: left allmulticast mode
[  210.287544][   T29] audit: type=1326 audit(467.181:8992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.287633][   T29] audit: type=1326 audit(467.181:8993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.339509][T16129] bridge_slave_1: left promiscuous mode
[  210.345314][T16129] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.345337][   T29] audit: type=1326 audit(467.221:8994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.345370][   T29] audit: type=1326 audit(467.221:8995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.398202][   T29] audit: type=1326 audit(467.241:8996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.421114][   T29] audit: type=1326 audit(467.241:8997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.444200][   T29] audit: type=1326 audit(467.241:8998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.6.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  210.479051][T16129] bond0: (slave bond_slave_0): Releasing backup interface
[  210.492154][T16137] netlink: 'syz.6.5360': attribute type 10 has an invalid length.
[  210.501053][T16129] bond0: (slave bond_slave_1): Releasing backup interface
[  210.508990][T16129] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.517660][T16129] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.530832][T16129] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  210.705054][T16168] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5369'.
[  210.760804][T16174] vlan1: entered allmulticast mode
[  210.766057][T16174] bridge_slave_0: entered allmulticast mode
[  211.213557][T16226] pim6reg1: entered promiscuous mode
[  211.218932][T16226] pim6reg1: entered allmulticast mode
[  211.233776][T16228] loop6: detected capacity change from 0 to 128
[  211.429475][T16250] loop5: detected capacity change from 0 to 256
[  211.446001][T16250] vfat: Bad value for 'fmask'
[  211.504443][T13958] kernel write not supported for file [eventfd] (pid: 13958 comm: kworker/0:13)
[  211.875326][T16309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.884040][T16309] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.089202][T16327] loop5: detected capacity change from 0 to 1024
[  212.096401][T16327] EXT4-fs: inline encryption not supported
[  212.116941][T16327] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.153087][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.519675][T16365] __nla_validate_parse: 4 callbacks suppressed
[  212.519694][T16365] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5462'.
[  212.557817][T16370] macsec0: entered promiscuous mode
[  212.563164][T16370] macsec0: left allmulticast mode
[  212.607366][T16375] hsr0 speed is unknown, defaulting to 1000
[  212.753644][T16390] loop8: detected capacity change from 0 to 256
[  212.760458][T16390] vfat: Bad value for 'fmask'
[  212.873338][T16405] netlink: 'syz.2.5479': attribute type 1 has an invalid length.
[  212.887749][T16405] 8021q: adding VLAN 0 to HW filter on device bond3
[  213.031061][T16427] loop7: detected capacity change from 0 to 512
[  213.048032][T16427] EXT4-fs warning (device loop7): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  213.078999][T16427] EXT4-fs (loop7): mount failed
[  213.093782][T16438] macsec0: entered promiscuous mode
[  213.148163][T16443] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  213.154729][T16443] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  213.162450][T16443] vhci_hcd vhci_hcd.0: Device attached
[  213.181485][T16446] vhci_hcd: cannot find a urb of seqnum 8 max seqnum 0
[  213.192736][  T294] vhci_hcd: stop threads
[  213.197027][  T294] vhci_hcd: release socket
[  213.201448][  T294] vhci_hcd: disconnect device
[  213.280899][T16458] loop8: detected capacity change from 0 to 512
[  213.299509][T16458] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  213.319678][T16458] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  213.327671][T16458] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  213.337089][T16458] System zones: 0-1, 15-15, 18-18, 34-34
[  213.343061][T16458] EXT4-fs (loop8): orphan cleanup on readonly fs
[  213.349531][T16458] EXT4-fs warning (device loop8): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  213.364211][T16458] EXT4-fs (loop8): Cannot turn on quotas: error -22
[  213.374267][T16458] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5493: bg 0: block 40: padding at end of block bitmap is not set
[  213.392695][T16458] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  213.402854][T16458] EXT4-fs (loop8): 1 truncate cleaned up
[  213.408898][T16458] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  213.434539][T16472] netlink: 'syz.7.5505': attribute type 39 has an invalid length.
[  213.692935][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.767862][T16492] netlink: 542 bytes leftover after parsing attributes in process `syz.8.5515'.
[  213.812397][T16496] loop8: detected capacity change from 0 to 1024
[  213.819709][T16496] EXT4-fs: inline encryption not supported
[  213.834590][T16496] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.864006][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.960110][T16521] xt_TPROXY: Can be used only with -p tcp or -p udp
[  214.002049][T16526] loop7: detected capacity change from 0 to 512
[  214.014029][T16526] EXT4-fs (loop7): too many log groups per flexible block group
[  214.021820][T16526] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  214.028833][T16526] EXT4-fs (loop7): mount failed
[  214.038234][T16532] loop5: detected capacity change from 0 to 512
[  214.076501][T16532] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  214.117021][T16532] EXT4-fs (loop5): orphan cleanup on readonly fs
[  214.146149][T16532] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.5531: corrupted inode contents
[  214.177838][T16547] loop6: detected capacity change from 0 to 512
[  214.206811][T16532] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #16: comm syz.5.5531: mark_inode_dirty error
[  214.245801][T16547] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.258625][T16532] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.5531: corrupted inode contents
[  214.282793][T16532] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.5531: mark_inode_dirty error
[  214.297891][T16532] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.5531: corrupted inode contents
[  214.320482][T16532] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  214.337017][T16532] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.5531: corrupted inode contents
[  214.349862][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.362896][T16532] EXT4-fs error (device loop5): ext4_truncate:4637: inode #16: comm syz.5.5531: mark_inode_dirty error
[  214.386418][T16532] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  214.401460][T16532] EXT4-fs (loop5): 1 truncate cleaned up
[  214.407667][ T7541] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:68: Failed to release dquot type 1
[  214.420163][T16532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  214.433908][T16532] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.475908][T16582] pim6reg: entered allmulticast mode
[  214.496189][  T294] Bluetooth: hci0: Frame reassembly failed (-84)
[  214.502723][T16582] pim6reg: left allmulticast mode
[  214.565745][T16593] netlink: 'syz.8.5555': attribute type 1 has an invalid length.
[  214.580723][T16593] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.626818][T16597] netlink: 5452 bytes leftover after parsing attributes in process `syz.5.5556'.
[  214.641793][T16599] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5557'.
[  214.694403][T16607] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5561'.
[  214.703579][T16607] IPVS: Unknown mcast interface: 
[  215.111962][T16635] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5574'.
[  215.168841][T16640] IPVS: Unknown mcast interface: vcan0
[  215.217364][   T29] kauditd_printk_skb: 471 callbacks suppressed
[  215.217379][   T29] audit: type=1326 audit(472.191:9467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16572 comm="syz.6.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  215.247033][   T29] audit: type=1326 audit(472.231:9468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16572 comm="syz.6.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0f7a42af79 code=0x7ffc0000
[  215.269882][   T29] audit: type=1326 audit(472.231:9469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16572 comm="syz.6.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0f7a485d67 code=0x7ffc0000
[  215.292796][   T29] audit: type=1326 audit(472.231:9470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16572 comm="syz.6.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0f7a42af79 code=0x7ffc0000
[  215.315899][   T29] audit: type=1326 audit(472.231:9471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16572 comm="syz.6.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  215.343809][T16642] loop6: detected capacity change from 0 to 512
[  215.351268][T16642] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  215.362775][T16642] EXT4-fs (loop6): 1 truncate cleaned up
[  215.368973][T16642] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.383863][T16642] EXT4-fs (loop6): shut down requested (1)
[  215.396337][T16642] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  215.405865][T16642] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  215.414975][   T29] audit: type=1400 audit(472.391:9472): avc:  denied  { setattr } for  pid=16641 comm="syz.6.5576" name="file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  215.448435][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.752233][T16673] netlink: 76 bytes leftover after parsing attributes in process `syz.8.5591'.
[  215.837247][   T29] audit: type=1400 audit(472.811:9473): avc:  denied  { ioctl } for  pid=16685 comm="syz.8.5597" path="socket:[59088]" dev="sockfs" ino=59088 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  215.861917][T16686] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5597'.
[  215.939480][T16694] batman_adv: batadv0: Removing interface: vxlan0
[  216.029354][   T29] audit: type=1400 audit(473.001:9474): avc:  denied  { ioctl } for  pid=16708 comm="syz.6.5607" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  216.102768][   T29] audit: type=1326 audit(473.071:9475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16718 comm="syz.2.5610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693aebeec9 code=0x7ffc0000
[  216.125897][   T29] audit: type=1326 audit(473.071:9476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16718 comm="syz.2.5610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693aebeec9 code=0x7ffc0000
[  216.196181][T16724] loop6: detected capacity change from 0 to 1024
[  216.203151][T16724] EXT4-fs: Ignoring removed orlov option
[  216.209478][T16724] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  216.239820][T16724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.305142][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.382144][T16747] netlink: 256 bytes leftover after parsing attributes in process `syz.5.5621'.
[  216.532810][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  216.540952][ T3581] Bluetooth: hci0: command 0x1003 tx timeout
[  216.768203][T16790] only policy match revision 0 supported
[  216.768220][T16790] unable to load match
[  216.933976][T16798] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5642'.
[  217.496403][T16891] loop7: detected capacity change from 0 to 164
[  217.515850][T16891] bio_check_eod: 2 callbacks suppressed
[  217.515864][T16891] syz.7.5667: attempt to access beyond end of device
[  217.515864][T16891] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  217.539104][T16891] syz.7.5667: attempt to access beyond end of device
[  217.539104][T16891] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  217.554274][T16899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.563072][T16899] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.907094][T16971] __nla_validate_parse: 2 callbacks suppressed
[  217.907112][T16971] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5682'.
[  218.306951][T17020] ������: renamed from vlan1
[  218.363627][T17028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.375141][T17028] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.826223][T17085] loop8: detected capacity change from 0 to 128
[  218.833006][T17085] EXT4-fs: test_dummy_encryption option not supported
[  219.002456][T17102] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5730'.
[  219.011617][T17102] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5730'.
[  219.076551][T17109] loop6: detected capacity change from 0 to 8192
[  219.119971][T17115] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17115 comm=syz.5.5736
[  219.604103][T17125] netlink: 5452 bytes leftover after parsing attributes in process `syz.5.5740'.
[  219.679524][T17176] netlink: 'syz.8.5756': attribute type 3 has an invalid length.
[  219.744884][T17183] netlink: 'syz.5.5758': attribute type 39 has an invalid length.
[  219.878303][T17206] vlan3: entered allmulticast mode
[  219.900006][T17208] loop5: detected capacity change from 0 to 1024
[  219.906919][T17208] ext4: Bad value for 'debug_want_extra_isize'
[  219.979241][T17219] loop5: detected capacity change from 0 to 512
[  220.004650][T17219] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.032284][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.078921][T17233] loop6: detected capacity change from 0 to 2048
[  220.095408][T17233] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.146937][ T5319] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  220.177124][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.222953][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  220.222971][   T29] audit: type=1326 audit(477.191:9675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.5.5784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0258aeeec9 code=0x7ffc0000
[  220.252175][   T29] audit: type=1326 audit(477.191:9676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.5.5784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0258aeeec9 code=0x7ffc0000
[  220.275250][   T29] audit: type=1326 audit(477.191:9677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.5.5784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f0258aeeec9 code=0x7ffc0000
[  220.298113][   T29] audit: type=1326 audit(477.191:9678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.5.5784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0258aeeec9 code=0x7ffc0000
[  220.324732][   T29] audit: type=1326 audit(477.301:9679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.347685][   T29] audit: type=1326 audit(477.301:9680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.373277][   T29] audit: type=1326 audit(477.301:9681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.376640][T17253] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5788'.
[  220.396357][   T29] audit: type=1326 audit(477.301:9682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.396398][   T29] audit: type=1326 audit(477.301:9683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.396512][   T29] audit: type=1326 audit(477.341:9684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17248 comm="syz.6.5787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f7a48eec9 code=0x7ffc0000
[  220.880714][T17313] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5807'.
[  220.905138][T17313] macvtap1: entered promiscuous mode
[  220.910678][T17313] erspan0: entered promiscuous mode
[  220.916245][T17313] macvtap1: entered allmulticast mode
[  220.921668][T17313] erspan0: entered allmulticast mode
[  220.981067][T17313] erspan0: left allmulticast mode
[  220.986199][T17313] erspan0: left promiscuous mode
[  221.187531][T17335] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5817'.
[  221.197021][T17335] A link change request failed with some changes committed already. Interface @ may have been left with an inconsistent configuration, please check.
[  221.222614][T17335] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5817'.
[  221.237066][T17335] A link change request failed with some changes committed already. Interface @ may have been left with an inconsistent configuration, please check.
[  221.262024][T17339] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17339 comm=syz.5.5819
[  221.274673][T17339] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17339 comm=syz.5.5819
[  221.317633][T17345] Invalid ELF header magic: != ELF
[  221.548062][T17373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.556759][T17373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.566161][T17373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.574854][T17373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.584034][T17373] netlink: 566 bytes leftover after parsing attributes in process `syz.5.5833'.
[  221.941137][T17383] loop7: detected capacity change from 0 to 8192
[  222.230375][T17394] FAT-fs (loop11): unable to read boot sector
[  222.303515][T17398] loop5: detected capacity change from 0 to 512
[  222.329105][T17398] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.5844: casefold flag without casefold feature
[  222.355097][T17398] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5844: couldn't read orphan inode 15 (err -117)
[  222.380304][T17398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.435845][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.505623][T17405] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5848'.
[  222.710038][T17423] cgroup: Invalid name
[  222.873965][T17452] sd 0:0:1:0: device reset
[  222.934560][T17460] loop8: detected capacity change from 0 to 1024
[  222.946895][T17461] SELinux: ebitmap: truncated map
[  222.952556][T17461] SELinux: failed to load policy
[  222.958049][T17460] EXT4-fs: Ignoring removed nobh option
[  222.963730][T17460] EXT4-fs: Ignoring removed bh option
[  223.005668][T17460] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.049601][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.078178][T17475] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5878'.
[  223.084640][T17477] SELinux: failed to load policy
[  223.318671][T17498] hsr0 speed is unknown, defaulting to 1000
[  223.476800][T17512] loop8: detected capacity change from 0 to 128
[  223.494023][T17512] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  223.518852][T17515] netlink: 'syz.5.5894': attribute type 4 has an invalid length.
[  223.526776][T17515] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5894'.
[  223.538468][ T5317] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.649774][T17534] $H�: renamed from .`
[  223.743777][T17546] loop8: detected capacity change from 0 to 2048
[  223.779335][T17546] EXT4-fs (loop8): failed to initialize system zone (-117)
[  223.803160][T17546] EXT4-fs (loop8): mount failed
[  223.847016][T17564] netlink: 64 bytes leftover after parsing attributes in process `syz.7.5917'.
[  223.880105][T17567] loop8: detected capacity change from 0 to 512
[  223.905259][T17567] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.930573][T17567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.960002][T17567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.972064][T17583] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5924'.
[  224.187600][T17617] loop7: detected capacity change from 0 to 1024
[  224.194553][T17617] EXT4-fs: inline encryption not supported
[  224.200409][T17617] EXT4-fs: Ignoring removed i_version option
[  224.214481][T17617] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.235446][T17617] EXT4-fs error (device loop7): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  224.263767][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.287347][T17627] loop7: detected capacity change from 0 to 1024
[  224.294172][T17627] EXT4-fs: Ignoring removed orlov option
[  224.318764][T17627] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.360305][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.510673][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.529212][T17652] loop8: detected capacity change from 0 to 512
[  224.839870][T17665] hsr0 speed is unknown, defaulting to 1000
[  224.956849][T17668] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5959'.
[  225.003166][T17670] loop5: detected capacity change from 0 to 4096
[  225.018037][T17670] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.145936][T17684] loop8: detected capacity change from 0 to 128
[  225.152881][T17684] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  225.164766][T17684] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  225.172904][T17684] FAT-fs (loop8): Filesystem has been set read-only
[  225.180120][T17684] syz.8.5966: attempt to access beyond end of device
[  225.180120][T17684] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  225.272005][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.301164][T17688] macsec1: entered promiscuous mode
[  225.306525][T17688] bridge0: entered promiscuous mode
[  225.312142][T17688] bridge0: port 3(macsec1) entered blocking state
[  225.318779][T17688] bridge0: port 3(macsec1) entered disabled state
[  225.325899][T17688] macsec1: entered allmulticast mode
[  225.331391][T17688] bridge0: entered allmulticast mode
[  225.338747][T17688] macsec1: left allmulticast mode
[  225.343905][T17688] bridge0: left allmulticast mode
[  225.349624][T17688] bridge0: left promiscuous mode
[  225.369306][T17694] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5971'.
[  225.415068][   T29] kauditd_printk_skb: 599 callbacks suppressed
[  225.415086][   T29] audit: type=1400 audit(482.391:10284): avc:  denied  { bind } for  pid=17697 comm="syz.2.5974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  225.452678][   T29] audit: type=1400 audit(482.421:10285): avc:  denied  { ioctl } for  pid=17699 comm="syz.7.5973" path="socket:[62265]" dev="sockfs" ino=62265 ioctlcmd=0x48cb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  225.496974][   T29] audit: type=1400 audit(482.461:10286): avc:  denied  { relabelfrom } for  pid=17705 comm="syz.5.5978" name="NETLINK" dev="sockfs" ino=62658 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  225.521102][   T29] audit: type=1400 audit(482.461:10287): avc:  denied  { relabelto } for  pid=17705 comm="syz.5.5978" name="NETLINK" dev="sockfs" ino=62658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  225.546051][   T29] audit: type=1326 audit(482.471:10288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.569203][   T29] audit: type=1326 audit(482.471:10289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.592394][   T29] audit: type=1326 audit(482.471:10290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.615409][   T29] audit: type=1326 audit(482.471:10291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.638402][   T29] audit: type=1326 audit(482.471:10292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.661550][   T29] audit: type=1326 audit(482.471:10293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.8.5979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83e841eec9 code=0x7ffc0000
[  225.765167][T17718] vhci_hcd: invalid port number 11
[  225.770374][T17718] vhci_hcd: default hub control req: 6031 v0000 i000b l0
[  225.892522][T17749] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5997'.
[  225.960400][T17759] loop5: detected capacity change from 0 to 2048
[  226.003944][T17759] EXT4-fs (loop5): failed to initialize system zone (-117)
[  226.011312][T17759] EXT4-fs (loop5): mount failed
[  226.178874][T17775] loop8: detected capacity change from 0 to 512
[  226.208835][T17775] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.247619][T17786] netlink: 'syz.5.6012': attribute type 1 has an invalid length.
[  226.255202][T17775] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.297147][T17786] bond2: (slave bridge1): making interface the new active one
[  226.323835][T17786] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  226.625509][T17817] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6025'.
[  226.667813][T17817] 8021q: adding VLAN 0 to HW filter on device bond4
[  226.675580][T17824] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6028'.
[  226.684630][T17824] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6028'.
[  226.711148][T17824] bridge0: port 1(macsec0) entered blocking state
[  226.717704][T17824] bridge0: port 1(macsec0) entered disabled state
[  226.740780][T17824] macsec0: entered allmulticast mode
[  226.755745][T17824] macsec0: left allmulticast mode
[  226.777610][T17817] bond4 (unregistering): Released all slaves
[  227.045095][T17854] loop7: detected capacity change from 0 to 164
[  227.052984][T17854] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  227.062543][T17854] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  227.071571][T17854] Symlink component flag not implemented
[  227.077617][T17854] Symlink component flag not implemented
[  227.083408][T17854] Symlink component flag not implemented (7)
[  227.089451][T17854] Symlink component flag not implemented (116)
[  227.295589][T17866] loop8: detected capacity change from 0 to 8192
[  227.365596][T17877] sch_tbf: peakrate 7 is lower than or equals to rate 7 !
[  227.434504][T17887] siw: device registration error -23
[  227.473651][T17889] hsr0 speed is unknown, defaulting to 1000
[  227.738258][T17902] bond3: entered promiscuous mode
[  227.743634][T17902] bond3: entered allmulticast mode
[  227.752924][T17902] 8021q: adding VLAN 0 to HW filter on device bond3
[  227.790723][T17902] bond3 (unregistering): Released all slaves
[  228.270843][T17948] can0: slcan on ttyS3.
[  228.272124][T17944] SELinux: failed to load policy
[  228.303905][T17950] __nla_validate_parse: 1 callbacks suppressed
[  228.303926][T17950] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6082'.
[  228.336288][T17948] can0 (unregistered): slcan off ttyS3.
[  228.549363][T17974] bridge0: port 1(batadv2) entered blocking state
[  228.556071][T17974] bridge0: port 1(batadv2) entered disabled state
[  228.573620][T17974] batadv2: entered allmulticast mode
[  228.579628][T17974] batadv2: entered promiscuous mode
[  228.656855][T17965] loop5: detected capacity change from 0 to 8192
[  228.781751][T17992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6101'.
[  228.803471][T17992] bridge0: port 1(macvlan0) entered blocking state
[  228.810074][T17992] bridge0: port 1(macvlan0) entered disabled state
[  228.817543][T17992] macvlan0: entered allmulticast mode
[  228.823101][T17992] bridge0: entered allmulticast mode
[  228.829281][T17992] macvlan0: left allmulticast mode
[  228.834526][T17992] bridge0: left allmulticast mode
[  229.040048][T18026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=18026 comm=syz.6.6111
[  229.053218][T18025] loop7: detected capacity change from 0 to 2048
[  229.062734][ T4684] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  229.069077][T18025] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.072007][ T4684] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  229.106543][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.463476][T18055] netlink: 'syz.8.6127': attribute type 21 has an invalid length.
[  229.476214][T18057] netlink: 'syz.7.6128': attribute type 10 has an invalid length.
[  229.477462][T18055] netlink: 156 bytes leftover after parsing attributes in process `syz.8.6127'.
[  229.493308][T18055] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6127'.
[  229.783002][T18088] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6141'.
[  229.792128][T18088] netlink: 108 bytes leftover after parsing attributes in process `syz.2.6141'.
[  229.801413][T18088] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6141'.
[  229.810557][T18088] netlink: 108 bytes leftover after parsing attributes in process `syz.2.6141'.
[  229.820070][T18088] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6141'.
[  229.867978][T18092] geneve2: entered promiscuous mode
[  229.873350][T18092] geneve2: entered allmulticast mode
[  229.903147][T18098] loop8: detected capacity change from 0 to 512
[  229.936604][T18098] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.955325][T18098] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.112034][T18119] hsr0 speed is unknown, defaulting to 1000
[  230.140980][T18111] loop6: detected capacity change from 0 to 8192
[  230.436290][T18153] netlink: 197276 bytes leftover after parsing attributes in process `syz.7.6169'.
[  230.492121][T18160] netlink: 'syz.5.6170': attribute type 13 has an invalid length.
[  230.500069][T18160] netlink: 'syz.5.6170': attribute type 17 has an invalid length.
[  230.520066][T18160] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.528727][T18160] 8021q: adding VLAN 0 to HW filter on device team0
[  230.539190][T18160] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.585961][   T29] kauditd_printk_skb: 221 callbacks suppressed
[  230.585979][   T29] audit: type=1326 audit(487.561:10515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.615758][   T29] audit: type=1326 audit(487.561:10516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.639051][   T29] audit: type=1326 audit(487.561:10517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.662289][   T29] audit: type=1326 audit(487.561:10518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.685290][   T29] audit: type=1326 audit(487.561:10519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.708469][   T29] audit: type=1326 audit(487.561:10520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.731451][   T29] audit: type=1326 audit(487.561:10521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.754500][   T29] audit: type=1326 audit(487.561:10522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.777541][   T29] audit: type=1326 audit(487.561:10523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.800558][   T29] audit: type=1326 audit(487.561:10524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18162 comm="syz.7.6173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ba40eec9 code=0x7ffc0000
[  230.845086][T18176] loop8: detected capacity change from 0 to 512
[  230.852142][T18176] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  230.874535][T18176] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.905988][ T5317] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.353626][T18223] loop5: detected capacity change from 0 to 512
[  231.355606][T18222] hsr0 speed is unknown, defaulting to 1000
[  231.366718][T18223] journal_path: Non-blockdev passed as './bus'
[  231.373077][T18223] EXT4-fs: error: could not find journal device path
[  231.388671][T18225] 8021q: adding VLAN 0 to HW filter on device bond3
[  231.419039][T18225] bond3: (slave veth7): Enslaving as an active interface with an up link
[  231.467170][T18229] loop6: detected capacity change from 0 to 512
[  231.500117][T18225] bond3 (unregistering): (slave veth7): Releasing backup interface
[  231.508877][T18229] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  231.518415][T18229] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.6200: bad orphan inode 15
[  231.528161][T18225] bond3 (unregistering): Released all slaves
[  231.530745][T18229] ext4_test_bit(bit=14, block=5) = 0
[  231.542461][T18229] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.611261][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.717517][T18254] loop7: detected capacity change from 0 to 512
[  231.743397][T18258] loop6: detected capacity change from 0 to 128
[  231.749852][T18254] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  231.783210][T18258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  231.794898][T18254] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.6211: bad orphan inode 131083
[  231.807394][T18258] System zones: 1-3, 19-19, 35-36
[  231.813450][T18258] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  231.826635][T18254] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.883691][ T5319] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.906566][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.063071][T18293] loop7: detected capacity change from 0 to 164
[  232.083127][T18293] syz.7.6227: attempt to access beyond end of device
[  232.083127][T18293] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  232.101329][T18293] syz.7.6227: attempt to access beyond end of device
[  232.101329][T18293] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  232.173699][T18305] netlink: 'syz.6.6233': attribute type 2 has an invalid length.
[  233.226788][T18399] loop5: detected capacity change from 0 to 1024
[  233.244758][T18401] loop7: detected capacity change from 0 to 1024
[  233.253954][T18401] EXT4-fs: Ignoring removed orlov option
[  233.268550][T18399] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.303890][T18401] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.318646][T18399] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.391941][T18421] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  233.488575][T18432] __nla_validate_parse: 7 callbacks suppressed
[  233.488710][T18432] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6289'.
[  233.511257][T18432] 8021q: adding VLAN 0 to HW filter on device bond3
[  233.517853][T18422] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4193: comm syz.7.6278: Allocating blocks 497-513 which overlap fs metadata
[  233.558170][T18432] bond3: (slave veth5): Enslaving as an active interface with an up link
[  233.579359][T18432] bond3 (unregistering): (slave veth5): Releasing backup interface
[  233.601711][T18400] EXT4-fs (loop7): pa ffff888106a08a80: logic 0, phys. 113, len 25
[  233.609770][T18400] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  233.623931][T18432] bond3 (unregistering): Released all slaves
[  233.645672][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.028938][T18482] loop5: detected capacity change from 0 to 2048
[  234.044750][T18482] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.170159][T18495] netlink: 19 bytes leftover after parsing attributes in process `syz.7.6315'.
[  234.210291][T18481] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  234.230842][T18499] random: crng reseeded on system resumption
[  234.248275][T18481] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 224 with max blocks 14 with error 28
[  234.261010][T18481] EXT4-fs (loop5): This should not happen!! Data will be lost
[  234.261010][T18481] 
[  234.270921][T18481] EXT4-fs (loop5): Total free blocks count 0
[  234.276986][T18481] EXT4-fs (loop5): Free/Dirty block details
[  234.283127][T18481] EXT4-fs (loop5): free_blocks=2415919504
[  234.289004][T18481] EXT4-fs (loop5): dirty_blocks=16
[  234.294537][T18481] EXT4-fs (loop5): Block reservation details
[  234.300789][T18481] EXT4-fs (loop5): i_reserved_data_blocks=1
[  234.326286][T18509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6318'.
[  234.336632][ T5316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.415416][T18525] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6328'.
[  234.424532][T18525] netlink: 348 bytes leftover after parsing attributes in process `syz.6.6328'.
[  234.434179][T18525] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6328'.
[  234.443131][T18525] netlink: 348 bytes leftover after parsing attributes in process `syz.6.6328'.
[  234.455053][T18525] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6328'.
[  234.512325][T18531] netlink: 'syz.2.6331': attribute type 3 has an invalid length.
[  234.520166][T18531] netlink: 'syz.2.6331': attribute type 3 has an invalid length.
[  234.709503][T18563] loop6: detected capacity change from 0 to 1024
[  234.719220][T18563] EXT4-fs: Ignoring removed orlov option
[  234.728257][T18563] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  234.760319][T18563] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.965772][T18592] team_slave_0: entered promiscuous mode
[  234.965934][T18592] team_slave_0: left promiscuous mode
[  235.492578][T18638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6379'.
[  235.526077][T18638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6379'.
[  235.679772][ T5319] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.722388][T18657] loop9: detected capacity change from 0 to 7
[  235.731274][T18657] Buffer I/O error on dev loop9, logical block 0, async page read
[  235.739942][T18657] Buffer I/O error on dev loop9, logical block 0, async page read
[  235.747876][T18657]  loop9: unable to read partition table
[  235.756139][T18657] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  235.756139][T18657] 
) failed (rc=-5)
[  235.857313][T18673] netlink: 'syz.5.6392': attribute type 4 has an invalid length.
[  235.870119][T18673] netlink: 'syz.5.6392': attribute type 4 has an invalid length.
[  236.076154][T18685] loop7: detected capacity change from 0 to 1024
[  236.083180][T18685] EXT4-fs: Ignoring removed oldalloc option
[  236.089210][T18685] EXT4-fs: Ignoring removed bh option
[  236.104190][T18685] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.293235][T18688] ==================================================================
[  236.301461][T18688] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[  236.309405][T18688] 
[  236.311743][T18688] write to 0xffff88811a06028c of 4 bytes by task 18685 on cpu 0:
[  236.319473][T18688]  xas_set_mark+0x12b/0x140
[  236.324004][T18688]  __folio_start_writeback+0x155/0x390
[  236.329515][T18688]  ext4_bio_write_folio+0x5ad/0x9f0
[  236.334735][T18688]  mpage_process_page_bufs+0x4a1/0x620
[  236.340206][T18688]  mpage_prepare_extent_to_map+0x786/0xc00
[  236.346022][T18688]  ext4_do_writepages+0xa05/0x2750
[  236.351164][T18688]  ext4_writepages+0x176/0x300
[  236.356030][T18688]  do_writepages+0x1c6/0x310
[  236.360633][T18688]  file_write_and_wait_range+0x156/0x2c0
[  236.366284][T18688]  generic_buffers_fsync_noflush+0x45/0x120
[  236.372198][T18688]  ext4_sync_file+0x1ab/0x690
[  236.376901][T18688]  vfs_fsync_range+0x10d/0x130
[  236.381679][T18688]  ext4_buffered_write_iter+0x34f/0x3c0
[  236.387249][T18688]  ext4_file_write_iter+0x387/0xf60
[  236.392481][T18688]  iter_file_splice_write+0x663/0xa60
[  236.397881][T18688]  direct_splice_actor+0x153/0x2a0
[  236.403002][T18688]  splice_direct_to_actor+0x30f/0x680
[  236.408390][T18688]  do_splice_direct+0xda/0x150
[  236.413164][T18688]  do_sendfile+0x380/0x650
[  236.417601][T18688]  __x64_sys_sendfile64+0x105/0x150
[  236.422819][T18688]  x64_sys_call+0x2bb4/0x3000
[  236.427510][T18688]  do_syscall_64+0xd2/0x200
[  236.432031][T18688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.437939][T18688] 
[  236.440278][T18688] read to 0xffff88811a06028c of 4 bytes by task 18688 on cpu 1:
[  236.447917][T18688]  __writeback_single_inode+0x1f9/0x7c0
[  236.453494][T18688]  writeback_single_inode+0x16d/0x3f0
[  236.458896][T18688]  sync_inode_metadata+0x5b/0x90
[  236.463943][T18688]  generic_buffers_fsync_noflush+0xd9/0x120
[  236.469854][T18688]  ext4_sync_file+0x1ab/0x690
[  236.474542][T18688]  vfs_fsync_range+0x10d/0x130
[  236.479323][T18688]  ext4_buffered_write_iter+0x34f/0x3c0
[  236.484901][T18688]  ext4_file_write_iter+0x387/0xf60
[  236.490402][T18688]  iter_file_splice_write+0x663/0xa60
[  236.495780][T18688]  direct_splice_actor+0x153/0x2a0
[  236.500899][T18688]  splice_direct_to_actor+0x30f/0x680
[  236.506281][T18688]  do_splice_direct+0xda/0x150
[  236.511059][T18688]  do_sendfile+0x380/0x650
[  236.515494][T18688]  __x64_sys_sendfile64+0x105/0x150
[  236.520709][T18688]  x64_sys_call+0x2bb4/0x3000
[  236.525395][T18688]  do_syscall_64+0xd2/0x200
[  236.529910][T18688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.535817][T18688] 
[  236.538141][T18688] value changed: 0x0a000021 -> 0x04000021
[  236.543895][T18688] 
[  236.546225][T18688] Reported by Kernel Concurrency Sanitizer on:
[  236.552402][T18688] CPU: 1 UID: 0 PID: 18688 Comm: syz.7.6400 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  236.562230][T18688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  236.572297][T18688] ==================================================================
[  236.586342][T18690] dummy0 (unregistering): left promiscuous mode
[  236.925747][ T5323] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.292743][   T10] page_pool_release_retry() stalled pool shutdown: id 110, 1 inflight 60 sec