last executing test programs:

47.901560782s ago: executing program 3 (id=1486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
fstatfs(0xffffffffffffffff, 0x0)

47.737297914s ago: executing program 3 (id=1489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/44}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000640)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @broadcast}, 0xffffffff, 0x0, 0x1}}, 0x2e)

47.573199976s ago: executing program 3 (id=1492):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x2000400)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=[@ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4}]}}}], 0x18}}], 0x1, 0x44008004)

46.471654074s ago: executing program 3 (id=1500):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000001c0)='./file0/../file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)

46.311862636s ago: executing program 3 (id=1504):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

44.388173627s ago: executing program 3 (id=1510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002700)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x25dfdbfd, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x3, 0xffffffff, 0x1010000, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x17}, {0x7, 0x2, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0x401, 0xe, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x6, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0x4, 0x0, 0x1, 0x1fb, 0xe5, 0x2f, 0xd, 0x0, 0xa, 0x3, 0x1, 0x9, 0x11, 0x9, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fb, 0x84, 0x9, 0x4, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0x8, 0x10001, 0x4, 0x4, 0x7f, 0x4, 0x8, 0x2, 0x7f, 0x80000001, 0x2, 0x4, 0x0, 0x4, 0x7fff, 0x0, 0x9, 0x80, 0x5, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x120004, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x5, 0x4, 0x2, 0x81, 0x0, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x0, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0x0, 0xfffffffe, 0x200ff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0x9, 0xa, 0x6, 0x7, 0x100, 0x1, 0x3, 0x100, 0x100000b, 0x8, 0x4, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x100200, 0x80000001, 0x1, 0x1, 0x6, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x1, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x1, 0x4, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x5, 0x9, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x40000723, 0x0, 0xe, 0xb, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0x9, 0x2, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0x2, 0x5, 0xd1b, 0xb87, 0x3, 0x8d8d, 0x55, 0xfff, 0x8, 0x64e8, 0x8, 0x80c, 0x772, 0xfff, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x84]}]]}, {0x4}, {0xc, 0xb, {0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

43.905442814s ago: executing program 32 (id=1510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002700)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x25dfdbfd, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x3, 0xffffffff, 0x1010000, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x17}, {0x7, 0x2, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0x401, 0xe, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x6, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0x4, 0x0, 0x1, 0x1fb, 0xe5, 0x2f, 0xd, 0x0, 0xa, 0x3, 0x1, 0x9, 0x11, 0x9, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fb, 0x84, 0x9, 0x4, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0x8, 0x10001, 0x4, 0x4, 0x7f, 0x4, 0x8, 0x2, 0x7f, 0x80000001, 0x2, 0x4, 0x0, 0x4, 0x7fff, 0x0, 0x9, 0x80, 0x5, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x120004, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x5, 0x4, 0x2, 0x81, 0x0, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x0, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0x0, 0xfffffffe, 0x200ff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0x9, 0xa, 0x6, 0x7, 0x100, 0x1, 0x3, 0x100, 0x100000b, 0x8, 0x4, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x100200, 0x80000001, 0x1, 0x1, 0x6, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x1, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x1, 0x4, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x5, 0x9, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x40000723, 0x0, 0xe, 0xb, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0x9, 0x2, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0x2, 0x5, 0xd1b, 0xb87, 0x3, 0x8d8d, 0x55, 0xfff, 0x8, 0x64e8, 0x8, 0x80c, 0x772, 0xfff, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x84]}]]}, {0x4}, {0xc, 0xb, {0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

15.120107424s ago: executing program 4 (id=1637):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a01020000000000000000070000060900010073797a31000000005800048054000180090001006d6574610000000044000280080001400000000c0800034000000000080002400000000d080001400000000808000240000000090800014000000009080002400000001808"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

14.976286216s ago: executing program 4 (id=1638):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
io_setup(0x6, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x0, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8056}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x80, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x54, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x5, 0x5}}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x5}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x1, 0xfffffff9}}]}}]}, 0x80}}, 0x400c904)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)

14.686015641s ago: executing program 1 (id=1641):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x891e, &(0x7f0000000300)={'vlan1\x00', @ifru_names='batadv_slave_1\x00'})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)=ANY=[], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x40000000015, 0x5, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0x3}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)

14.048390641s ago: executing program 4 (id=1643):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mount(0x0, &(0x7f0000003c40)='.\x00', 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

13.645247807s ago: executing program 4 (id=1644):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32, @ANYBLOB="000000000000000000007fffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_audit(0x10, 0x3, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r3, r3, 0x0, 0xb)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0100040000000000000021000000050020000100000009001f007068793100000000603e5dd698cf895f065a4468d395f8e2afe40e8988860c04f55dffed36ea47853de7b919f278f25916bbcd65782673096402f897fa0e7790368bb547a7af11aab49a2090f38d85a772bedf44b2672fdef712041e446aa1eaad92f03d554c837950ae289449fd4f4cbcf624c0cc8682cd0772dcfdcb"], 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)

12.875395779s ago: executing program 5 (id=1646):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x24, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

12.78126546s ago: executing program 1 (id=1647):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}}, 0x4048010)

12.705306872s ago: executing program 0 (id=1648):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a01020000000000000000070000060900010073797a31000000005800048054000180090001006d6574610000000044000280080001400000000c0800034000000000080002400000000d080001400000000808000240000000090800014000000009080002400000001808"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

12.681123532s ago: executing program 0 (id=1649):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x2000000}, {0x0, 0x2}]}]}}, &(0x7f0000000540)=""/228, 0x36, 0xe4, 0x1, 0x0, 0x0, @void, @value}, 0x20)
syz_io_uring_setup(0x24fc, &(0x7f00000000c0)={0x0, 0x0, 0x10100, 0x1, 0xe6}, &(0x7f0000000040), &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x1})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000c00)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000150002000fff52e84407000009300000d60600000ee60000bf050000000000001c63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e71a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387bfa1bc9b49da28724ba9cd79fbee8f97af876d0e30c19555ffdd7d73815b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f42407107000cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08124d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cb003841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e75414c91fce6c86287945bd8d258442760000ff010000000000000000000000300807f2f3906c1d45d05ba9df828d35376fed399fa311ff63a34f0c0b82b4f2825e729eb9b7f4c9ab3be5bc011ff29904bbc424880247fabe7325a6e8d139e99d2b2fbf7e84fca3b21c78840b858ce900a4eb9c2b8b9b7fb664d2aeac991ca09b1afc0ef7aed4541a2f7275130a9fa3853481c81e919c000000000000000000000000b1e0e4b55e0d5d8c657b4853fc18ec43be33e5f971cceda04d95c87489910ce692ee55c536d1671bffd4c9b98efb741b"], &(0x7f0000000280)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x400, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6, 0xfff3}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xc, 0xb, 0x8, 0x44, 0x2, 0xfffffff8, 0x80000001, 0x4}}, {0xc, 0x2, [0x8, 0x4800, 0x4, 0x1ff]}}]}]}, 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000003c0)={'gre0\x00', &(0x7f0000000240)={'syztnl1\x00', r4, 0x20, 0x10, 0xfffffffe, 0x2, {{0x3b, 0x4, 0x0, 0x4, 0xec, 0x64, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x31}, @multicast1, {[@cipso={0x86, 0x42, 0x3, [{0x0, 0x5, "a8487c"}, {0x0, 0xd, "995b70c7a017b18488e29d"}, {0x5, 0x2}, {0x1, 0x10, "0b5b31e3e74dfa89a9b302cbdf5c"}, {0x0, 0x7, "e766de853a"}, {0x7, 0x11, "a6f995a6c7add8f8b78ef06aac3cb0"}]}, @end, @generic={0x83, 0x8, "469344de4fa7"}, @cipso={0x86, 0x59, 0x2, [{0x1, 0x9, "b6403c274ef8e6"}, {0x2, 0xe, "923556c734ad59f3816ef7fa"}, {0x0, 0x5, "9f4339"}, {0x5, 0x3, '@'}, {0x7, 0x7, "927cf9eedb"}, {0x5, 0x6, "4ed56536"}, {0x0, 0xa, "34a5d3b7e8d86ade"}, {0x6, 0xa, "553007f449694548"}, {0x1, 0x2}, {0x1, 0x11, "622859d8ab39ff00d6a1a52245da81"}]}, @cipso={0x86, 0x11, 0xffffffffffffffff, [{0x7, 0xb, "699165be16a256ef64"}]}, @cipso={0x86, 0x23, 0x0, [{0x2, 0x7, "9dbd86472e"}, {0x0, 0xc, "bd58850091c672881a1e"}, {0x6, 0x2}, {0x5, 0x5, "c2b0ac"}, {0x1, 0x3, "d4"}]}]}}}}})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)
listxattr(&(0x7f0000000fc0)='./file0\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

12.533014144s ago: executing program 1 (id=1651):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@lazytime}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x10000002}, 0x18)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)

12.467381375s ago: executing program 0 (id=1652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="03000000000000000000210000000c00018008000100", @ANYRES32=r4], 0x20}}, 0x0)

12.411159976s ago: executing program 5 (id=1653):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
io_setup(0x6, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x0, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8056}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x80, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x54, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x5, 0x5}}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x5}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x1, 0xfffffff9}}]}}]}, 0x80}}, 0x400c904)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)

12.366244207s ago: executing program 2 (id=1654):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002100010000000000fcdbdf2502000000000000000000000006001d"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000ac0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x1, 0xffff}, {0x10}}}, 0x24}}, 0x20000004)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

12.14836407s ago: executing program 0 (id=1655):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0x0, 0x892f}, @void, @eth={@broadcast, @multicast, @val={@void, {0x8100, 0x0, 0x0, 0xfff}}, {@generic={0x4305}}}}, 0x16)

12.14823634s ago: executing program 1 (id=1656):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0x140}], 0x1)

12.14795479s ago: executing program 2 (id=1657):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x10, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x20000, 0x0, 0x0, 0x41000, 0x8c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x18)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140))
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xe, 0x7ffc0002}]})
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2f, &(0x7f0000000300)={0x6, {{0x2, 0x0, @multicast2=0xe0000001}}, {{0x2, 0x4e21, @local}}}, 0x108)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000001580)=ANY=[@ANYRESOCT=r3, @ANYRESOCT, @ANYRESOCT, @ANYRES64=<r4=>0x0, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed300444000f8ac89758d3a070000000000000096a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRESOCT=r3], 0x1, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000004c0)={[{@acl}, {@debug}, {@barrier_val}, {@sysvgroups}, {@barrier_val={'barrier', 0x3d, 0x8001}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000002100)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000))
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4800)
vmsplice(r5, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff61025976299604454", 0x33e}], 0x1, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYRES16=r4], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4)
setsockopt$packet_fanout_data(r7, 0x107, 0x16, &(0x7f0000000540)={0x1, &(0x7f0000002040)=[{0x4, 0x9, 0x5, 0x4}]}, 0x10)

12.007900693s ago: executing program 5 (id=1658):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="0100"})
close(0x3)

11.827342275s ago: executing program 2 (id=1659):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a01020000000000000000070000060900010073797a31000000005800048054000180090001006d6574610000000044000280080001400000000c0800034000000000080002400000000d080001400000000808000240000000090800014000000009080002400000001808"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

11.711803277s ago: executing program 2 (id=1660):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000040)={{0x0, 0x1, 0x0, 0x1, 0x3}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
close(r3)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r5 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
io_uring_enter(r5, 0x15f1, 0xff98, 0x23, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25cf, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffa, 0x7fffffff, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x9, 0xfffffeff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x100000, 0x1000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0xd4, 0xc, 0x0, 0x0, 0x0, 0x0, 0x3032, 0x0, 0x1, 0x0, 0x8006, 0x8, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x1, 0x20000000, 0x4, 0x0, 0x7, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x3ff, 0xfffffffc, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}}}]}}]}, 0x468}}, 0x0)
mount(&(0x7f0000000640)=@sr0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)='ocfs2_dlmfs\x00', 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180d0000209920702500000010000022ccf16c01291fff00000000bfa100000000000007010000f8ffffffb7ff000000000000b70300000000fd38850000007200000095000000000000000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x4b, '\x00', r2, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r6, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})

11.704739707s ago: executing program 0 (id=1661):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32, @ANYBLOB="000000000000000000007fffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_audit(0x10, 0x3, 0x9)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r4, r4, 0x0, 0xb)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100040000000000000021000000050020000100000009001f007068793100000000603e5dd698cf895f065a4468d395f8e2afe40e8988860c04f55dffed36ea47853de7b919f278f25916bbcd65782673096402f897fa0e7790368bb547a7af11aab49a2090f38d85a772bedf44b2672fdef712041e446aa1eaad92f03d554c837950ae289449fd4f4cbcf624c0cc8682cd0772dcfdcb"], 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)

11.591230099s ago: executing program 5 (id=1662):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000000080)='#', 0x1, 0x200980)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r2, r2, 0x0, 0xe0000000)

11.385868162s ago: executing program 4 (id=1663):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x24, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

11.220818995s ago: executing program 5 (id=1664):
r0 = socket(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000200)=ANY=[@ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000840)={r2, 0x0, 0x25, 0x0, @val=@netkit={@void, @value}}, 0x1c)
syz_emit_ethernet(0x11dc0, &(0x7f0000000080)=ANY=[], 0x0)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r3}, 0x18)
setrlimit(0xf, &(0x7f0000000200)={0xda, 0x101})
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}}, {0xa, 0x0, 0x0, @empty, 0x3}, 0x0, {[0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x4, 0x0, 0xb0]}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x24000040)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000000000000001000850000009b0000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b0000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

389.386384ms ago: executing program 2 (id=1665):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0)

334.751635ms ago: executing program 1 (id=1666):
unshare(0x22020600)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x16, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1808"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1313b, r0, 0x0, 0x0, &(0x7f00000003c0), 0x10, 0x3, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r1, 0x4010744d, &(0x7f0000000180))

264.697706ms ago: executing program 4 (id=1667):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)

214.199887ms ago: executing program 0 (id=1668):
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
io_setup(0x6, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x0, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8056}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x80, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x54, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x5, 0x5}}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x5}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x1, 0xfffffff9}}]}}]}, 0x80}}, 0x400c904)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)

123.358528ms ago: executing program 2 (id=1669):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
sendto$inet6(r0, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0)
close(r0)

2.10036ms ago: executing program 1 (id=1670):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x300, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x9}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x15, 0x0, 0x48510}, {0x0, 0x8000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200, 0x0, 0x4}, {}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x0, 0x20000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

0s ago: executing program 5 (id=1671):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r0, &(0x7f0000000440)={@val={0x0, 0x892f}, @void, @eth={@broadcast, @multicast, @val={@void, {0x8100, 0x0, 0x0, 0xfff}}, {@generic={0x4305}}}}, 0x16)

kernel console output (not intermixed with test programs):

(0)
[   87.383267][ T5614] EXT4-fs error (device loop4): ext4_quota_enable:7025: comm syz.4.475: Bad quota inode: 3, type: 0
[   87.408607][ T5614] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   87.413693][ T5614] EXT4-fs (loop4): mount failed
[   87.729106][ T5625] smc: net device bond0 applied user defined pnetid SYZ2
[   87.738176][ T5623] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'.
[   87.741371][ T5625] smc: net device bond0 erased user defined pnetid SYZ2
[   87.854775][ T5629] loop4: detected capacity change from 0 to 512
[   87.881184][ T5623] bond0: (slave bond_slave_1): Releasing backup interface
[   87.903285][ T5629] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   87.911656][ T5629] EXT4-fs error (device loop4): ext4_xattr_block_find:1837: inode #15: comm syz.4.490: corrupted xattr block 33
[   87.972155][ T4304] EXT4-fs (loop4): unmounting filesystem.
[   88.053839][ T5640] loop4: detected capacity change from 0 to 128
[   88.104717][ T5640] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   88.171186][ T5648] 9pnet_virtio: no channels available for device 127.0.0.1
[   88.255411][ T5653] loop1: detected capacity change from 0 to 1024
[   88.291332][ T4304] EXT4-fs (loop4): unmounting filesystem.
[   88.336352][ T5653] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   88.371199][ T5660] smc: net device bond0 applied user defined pnetid SYZ2
[   88.508242][ T4297] EXT4-fs (loop1): unmounting filesystem.
[   88.585082][ T5666] smc: net device bond0 erased user defined pnetid SYZ2
[   88.815401][ T5676] 9pnet: Could not find request transport: rd
[   88.907642][ T5684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.492'.
[   89.044629][ T5692] xt_hashlimit: max too large, truncated to 1048576
[   89.134073][ T5696] loop4: detected capacity change from 0 to 512
[   89.136349][ T5696] EXT4-fs: Ignoring removed i_version option
[   89.195732][ T5696] EXT4-fs (loop4): orphan cleanup on readonly fs
[   89.197641][ T5696] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.508: bg 0: block 131: padding at end of block bitmap is not set
[   89.204558][ T5696] EXT4-fs (loop4): Remounting filesystem read-only
[   89.206440][ T5696] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   89.227420][ T5696] EXT4-fs (loop4): Remounting filesystem read-only
[   89.230875][ T5696] EXT4-fs (loop4): 1 truncate cleaned up
[   89.253249][ T5696] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   89.335845][   T27] audit: type=1326 audit(89.300:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5700 comm="syz.1.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[   89.363774][   T27] audit: type=1326 audit(89.330:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5700 comm="syz.1.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=86 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[   89.388643][   T27] audit: type=1326 audit(89.340:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5700 comm="syz.1.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[   89.399990][ T4304] EXT4-fs (loop4): unmounting filesystem.
[   89.512704][ T5710] 9pnet: Could not find request transport: rd
[   89.589978][ T5719] netlink: 24 bytes leftover after parsing attributes in process `syz.1.518'.
[   89.983033][ T5734] netlink: 'syz.1.525': attribute type 10 has an invalid length.
[   90.086917][ T5734] team0: Port device dummy0 added
[   90.096653][ T5739] netlink: 'syz.1.525': attribute type 10 has an invalid length.
[   90.156426][ T5739] team0: Port device dummy0 removed
[   90.188502][ T5739] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   90.203764][ T5743] 9pnet: Could not find request transport: rd
[   90.286506][ T5748] loop4: detected capacity change from 0 to 1024
[   90.301198][ T5748] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   90.315781][ T5748] EXT4-fs error (device loop4): ext4_get_journal_inode:5735: inode #32: comm syz.4.530: iget: special inode unallocated
[   90.337953][ T5748] EXT4-fs (loop4): no journal found
[   90.347866][ T5748] EXT4-fs (loop4): can't get journal size
[   90.454671][ T5748] EXT4-fs error (device loop4): ext4_protect_reserved_inode:160: inode #32: comm syz.4.530: iget: special inode unallocated
[   90.459185][ T5748] EXT4-fs (loop4): failed to initialize system zone (-117)
[   90.461184][ T5748] EXT4-fs (loop4): mount failed
[   90.499750][ T5756] x_tables: ip_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT
[   90.654109][ T5764] netlink: 'syz.0.533': attribute type 4 has an invalid length.
[   90.749268][ T5764] infiniband s
z1: set down
[   90.753629][ T4349] lo speed is unknown, defaulting to 1000
[   90.755847][ T4349] lo speed is unknown, defaulting to 1000
[   90.770495][ T5772] netlink: 'syz.0.533': attribute type 4 has an invalid length.
[   90.825565][ T5772] infiniband s
z1: set active
[   90.845719][    T7] lo speed is unknown, defaulting to 1000
[   90.847357][    T7] lo speed is unknown, defaulting to 1000
[   90.954984][ T5775] 9pnet: Could not find request transport: rdm
[   91.211099][   T27] audit: type=1326 audit(91.180:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.217387][   T27] audit: type=1326 audit(91.180:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=154 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.223472][   T27] audit: type=1326 audit(91.180:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.229667][   T27] audit: type=1326 audit(91.180:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.235325][   T27] audit: type=1326 audit(91.190:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.241122][   T27] audit: type=1326 audit(91.190:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.246754][   T27] audit: type=1326 audit(91.190:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[   91.982182][ T5791] netlink: 28 bytes leftover after parsing attributes in process `syz.2.548'.
[   92.444619][ T5811] 9pnet: Could not find request transport: rdm
[   92.795978][ T5834] netlink: 552 bytes leftover after parsing attributes in process `syz.0.567'.
[   92.800830][ T5834] netlink: 44 bytes leftover after parsing attributes in process `syz.0.567'.
[   92.980620][ T5843] 9pnet: Could not find request transport: rdm
[   93.847318][ T5853] team0 (unregistering): Port device team_slave_0 removed
[   93.861644][ T5853] team0 (unregistering): Port device team_slave_1 removed
[   93.927165][ T5862] smc: net device bond0 applied user defined pnetid SYZ2
[   94.012636][ T5871] netlink: 24 bytes leftover after parsing attributes in process `syz.0.584'.
[   94.015095][ T5871] netlink: 24 bytes leftover after parsing attributes in process `syz.0.584'.
[   94.258381][ T5889] smc: net device bond0 erased user defined pnetid SYZ2
[   94.287405][ T5883] loop0: detected capacity change from 0 to 8192
[   94.547752][ T5900] smc: net device bond0 applied user defined pnetid SYZ2
[   94.982120][ T5909] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   94.984826][ T5909] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   95.651711][ T5912] netlink: 28 bytes leftover after parsing attributes in process `syz.2.601'.
[   95.657612][ T5912] netlink: 28 bytes leftover after parsing attributes in process `syz.2.601'.
[   95.740643][ T5918] smc: net device bond0 erased user defined pnetid SYZ2
[   95.931429][ T5931] device syzkaller0 entered promiscuous mode
[   95.933355][ T5933] loop1: detected capacity change from 0 to 1024
[   96.012026][ T5933] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   96.074774][   T27] kauditd_printk_skb: 63 callbacks suppressed
[   96.074785][   T27] audit: type=1326 audit(96.040:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.086630][   T27] audit: type=1326 audit(96.050:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.094135][ T4297] EXT4-fs (loop1): unmounting filesystem.
[   96.126306][   T27] audit: type=1326 audit(96.090:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.153965][   T27] audit: type=1326 audit(96.090:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.174241][   T27] audit: type=1326 audit(96.090:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.196868][   T27] audit: type=1326 audit(96.090:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.214769][   T27] audit: type=1326 audit(96.090:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.234194][   T27] audit: type=1326 audit(96.090:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.244635][   T27] audit: type=1326 audit(96.110:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=187 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.271279][   T27] audit: type=1326 audit(96.110:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5942 comm="syz.0.614" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[   96.538342][ T5963] loop0: detected capacity change from 0 to 128
[   96.577704][ T5963] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   96.586407][ T5966] loop3: detected capacity change from 0 to 2048
[   96.664378][ T5972] loop1: detected capacity change from 0 to 128
[   96.682828][ T5972] netlink: 204 bytes leftover after parsing attributes in process `syz.1.627'.
[   96.812392][ T5975] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   96.931851][ T5979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.937420][ T5979] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.239303][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  107.201172][ T5998] netlink: 14 bytes leftover after parsing attributes in process `syz.3.638'.
[  107.203832][ T5998] device hsr_slave_0 left promiscuous mode
[  107.244041][ T5998] device hsr_slave_1 left promiscuous mode
[  107.350394][ T6032] loop2: detected capacity change from 0 to 1024
[  107.361306][ T6032] EXT4-fs: Ignoring removed nobh option
[  107.365257][ T6032] EXT4-fs: Ignoring removed bh option
[  107.368800][ T6032] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  107.397382][ T6032] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  107.402160][ T6010] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  107.447345][ T6032] EXT4-fs (loop2): shut down requested (0)
[  107.541269][   T27] kauditd_printk_skb: 74 callbacks suppressed
[  107.541283][   T27] audit: type=1326 audit(107.510:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.576387][ T6045] loop1: detected capacity change from 0 to 512
[  107.583358][   T27] audit: type=1326 audit(107.510:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=85 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.610214][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  107.618564][   T27] audit: type=1326 audit(107.510:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.643475][   T27] audit: type=1326 audit(107.520:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.651807][ T6045] EXT4-fs (loop1): too many log groups per flexible block group
[  107.654039][ T6045] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  107.655901][ T6045] EXT4-fs (loop1): mount failed
[  107.687874][   T27] audit: type=1326 audit(107.520:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.693860][   T27] audit: type=1326 audit(107.520:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.727243][   T27] audit: type=1326 audit(107.520:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.747318][   T27] audit: type=1326 audit(107.520:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.773229][   T27] audit: type=1326 audit(107.520:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.828351][   T27] audit: type=1326 audit(107.520:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.1.652" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  107.929710][ T6069] netlink: 'syz.3.658': attribute type 10 has an invalid length.
[  107.931854][ T6069] netlink: 40 bytes leftover after parsing attributes in process `syz.3.658'.
[  108.033353][ T6069] team0: Port device geneve0 added
[  108.246687][ T6077] netlink: 'syz.1.660': attribute type 10 has an invalid length.
[  108.276028][ T6077] bond0: (slave dummy0): Releasing backup interface
[  108.321834][ T6077] team0: Port device dummy0 added
[  108.324662][ T6084] netlink: 'syz.1.660': attribute type 10 has an invalid length.
[  108.330781][ T6084] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  108.427183][ T6084] team0: Failed to send options change via netlink (err -105)
[  108.451714][ T6084] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  108.472635][ T6084] team0: Port device dummy0 removed
[  108.509608][ T6084] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  108.544768][ T6092] loop3: detected capacity change from 0 to 512
[  108.547024][ T6092] EXT4-fs: Ignoring removed oldalloc option
[  108.579417][ T6092] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  108.602304][ T6092] EXT4-fs (loop3): 1 truncate cleaned up
[  108.604016][ T6092] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  108.746715][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  108.824303][ T6102] loop4: detected capacity change from 0 to 512
[  108.833823][ T6102] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  108.853080][ T6102] EXT4-fs (loop4): 1 truncate cleaned up
[  108.854803][ T6102] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  108.882542][ T6102] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.672: corrupted in-inode xattr
[  108.911076][ T6102] EXT4-fs (loop4): Remounting filesystem read-only
[  108.912919][ T6102] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1732: inode #15: comm syz.4.672: unable to update i_inline_off
[  108.947019][ T6102] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.672: corrupted in-inode xattr
[  108.954072][ T6110] netlink: 'syz.1.674': attribute type 10 has an invalid length.
[  108.956380][ T6110] netlink: 40 bytes leftover after parsing attributes in process `syz.1.674'.
[  108.963851][ T6102] EXT4-fs (loop4): Remounting filesystem read-only
[  109.062931][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  109.112977][ T6110] team0: Port device geneve0 added
[  109.265332][ T6126] netlink: 'syz.4.680': attribute type 10 has an invalid length.
[  109.317204][ T6126] team0: Port device dummy0 added
[  109.349349][ T6134] netlink: 'syz.4.680': attribute type 10 has an invalid length.
[  109.353334][ T6134] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  109.459725][ T6134] team0: Failed to send options change via netlink (err -105)
[  109.464433][ T6134] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  109.485319][ T6134] team0: Port device dummy0 removed
[  109.514043][ T6134] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  109.802478][ T6151] smc: net device bond0 applied user defined pnetid SYZ2
[  109.815702][ T6151] smc: net device bond0 erased user defined pnetid SYZ2
[  109.850126][ T6153] loop2: detected capacity change from 0 to 512
[  109.855730][ T6153] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  109.873426][ T6153] EXT4-fs (loop2): 1 truncate cleaned up
[  109.874953][ T6153] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  109.891945][ T6153] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.691: corrupted in-inode xattr
[  109.895561][ T6153] EXT4-fs (loop2): Remounting filesystem read-only
[  109.897495][ T6153] EXT4-fs warning (device loop2): ext4_xattr_set_entry:1732: inode #15: comm syz.2.691: unable to update i_inline_off
[  109.904563][ T6153] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.691: corrupted in-inode xattr
[  109.912686][ T6153] EXT4-fs (loop2): Remounting filesystem read-only
[  109.929072][ T6158] netlink: 'syz.4.694': attribute type 10 has an invalid length.
[  109.935489][ T6158] netlink: 40 bytes leftover after parsing attributes in process `syz.4.694'.
[  109.945772][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  110.009708][ T6158] team0: Port device geneve0 added
[  110.235556][ T6176] netlink: 'syz.3.702': attribute type 10 has an invalid length.
[  110.235627][ T6175] loop4: detected capacity change from 0 to 128
[  110.288600][ T6175] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  110.297326][ T6176] team0: Port device dummy0 added
[  110.300403][ T6181] netlink: 'syz.3.702': attribute type 10 has an invalid length.
[  110.326406][ T6181] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  110.377466][ T6182] loop0: detected capacity change from 0 to 512
[  110.381959][ T6181] team0: Failed to send options change via netlink (err -105)
[  110.384118][ T6181] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  110.386964][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.389111][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.391119][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.393113][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.395092][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.397070][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.408558][ T6181] team0: Port device dummy0 removed
[  110.412687][ T6181] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  110.416640][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.418940][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.420938][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.422943][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.424844][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.426830][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.429997][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.432063][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.434060][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.436027][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.438229][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.440266][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.440807][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  110.442188][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.445938][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.448780][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.450828][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.452767][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.454867][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.456531][ T6182] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  110.456942][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.461675][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.463608][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.465661][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.467654][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.469822][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.469840][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.469855][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.469870][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.478202][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.480200][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.482239][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.484223][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.490437][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.491638][ T6182] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  110.492437][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.492456][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.498895][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.500911][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.502916][ T3875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.505704][ T3875] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  110.610233][ T6193] loop4: detected capacity change from 0 to 512
[  110.612874][ T6193] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  110.646198][ T6193] EXT4-fs (loop4): 1 truncate cleaned up
[  110.653392][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  110.657131][ T6193] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  110.669191][ T6193] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.708: corrupted in-inode xattr
[  110.673104][ T6193] EXT4-fs (loop4): Remounting filesystem read-only
[  110.675161][ T6193] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1732: inode #15: comm syz.4.708: unable to update i_inline_off
[  110.679039][ T6193] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.708: corrupted in-inode xattr
[  110.682859][ T6193] EXT4-fs (loop4): Remounting filesystem read-only
[  110.731451][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  110.740544][ T6190] fido_id[6190]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  110.800305][ T6204] netlink: 'syz.1.713': attribute type 10 has an invalid length.
[  110.802866][ T6204] netlink: 40 bytes leftover after parsing attributes in process `syz.1.713'.
[  110.924209][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.714'.
[  111.314350][ T6222] loop1: detected capacity change from 0 to 512
[  111.342918][ T6222] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  111.368372][ T6222] EXT4-fs (loop1): 1 truncate cleaned up
[  111.372336][ T6222] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  111.506710][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  111.536947][ T6229] netlink: 40 bytes leftover after parsing attributes in process `syz.2.725'.
[  111.595584][ T6229] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  111.707830][ T6234] lo speed is unknown, defaulting to 1000
[  111.818235][ T6234] loop4: detected capacity change from 0 to 1024
[  111.820914][ T6234] EXT4-fs: Ignoring removed orlov option
[  112.494960][ T6234] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  112.674454][ T6234] EXT4-fs (loop4): unmounting filesystem.
[  112.709134][ T6247] team0: Port device dummy0 added
[  112.762170][ T6247] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  112.880532][ T6247] team0: Failed to send options change via netlink (err -105)
[  112.882814][ T6247] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  112.908709][ T6247] team0: Port device dummy0 removed
[  112.964046][ T6247] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  113.073933][ T6263] lo speed is unknown, defaulting to 1000
[  113.076112][ T6263] lo speed is unknown, defaulting to 1000
[  113.082341][ T6263] lo speed is unknown, defaulting to 1000
[  113.096838][ T6263] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  113.123544][ T6263] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  113.204603][ T6263] lo speed is unknown, defaulting to 1000
[  113.212578][ T6263] lo speed is unknown, defaulting to 1000
[  113.220218][ T6263] lo speed is unknown, defaulting to 1000
[  113.227604][ T6263] lo speed is unknown, defaulting to 1000
[  113.234564][ T6263] lo speed is unknown, defaulting to 1000
[  113.242141][ T6263] lo speed is unknown, defaulting to 1000
[  113.814891][ T6267] validate_nla: 3 callbacks suppressed
[  113.814905][ T6267] netlink: 'syz.3.739': attribute type 10 has an invalid length.
[  113.843793][ T6267] netlink: 40 bytes leftover after parsing attributes in process `syz.3.739'.
[  113.983995][   T27] kauditd_printk_skb: 132 callbacks suppressed
[  113.984009][   T27] audit: type=1326 audit(113.950:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  114.013791][   T27] audit: type=1326 audit(113.950:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=176 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  114.057942][   T27] audit: type=1326 audit(113.950:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  114.064139][   T27] audit: type=1326 audit(113.950:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  114.116328][ T6280] loop4: detected capacity change from 0 to 512
[  114.148796][ T6286] loop2: detected capacity change from 0 to 512
[  114.157692][ T6286] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  114.180530][ T6280] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  114.184620][ T6286] EXT4-fs (loop2): 1 truncate cleaned up
[  114.186389][ T6286] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  114.232572][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  114.329480][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  114.433164][ T6303] netlink: 'syz.1.755': attribute type 10 has an invalid length.
[  114.435318][ T6303] netlink: 40 bytes leftover after parsing attributes in process `syz.1.755'.
[  114.550408][ T6311] loop2: detected capacity change from 0 to 164
[  114.556208][ T6311] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.570837][ T6311] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.585312][ T6311] Symlink component flag not implemented
[  114.588274][ T6311] Symlink component flag not implemented
[  114.732192][ T6320] netem: change failed
[  114.838025][ T6324] vhci_hcd: invalid port number 96
[  114.839830][ T6324] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  115.069364][ T6335] tipc: Started in network mode
[  115.076704][ T6335] tipc: Node identity bab7a2e01836, cluster identity 4711
[  115.084815][ T6335] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.089987][ T6338] netlink: 'syz.2.770': attribute type 10 has an invalid length.
[  115.093400][ T6338] netlink: 40 bytes leftover after parsing attributes in process `syz.2.770'.
[  115.098433][ T6338] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  115.110475][ T6335] syzkaller0: MTU too low for tipc bearer
[  115.112224][ T6335] tipc: Disabling bearer <eth:syzkaller0>
[  115.470684][ T6364] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  115.758449][ T6367] netlink: 'syz.2.783': attribute type 10 has an invalid length.
[  115.765917][ T6367] netlink: 40 bytes leftover after parsing attributes in process `syz.2.783'.
[  115.776046][ T6367] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  115.833433][ T6379] netlink: 64 bytes leftover after parsing attributes in process `syz.1.786'.
[  115.880831][ T6396] loop2: detected capacity change from 0 to 2048
[  115.906251][ T6396] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  116.098469][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  116.106042][ T6406] loop4: detected capacity change from 0 to 512
[  116.126734][ T6406] EXT4-fs: Ignoring removed orlov option
[  116.142831][ T6406] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  116.164326][ T6406] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  116.177549][ T6406] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.797: corrupted in-inode xattr
[  116.200547][ T6406] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.797: couldn't read orphan inode 15 (err -117)
[  116.207953][ T6406] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  116.409803][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  116.472770][ T6416] loop0: detected capacity change from 0 to 512
[  116.488067][ T6416] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  116.521193][ T6416] EXT4-fs (loop0): 1 truncate cleaned up
[  116.523985][ T6416] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  116.639464][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  117.438406][ T6430] netlink: 'syz.4.803': attribute type 10 has an invalid length.
[  117.441047][ T6430] netlink: 40 bytes leftover after parsing attributes in process `syz.4.803'.
[  117.456400][   T27] audit: type=1326 audit(117.420:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  117.464431][   T27] audit: type=1326 audit(117.420:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff83358dd4 code=0x7ffc0000
[  117.471534][   T27] audit: type=1326 audit(117.420:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff83358dd4 code=0x7ffc0000
[  117.477538][   T27] audit: type=1326 audit(117.420:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  117.485760][   T27] audit: type=1326 audit(117.420:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=50 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  117.491924][   T27] audit: type=1326 audit(117.420:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  117.735430][ T6441] loop0: detected capacity change from 0 to 512
[  117.772839][ T6441] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  117.795048][ T6448] netlink: 'syz.3.807': attribute type 2 has an invalid length.
[  117.803160][ T6448] netlink: 'syz.3.807': attribute type 1 has an invalid length.
[  117.816372][ T6441] EXT4-fs (loop0): 1 truncate cleaned up
[  117.820908][ T6441] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  117.857428][ T6441] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[  117.971403][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  118.093983][ T6456] loop0: detected capacity change from 0 to 512
[  118.103631][ T6456] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  118.134834][ T6459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.816'.
[  118.137589][ T6459] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.150492][ T6456] EXT4-fs (loop0): 1 truncate cleaned up
[  118.152316][ T6456] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  118.159632][ T6459] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.171006][ T6459] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.173074][ T6459] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.298747][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  118.446335][ T6468] netlink: 36 bytes leftover after parsing attributes in process `syz.1.820'.
[  118.566868][ T6470] netlink: 'syz.0.823': attribute type 10 has an invalid length.
[  118.587979][ T6470] netlink: 40 bytes leftover after parsing attributes in process `syz.0.823'.
[  118.593719][ T6474] loop4: detected capacity change from 0 to 128
[  118.656629][ T6470] team0: Port device geneve0 added
[  118.977208][ T6486] loop4: detected capacity change from 0 to 512
[  119.015544][ T6486] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  119.041762][ T6490] netlink: 36 bytes leftover after parsing attributes in process `syz.0.831'.
[  119.050236][ T6486] EXT4-fs (loop4): 1 truncate cleaned up
[  119.052002][ T6486] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  119.174471][ T6496] loop0: detected capacity change from 0 to 512
[  119.187258][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  119.236333][ T6496] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  119.302076][ T6504] netlink: 'syz.2.836': attribute type 10 has an invalid length.
[  119.304476][ T6504] netlink: 40 bytes leftover after parsing attributes in process `syz.2.836'.
[  119.307048][ T6504] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  119.422455][ T6507] loop2: detected capacity change from 0 to 1024
[  119.442971][ T6507] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  119.472065][ T6507] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  119.484928][ T6507] EXT4-fs (loop2): orphan cleanup on readonly fs
[  119.493661][ T6507] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.837: Inode bitmap for bg 0 marked uninitialized
[  119.510988][ T6507] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  119.555798][ T6507] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  119.584945][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  119.593225][ T6514] loop4: detected capacity change from 0 to 256
[  119.635655][ T6514] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  119.664314][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  119.816636][ T6523] netlink: 36 bytes leftover after parsing attributes in process `syz.3.843'.
[  119.902767][ T6525] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  119.968845][ T6525] device syzkaller0 entered promiscuous mode
[  119.971899][ T6525] tipc: Resetting bearer <eth:syzkaller0>
[  119.972312][ T6529] loop3: detected capacity change from 0 to 512
[  119.988005][ T6529] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  120.004226][ T6529] EXT4-fs (loop3): 1 truncate cleaned up
[  120.005792][ T6529] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  120.093230][ T6537] netlink: 'syz.2.850': attribute type 10 has an invalid length.
[  120.102464][ T6537] netlink: 40 bytes leftover after parsing attributes in process `syz.2.850'.
[  120.106178][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  120.123054][ T6537] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  120.152869][ T6524] tipc: Resetting bearer <eth:syzkaller0>
[  125.938752][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  125.940526][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  131.301523][ T6524] tipc: Disabling bearer <eth:syzkaller0>
[  131.328489][ T6553] netlink: 28 bytes leftover after parsing attributes in process `syz.3.857'.
[  131.430330][ T6564] loop2: detected capacity change from 0 to 512
[  131.464940][ T6564] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  131.522154][ T6571] netlink: 'syz.1.863': attribute type 10 has an invalid length.
[  131.522789][ T6564] EXT4-fs (loop2): 1 truncate cleaned up
[  131.524507][ T6571] netlink: 40 bytes leftover after parsing attributes in process `syz.1.863'.
[  131.525911][ T6564] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  131.681696][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  131.681709][   T27] audit: type=1326 audit(131.650:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.705826][   T27] audit: type=1326 audit(131.650:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.737930][   T27] audit: type=1326 audit(131.650:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.743862][   T27] audit: type=1326 audit(131.650:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.760958][ T6579] netlink: 4 bytes leftover after parsing attributes in process `syz.4.864'.
[  131.781663][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  131.789154][   T27] audit: type=1326 audit(131.650:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.795135][   T27] audit: type=1326 audit(131.650:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=1 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.825671][   T27] audit: type=1326 audit(131.650:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb135a8a8 code=0x7ffc0000
[  131.852349][ T6579] device team1 entered promiscuous mode
[  132.034437][ T6590] netlink: 28 bytes leftover after parsing attributes in process `syz.3.872'.
[  132.168903][ T6595] tipc: Started in network mode
[  132.171505][ T6595] tipc: Node identity 5e32ab3c1bc7, cluster identity 4711
[  132.176277][ T6595] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  132.250436][   T27] audit: type=1107 audit(132.220:721): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  132.251275][ T6595] device syzkaller0 entered promiscuous mode
[  132.291645][ T6603] netlink: 60 bytes leftover after parsing attributes in process `syz.0.874'.
[  132.296356][ T6595] tipc: Resetting bearer <eth:syzkaller0>
[  132.396806][   T11] tipc: Resetting bearer <eth:syzkaller0>
[  132.405785][ T6592] tipc: Resetting bearer <eth:syzkaller0>
[  132.453265][ T6609] netlink: 32 bytes leftover after parsing attributes in process `syz.1.880'.
[  133.249185][   T24] tipc: Node number set to 1173728060
[  143.380425][ T6592] tipc: Disabling bearer <eth:syzkaller0>
[  143.394694][ T6621] netlink: 'syz.0.883': attribute type 10 has an invalid length.
[  143.396886][ T6621] netlink: 40 bytes leftover after parsing attributes in process `syz.0.883'.
[  143.639438][ T6635] lo speed is unknown, defaulting to 1000
[  143.673989][ T6635] lo speed is unknown, defaulting to 1000
[  143.702771][ T6635] vhci_hcd: default hub control req: 0012 v0009 i0004 l0
[  143.712816][ T6636] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.733899][ T6636] syzkaller0: MTU too low for tipc bearer
[  143.735518][ T6636] tipc: Disabling bearer <eth:syzkaller0>
[  143.963842][ T6644] netlink: 16 bytes leftover after parsing attributes in process `syz.4.892'.
[  145.669688][ T6668] lo speed is unknown, defaulting to 1000
[  145.703133][ T6668] lo speed is unknown, defaulting to 1000
[  145.893259][ T6676] loop3: detected capacity change from 0 to 512
[  145.910243][ T6676] EXT4-fs: Ignoring removed orlov option
[  145.912252][ T6676] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  146.210410][ T6679] loop4: detected capacity change from 0 to 1764
[  146.640560][ T6676] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  146.689599][ T6676] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.902: corrupted in-inode xattr
[  146.721838][ T6676] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.902: couldn't read orphan inode 15 (err -117)
[  146.829594][ T6676] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  146.927962][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  147.014602][ T6694] netlink: 16 bytes leftover after parsing attributes in process `syz.0.907'.
[  147.099560][ T6698] netlink: 56 bytes leftover after parsing attributes in process `syz.2.906'.
[  147.114238][   T27] audit: type=1326 audit(147.080:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.127060][   T27] audit: type=1326 audit(147.090:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.150102][   T27] audit: type=1326 audit(147.120:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.156136][   T27] audit: type=1326 audit(147.120:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.172716][   T27] audit: type=1326 audit(147.120:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.179601][   T27] audit: type=1326 audit(147.120:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.185804][   T27] audit: type=1326 audit(147.120:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.198364][   T27] audit: type=1326 audit(147.120:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.204437][   T27] audit: type=1326 audit(147.120:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.213384][   T27] audit: type=1326 audit(147.120:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6696 comm="syz.3.905" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  147.457547][ T6716] vhci_hcd: invalid port number 96
[  147.460249][ T6716] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  147.565752][ T6719] loop1: detected capacity change from 0 to 512
[  147.573304][ T6719] EXT4-fs: Ignoring removed orlov option
[  147.583787][ T6719] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  147.596834][ T6719] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  147.602891][ T6719] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.915: corrupted in-inode xattr
[  147.615808][ T6719] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.915: couldn't read orphan inode 15 (err -117)
[  147.626687][ T6719] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  147.741756][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  148.029232][ T6732] loop2: detected capacity change from 0 to 1764
[  148.723309][ T6733] netlink: 16 bytes leftover after parsing attributes in process `syz.1.919'.
[  149.007336][ T6750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.927'.
[  149.383258][ T6762] netlink: 12 bytes leftover after parsing attributes in process `syz.1.931'.
[  149.792913][ T6765] lo speed is unknown, defaulting to 1000
[  150.111768][ T6765] lo speed is unknown, defaulting to 1000
[  150.494449][ T6776] netlink: 'syz.1.932': attribute type 10 has an invalid length.
[  150.504245][ T6776] netlink: 40 bytes leftover after parsing attributes in process `syz.1.932'.
[  150.597791][    C1] sched: RT throttling activated
[  150.613913][ T6779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.934'.
[  151.031668][ T6792] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.046738][ T6789] tipc: Disabling bearer <eth:syzkaller0>
[  151.260440][ T6804] netlink: 4 bytes leftover after parsing attributes in process `syz.4.945'.
[  151.304257][ T6797] lo speed is unknown, defaulting to 1000
[  151.338541][ T6797] lo speed is unknown, defaulting to 1000
[  151.346728][ T6804] loop4: detected capacity change from 0 to 512
[  152.079135][ T6804] EXT4-fs: Ignoring removed oldalloc option
[  152.089031][ T6807] lo speed is unknown, defaulting to 1000
[  152.122043][ T6807] lo speed is unknown, defaulting to 1000
[  152.186419][ T6804] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  152.244987][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'.
[  152.265375][ T6804] EXT4-fs (loop4): 1 truncate cleaned up
[  152.266996][ T6804] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  152.276292][ T6817] netlink: 'syz.3.948': attribute type 10 has an invalid length.
[  152.278630][ T6817] netlink: 40 bytes leftover after parsing attributes in process `syz.3.948'.
[  152.418665][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  152.488539][   T24] Process accounting resumed
[  152.688211][ T6834] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  152.700879][ T6831] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.707471][ T6829] tipc: Disabling bearer <eth:syzkaller0>
[  152.762944][ T6843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.960'.
[  152.973331][ T6852] netlink: 'syz.4.964': attribute type 10 has an invalid length.
[  152.975549][ T6852] netlink: 40 bytes leftover after parsing attributes in process `syz.4.964'.
[  153.123298][ T6858] loop4: detected capacity change from 0 to 1024
[  153.160076][ T6859] device vlan3 entered promiscuous mode
[  153.204600][ T6858] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  153.350854][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  153.350867][ T6869] loop3: detected capacity change from 0 to 1024
[  153.444559][ T6869] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  153.585116][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  153.733399][ T6881] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  153.774681][   T27] kauditd_printk_skb: 37 callbacks suppressed
[  153.774692][   T27] audit: type=1326 audit(153.740:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6845 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7fc00000
[  153.798643][ T6885] tipc: Started in network mode
[  153.800228][ T6885] tipc: Node identity 56f230df6cfa, cluster identity 4711
[  153.802405][ T6885] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  153.805997][ T6888] __nla_validate_parse: 1 callbacks suppressed
[  153.806010][ T6888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.975'.
[  153.859364][ T6874] tipc: Disabling bearer <eth:syzkaller0>
[  153.866829][ T6891] netlink: 'syz.0.976': attribute type 10 has an invalid length.
[  153.870276][ T6891] netlink: 40 bytes leftover after parsing attributes in process `syz.0.976'.
[  154.034339][ T6897] IPv6: Can't replace route, no match found
[  154.067165][ T6901] lo speed is unknown, defaulting to 1000
[  154.262049][ T6906] netlink: 4 bytes leftover after parsing attributes in process `syz.4.983'.
[  154.357247][ T6901] lo speed is unknown, defaulting to 1000
[  154.508125][ T6915] loop0: detected capacity change from 0 to 512
[  154.568471][ T6917] netlink: 'syz.2.988': attribute type 10 has an invalid length.
[  154.570664][ T6917] netlink: 40 bytes leftover after parsing attributes in process `syz.2.988'.
[  154.573079][ T6917] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  154.651855][   T27] audit: type=1326 audit(154.620:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.661375][   T27] audit: type=1326 audit(154.630:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.669020][   T27] audit: type=1326 audit(154.630:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.674935][   T27] audit: type=1326 audit(154.640:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.679375][ T6915] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  154.687896][   T27] audit: type=1326 audit(154.640:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.693855][   T27] audit: type=1326 audit(154.640:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.707604][   T27] audit: type=1326 audit(154.650:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.714245][   T27] audit: type=1326 audit(154.650:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.720525][   T27] audit: type=1326 audit(154.650:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="syz.3.990" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8055a8a8 code=0x7ffc0000
[  154.773905][ T6925] netlink: 8 bytes leftover after parsing attributes in process `syz.1.989'.
[  154.870334][ T6931] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  154.941553][ T6932] device syzkaller0 entered promiscuous mode
[  154.978518][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  155.218010][ T6950] loop4: detected capacity change from 0 to 512
[  155.226724][ T6950] journal_path: Lookup failure for './bus'
[  155.230800][ T6950] EXT4-fs: error: could not find journal device path
[  155.312114][ T6952] netlink: 100 bytes leftover after parsing attributes in process `+}[@'.
[  163.858014][ T4302] Bluetooth: hci1: command 0x0406 tx timeout
[  163.859770][ T4302] Bluetooth: hci0: command 0x0406 tx timeout
[  163.861418][ T4302] Bluetooth: hci2: command 0x0406 tx timeout
[  163.863053][ T4302] Bluetooth: hci4: command 0x0406 tx timeout
[  163.864650][ T4302] Bluetooth: hci3: command 0x0406 tx timeout
[  166.200861][ T6934] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  166.295853][ T6961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1002'.
[  166.334987][ T6957] netlink: 'syz.4.1001': attribute type 10 has an invalid length.
[  166.337234][ T6957] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1001'.
[  166.340245][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  166.776764][ T6972] lo speed is unknown, defaulting to 1000
[  167.117806][ T6972] lo speed is unknown, defaulting to 1000
[  167.284326][ T6971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.309221][ T6971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  167.462591][ T6980] vhci_hcd: invalid port number 96
[  167.469937][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1009'.
[  167.472786][ T6980] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  167.585934][ T6987] device syzkaller0 entered promiscuous mode
[  167.627964][ T6991] netlink: 'syz.3.1013': attribute type 20 has an invalid length.
[  179.558198][ T6993] netlink: 'syz.3.1014': attribute type 10 has an invalid length.
[  179.560446][ T6993] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1014'.
[  179.616267][ T7010] lo speed is unknown, defaulting to 1000
[  179.651922][ T7010] lo speed is unknown, defaulting to 1000
[  179.747141][ T7030] IPv4: Oversized IP packet from 127.202.26.0
[  179.776228][ T7031] netlink: 'syz.0.1024': attribute type 20 has an invalid length.
[  180.199176][ T7050] netlink: 'syz.4.1033': attribute type 10 has an invalid length.
[  180.201409][ T7050] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1033'.
[  180.236737][ T7051] device syzkaller0 entered promiscuous mode
[  180.895503][   T27] kauditd_printk_skb: 6 callbacks suppressed
[  180.895516][   T27] audit: type=1326 audit(180.860:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.906846][   T27] audit: type=1326 audit(180.860:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.917626][   T27] audit: type=1326 audit(180.870:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=277 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.928410][   T27] audit: type=1326 audit(180.870:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.934139][   T27] audit: type=1326 audit(180.870:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.949852][   T27] audit: type=1326 audit(180.870:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.958130][   T27] audit: type=1326 audit(180.870:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.963998][   T27] audit: type=1326 audit(180.870:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.981511][   T27] audit: type=1326 audit(180.880:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  180.990630][   T27] audit: type=1326 audit(180.880:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  181.465321][ T7062] netlink: 'syz.0.1038': attribute type 20 has an invalid length.
[  184.112549][ T7078] loop3: detected capacity change from 0 to 128
[  187.379553][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  187.381404][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  192.332860][ T7066] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  192.388431][ T7075] tipc: Started in network mode
[  192.389820][ T7075] tipc: Node identity ac14140f, cluster identity 4711
[  192.392409][ T7075] tipc: New replicast peer: 10.1.1.2
[  192.394053][ T7075] tipc: Enabled bearer <udp:syz0>, priority 10
[  192.396948][ T7080] netlink: 'syz.3.1045': attribute type 10 has an invalid length.
[  192.399572][ T7080] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1045'.
[  192.833981][ T7092] siw: device registration error -23
[  193.453185][ T4400] tipc: Node number set to 2886997007
[  193.556037][ T7095] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  193.664004][ T7101] loop4: detected capacity change from 0 to 128
[  193.687053][ T7101] EXT4-fs: Ignoring removed nobh option
[  193.745374][ T7101] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  193.978780][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  194.299322][ T7119] device syzkaller0 entered promiscuous mode
[  195.563100][ T7138] ieee802154 phy0 wpan0: encryption failed: -22
[  195.895661][ T7148] loop0: detected capacity change from 0 to 2048
[  195.936948][ T7148] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  196.487361][ T7165] loop3: detected capacity change from 0 to 8192
[  196.542443][ T7165]  loop3: p1 p3 p4
[  196.544091][ T7165] loop3: p1 size 8390912 extends beyond EOD, truncated
[  196.547336][ T7165] loop3: p3 size 589824 extends beyond EOD, truncated
[  196.753495][ T7081] udevd[7081]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  196.756030][ T7107] udevd[7107]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  196.763779][ T7168] udevd[7168]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  206.943454][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  207.257818][ T7198] loop3: detected capacity change from 0 to 512
[  207.265465][ T7198] EXT4-fs: Ignoring removed mblk_io_submit option
[  207.267409][ T7198] EXT4-fs: Ignoring removed bh option
[  207.303525][ T7198] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  207.306702][ T7198] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  207.620166][ T7198] EXT4-fs (loop3): 1 truncate cleaned up
[  207.621876][ T7198] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.742085][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  207.742098][   T27] audit: type=1326 audit(207.710:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7203 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  207.754143][   T27] audit: type=1326 audit(207.710:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7203 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  207.781180][   T27] audit: type=1326 audit(207.710:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7203 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=28 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  207.802976][   T27] audit: type=1326 audit(207.710:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7203 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  207.884934][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  207.886652][   T27] audit: type=1326 audit(207.710:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7203 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  208.102300][ T7229] netlink: 'syz.2.1085': attribute type 13 has an invalid length.
[  208.113402][ T7226] loop4: detected capacity change from 0 to 512
[  208.128857][ T7226] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.161458][ T7226] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  208.321480][ T7226] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  209.215450][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  209.310609][ T7229] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.795550][ T7229] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.823415][ T7229] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.176012][ T7229] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  210.178712][ T7229] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  210.181146][ T7229] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  210.183541][ T7229] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  210.531346][ T7254] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  210.817655][ T7298] netlink: 'syz.3.1097': attribute type 10 has an invalid length.
[  210.827629][ T7298] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1097'.
[  212.694068][ T7356] netlink: 'syz.2.1111': attribute type 10 has an invalid length.
[  212.703877][ T7356] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1111'.
[  212.709948][ T7356] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  213.568139][ T7377] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  213.805022][ T7393] device dummy0 entered promiscuous mode
[  213.807354][ T7391] device dummy0 left promiscuous mode
[  214.931758][ T7406] netlink: 'syz.3.1129': attribute type 10 has an invalid length.
[  214.934134][ T7406] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1129'.
[  215.050676][ T7418] loop4: detected capacity change from 0 to 1024
[  215.069823][ T7420] loop0: detected capacity change from 0 to 512
[  215.079756][ T7420] ext4: Unknown parameter 'obj_type'
[  215.170024][ T7418] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2002c018, mo2=0002]
[  215.201779][ T7418] System zones: 0-1, 3-12
[  215.214983][ T7418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  215.219843][ T7430] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  215.312560][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  215.453741][   T27] audit: type=1326 audit(215.420:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.462149][ T7440] loop0: detected capacity change from 0 to 1024
[  215.463406][   T27] audit: type=1326 audit(215.420:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.473855][   T27] audit: type=1326 audit(215.430:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.483661][   T27] audit: type=1326 audit(215.430:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.496602][   T27] audit: type=1326 audit(215.430:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.506035][   T27] audit: type=1326 audit(215.430:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.508080][ T7440] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  215.517180][   T27] audit: type=1326 audit(215.430:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.527997][   T27] audit: type=1326 audit(215.430:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.533832][   T27] audit: type=1326 audit(215.430:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.554276][   T27] audit: type=1326 audit(215.430:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.4.1139" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  215.625011][ T7440] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  215.628482][ T7440] EXT4-fs (loop0): orphan cleanup on readonly fs
[  215.630741][ T7440] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz.0.1141: Inode bitmap for bg 0 marked uninitialized
[  215.634539][ T7440] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  215.675623][ T7440] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  215.744883][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  215.820325][ T7448] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1145'.
[  215.881133][ T7452] netlink: 'syz.1.1147': attribute type 10 has an invalid length.
[  215.888910][ T7452] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1147'.
[  216.071813][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1153'.
[  216.074689][ T7464] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  216.108237][ T7464] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  216.242093][ T7476] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  216.311230][ T7478] netlink: 'syz.3.1160': attribute type 10 has an invalid length.
[  216.319712][ T7478] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1160'.
[  216.393412][ T7484] bridge0: port 1(macvlan2) entered blocking state
[  216.395332][ T7484] bridge0: port 1(macvlan2) entered disabled state
[  216.481008][ T7485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1161'.
[  216.486699][ T7485] device vlan2 entered promiscuous mode
[  216.492346][ T7485] device batadv0 entered promiscuous mode
[  216.646878][ T7497] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1168'.
[  216.722576][ T7501] loop0: detected capacity change from 0 to 164
[  216.737265][ T7501] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.825789][ T7503] netlink: 'syz.0.1172': attribute type 10 has an invalid length.
[  216.830408][ T7503] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1172'.
[  216.924510][ T7508] loop0: detected capacity change from 0 to 128
[  217.326521][ T7522] loop0: detected capacity change from 0 to 1024
[  217.346425][ T7522] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  217.365881][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  217.459318][ T7531] netlink: 'syz.1.1183': attribute type 10 has an invalid length.
[  217.462118][ T7531] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1183'.
[  217.520218][ T7533] loop0: detected capacity change from 0 to 1024
[  217.560081][ T7533] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  217.677744][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  217.801008][ T7548] bridge0: port 3(vlan2) entered blocking state
[  217.808469][ T7548] bridge0: port 3(vlan2) entered disabled state
[  217.811672][ T7548] device vlan2 entered promiscuous mode
[  217.813332][ T7548] device bond0 entered promiscuous mode
[  217.814946][ T7548] device bond_slave_0 entered promiscuous mode
[  217.816867][ T7548] device bond_slave_1 entered promiscuous mode
[  217.819365][ T7548] device dummy0 entered promiscuous mode
[  217.994929][ T7559] loop0: detected capacity change from 0 to 256
[  218.114263][ T7564] netlink: 'syz.1.1198': attribute type 10 has an invalid length.
[  218.118433][ T7564] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1198'.
[  218.204757][ T7566] loop1: detected capacity change from 0 to 1024
[  218.460640][ T7579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1204'.
[  218.543828][ T7584] loop2: detected capacity change from 0 to 512
[  218.596083][ T7584] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  218.666980][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  218.676100][ T7591] loop0: detected capacity change from 0 to 1024
[  218.724594][ T7591] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  218.735325][ T7595] netlink: 'syz.2.1209': attribute type 10 has an invalid length.
[  218.737607][ T7595] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1209'.
[  218.740740][ T7595] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  218.774029][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  218.787420][ T7597] device syzkaller1 entered promiscuous mode
[  218.882294][ T7601] netlink: 'syz.0.1212': attribute type 1 has an invalid length.
[  219.306019][ T7622] netlink: 'syz.2.1220': attribute type 10 has an invalid length.
[  219.308450][ T7622] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  219.412231][ T7625] loop0: detected capacity change from 0 to 512
[  219.442677][ T7625] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  219.705739][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  219.876188][ T7657] netlink: 'syz.2.1235': attribute type 10 has an invalid length.
[  219.887173][ T7657] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  219.959726][ T7661] loop3: detected capacity change from 0 to 2048
[  220.056172][ T7661] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  220.313184][ T7678] loop2: detected capacity change from 0 to 164
[  220.322982][ T7678] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.469386][ T7686] netlink: 'syz.2.1248': attribute type 10 has an invalid length.
[  220.472149][ T7686] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  220.897705][ T4305] EXT4-fs (loop3): unmounting filesystem.
[  221.004984][ T7711] netlink: 'syz.0.1260': attribute type 10 has an invalid length.
[  221.010499][ T7711] __nla_validate_parse: 4 callbacks suppressed
[  221.010509][ T7711] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1260'.
[  221.024440][ T7713] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  221.600992][ T7731] device syzkaller0 entered promiscuous mode
[  221.756311][ T7737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1269'.
[  221.852036][ T7739] loop2: detected capacity change from 0 to 1024
[  221.870976][ T7739] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  221.913585][ T7739] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  221.945096][ T7747] netlink: 'syz.1.1273': attribute type 10 has an invalid length.
[  221.965132][ T7747] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1273'.
[  222.005963][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  222.561808][ T7771] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  223.481042][ T7778] loop1: detected capacity change from 0 to 512
[  223.483259][ T7778] EXT4-fs: Ignoring removed mblk_io_submit option
[  223.484984][ T7778] EXT4-fs: Ignoring removed bh option
[  223.547166][ T7778] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  223.550549][ T7778] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  223.953781][ T7784] netlink: 'syz.4.1287': attribute type 10 has an invalid length.
[  223.956106][ T7784] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1287'.
[  223.963245][ T7778] EXT4-fs (loop1): 1 truncate cleaned up
[  223.964892][ T7778] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  224.293302][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  225.301874][ T7807] loop3: detected capacity change from 0 to 1024
[  225.360570][ T7807] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  225.445396][ T7815] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  225.555135][ T7817] netlink: 'syz.1.1300': attribute type 10 has an invalid length.
[  225.564405][ T7817] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1300'.
[  225.591201][ T7820] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1296: bg 0: block 393: padding at end of block bitmap is not set
[  225.644314][ T7820] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 752 with error 117
[  225.672245][ T7820] EXT4-fs (loop3): This should not happen!! Data will be lost
[  225.672245][ T7820] 
[  225.814006][ T7820] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[  225.837669][ T7820] EXT4-fs (loop3): This should not happen!! Data will be lost
[  225.837669][ T7820] 
[  225.854602][ T7825] loop1: detected capacity change from 0 to 512
[  225.856571][ T7820] EXT4-fs (loop3): Total free blocks count 0
[  225.865711][ T7820] EXT4-fs (loop3): Free/Dirty block details
[  225.890656][ T7825] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  225.903239][ T7820] EXT4-fs (loop3): free_blocks=0
[  225.913458][ T7820] EXT4-fs (loop3): dirty_blocks=32
[  225.930528][ T7820] EXT4-fs (loop3): Block reservation details
[  226.001754][ T7825] EXT4-fs (loop1): 1 truncate cleaned up
[  226.003325][ T7825] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  226.114801][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  226.534348][ T7844] loop3: detected capacity change from 0 to 164
[  226.598189][ T7844] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  226.606452][ T7847] netlink: 'syz.1.1312': attribute type 10 has an invalid length.
[  226.612613][ T7847] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1312'.
[  228.247934][ T7874] netlink: 'syz.0.1323': attribute type 10 has an invalid length.
[  228.250312][ T7874] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1323'.
[  228.438287][ T7792] Set syz1 is full, maxelem 65536 reached
[  228.955728][ T7904] loop2: detected capacity change from 0 to 2048
[  228.976625][ T7905] netlink: 'syz.1.1337': attribute type 10 has an invalid length.
[  229.000627][ T7905] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1337'.
[  229.024150][ T7904] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  229.071399][ T7904] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  229.102802][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  229.206223][   T27] kauditd_printk_skb: 32 callbacks suppressed
[  229.206237][   T27] audit: type=1326 audit(229.170:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7917 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  229.214001][   T27] audit: type=1326 audit(229.180:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7917 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  229.241227][   T27] audit: type=1326 audit(229.180:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7917 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  229.247146][   T27] audit: type=1326 audit(229.180:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7917 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=68 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  229.271232][   T27] audit: type=1326 audit(229.180:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7917 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  229.425397][ T7930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1347'.
[  229.428310][ T7929] loop1: detected capacity change from 0 to 1024
[  229.430670][ T7929] EXT4-fs: Ignoring removed oldalloc option
[  229.432327][ T7929] EXT4-fs: Ignoring removed bh option
[  229.448131][ T7929] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  229.472244][ T7923] loop4: detected capacity change from 0 to 1024
[  229.474596][ T7923] EXT4-fs: inline encryption not supported
[  229.476423][ T7923] EXT4-fs: Ignoring removed bh option
[  229.565135][ T7929] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  229.585162][ T7922] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1343'.
[  229.629261][ T7923] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  229.677140][ T7945] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1351'.
[  229.772957][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  229.797392][ T4304] EXT4-fs (loop4): unmounting filesystem.
[  229.842992][ T7951] netlink: 'syz.3.1350': attribute type 10 has an invalid length.
[  229.845227][ T7951] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1350'.
[  229.940639][ T7962] netlink: 92 bytes leftover after parsing attributes in process `+}[@'.
[  229.990518][ T7964] netlink: 'syz.0.1356': attribute type 10 has an invalid length.
[  229.992690][ T7964] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1356'.
[  230.276944][ T7977] loop0: detected capacity change from 0 to 1024
[  230.311242][ T7977] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  230.417450][ T7977] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.1365: Allocating blocks 497-513 which overlap fs metadata
[  230.428703][ T7977] EXT4-fs (loop0): pa 0000000072b9d15f: logic 256, phys. 385, len 8
[  230.431245][ T7977] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  230.462860][ T7990] netlink: 'syz.4.1368': attribute type 10 has an invalid length.
[  230.465233][ T7990] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1368'.
[  230.572786][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  230.676373][ T8000] netdevsim netdevsim1: Direct firmware load for À failed with error -2
[  230.682902][ T8000] netdevsim netdevsim1: Falling back to sysfs fallback for: À
[  230.692580][   T27] audit: type=1326 audit(230.660:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  230.702344][   T27] audit: type=1326 audit(230.660:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  230.709286][   T27] audit: type=1326 audit(230.660:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  230.715147][   T27] audit: type=1326 audit(230.660:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  230.731058][   T27] audit: type=1326 audit(230.660:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  230.811360][ T8007] netlink: 'syz.0.1375': attribute type 3 has an invalid length.
[  230.815289][ T8008] xt_CT: You must specify a L4 protocol and not use inversions on it
[  230.922674][ T8012] netlink: 'syz.3.1379': attribute type 10 has an invalid length.
[  231.238793][ T8020] lo speed is unknown, defaulting to 1000
[  231.599234][ T8020] lo speed is unknown, defaulting to 1000
[  232.184364][ T8040] netlink: 'syz.3.1391': attribute type 10 has an invalid length.
[  232.186648][ T8040] __nla_validate_parse: 1 callbacks suppressed
[  232.186657][ T8040] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1391'.
[  232.285489][ T8043] loop1: detected capacity change from 0 to 1764
[  232.393607][ T8046] xt_hashlimit: max too large, truncated to 1048576
[  232.890604][ T8067] loop0: detected capacity change from 0 to 2048
[  232.947210][ T8071] loop2: detected capacity change from 0 to 128
[  232.976699][ T8067] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  233.015678][ T8071] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  233.069675][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  233.078079][ T8075] netlink: 'syz.4.1403': attribute type 10 has an invalid length.
[  233.080423][ T8075] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1403'.
[  233.311211][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  233.509059][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1404'.
[  233.511706][ T8084] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  233.514282][ T8084] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  233.762657][ T8095] 9p: Unknown Cache mode mmé
[  233.767315][ T8097] netlink: 'syz.4.1412': attribute type 2 has an invalid length.
[  233.769985][ T8097] netlink: 'syz.4.1412': attribute type 1 has an invalid length.
[  233.959458][ T8098] loop2: detected capacity change from 0 to 8192
[  233.978897][ T8098] Set syz1 is full, maxelem 65536 reached
[  234.225176][ T8103] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1414'.
[  234.466906][ T8111] netlink: 'syz.0.1416': attribute type 10 has an invalid length.
[  234.469267][ T8111] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1416'.
[  234.515715][ T8113] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1419'.
[  234.522617][ T8113] IPVS: Unknown mcast interface: vcan0
[  234.563595][ T8117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1421'.
[  235.193093][ T8143] netlink: 'syz.0.1431': attribute type 10 has an invalid length.
[  235.196757][ T8143] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1431'.
[  235.265406][ T8146] lo speed is unknown, defaulting to 1000
[  235.354434][ T8150] loop0: detected capacity change from 0 to 512
[  235.367671][ T8150] EXT4-fs (loop0): orphan cleanup on readonly fs
[  235.374483][ T8150] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.1433: bad orphan inode 13
[  235.381998][ T8150] ext4_test_bit(bit=12, block=18) = 1
[  235.385847][ T8150] is_bad_inode(inode)=0
[  235.387544][ T8150] NEXT_ORPHAN(inode)=2130706432
[  235.391590][ T8150] max_ino=32
[  235.392476][ T8150] i_nlink=1
[  235.394611][ T8150] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  235.415901][ T8150] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  235.476835][ T8150] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1433: bg 0: block 248: padding at end of block bitmap is not set
[  235.486644][ T8150] __quota_error: 35 callbacks suppressed
[  235.486657][ T8150] Quota error (device loop0): write_blk: dquota write failed
[  235.493523][ T8150] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  235.499729][ T8150] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1433: Failed to acquire dquot type 1
[  235.510078][ T8150] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  235.574024][ T8146] lo speed is unknown, defaulting to 1000
[  235.609705][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  235.766075][ T8161] loop0: detected capacity change from 0 to 512
[  235.805366][ T8158] capability: warning: `syz.3.1435' uses 32-bit capabilities (legacy support in use)
[  235.883276][ T8161] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  236.141626][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  236.374365][ T8194] netlink: 'syz.0.1440': attribute type 4 has an invalid length.
[  236.556468][ T8206] netlink: 'syz.2.1443': attribute type 10 has an invalid length.
[  236.560722][ T8206] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1443'.
[  236.564609][ T8206] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  236.729313][ T8213] device syzkaller0 entered promiscuous mode
[  236.841363][ T8218] ipt_CLUSTERIP: Please specify destination IP
[  236.954875][ T8218] loop1: detected capacity change from 0 to 512
[  237.726103][ T8224] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1451'.
[  237.747690][ T8218] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  237.864986][ T8234] loop2: detected capacity change from 0 to 512
[  237.867560][ T8234] journal_path: Lookup failure for './file0/../file0'
[  237.869826][ T8234] EXT4-fs: error: could not find journal device path
[  237.993644][ T8238] netlink: 'syz.0.1455': attribute type 10 has an invalid length.
[  237.995833][ T8238] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1455'.
[  238.092908][ T8245] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  238.114010][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  238.129242][ T8247] vhci_hcd: invalid port number 96
[  238.130675][ T8247] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  238.272833][   T27] audit: type=1326 audit(238.240:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.278954][   T27] audit: type=1326 audit(238.240:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.284704][   T27] audit: type=1326 audit(238.240:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.310896][   T27] audit: type=1326 audit(238.240:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.329707][   T27] audit: type=1326 audit(238.240:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.342870][   T27] audit: type=1326 audit(238.240:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.349492][   T27] audit: type=1326 audit(238.240:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.355490][   T27] audit: type=1326 audit(238.240:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.4.1465" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb415a8a8 code=0x7ffc0000
[  238.429973][ T8266] device syzkaller0 entered promiscuous mode
[  238.504926][ T8268] netlink: 'syz.3.1470': attribute type 10 has an invalid length.
[  238.507350][ T8268] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1470'.
[  238.764493][ T8287] loop2: detected capacity change from 0 to 164
[  238.779157][ T8288] loop0: detected capacity change from 0 to 256
[  238.805498][ T8287] syz.2.1480: attempt to access beyond end of device
[  238.805498][ T8287] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  238.818800][ T8287] syz.2.1480: attempt to access beyond end of device
[  238.818800][ T8287] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  238.833738][ T8288] FAT-fs (loop0): Directory bread(block 64) failed
[  238.845700][ T8288] FAT-fs (loop0): Directory bread(block 65) failed
[  238.852948][ T8288] FAT-fs (loop0): Directory bread(block 66) failed
[  238.864908][ T8288] FAT-fs (loop0): Directory bread(block 67) failed
[  238.872627][ T8288] FAT-fs (loop0): Directory bread(block 68) failed
[  238.876840][ T8288] FAT-fs (loop0): Directory bread(block 69) failed
[  238.893578][ T8288] FAT-fs (loop0): Directory bread(block 70) failed
[  238.903276][ T8288] FAT-fs (loop0): Directory bread(block 71) failed
[  238.910710][ T8288] FAT-fs (loop0): Directory bread(block 72) failed
[  238.914957][ T8292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1482'.
[  238.919485][ T8288] FAT-fs (loop0): Directory bread(block 73) failed
[  238.954444][ T8294] netlink: 'syz.1.1483': attribute type 10 has an invalid length.
[  238.959629][ T8294] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1483'.
[  239.126846][ T8304] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1485'.
[  239.147439][ T8304] device vlan2 entered promiscuous mode
[  239.153240][ T8304] device ip6gretap0 entered promiscuous mode
[  239.443793][ T8312] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  239.456633][ T8310] tipc: Disabling bearer <eth:syzkaller0>
[  239.605391][ T8320] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1495'.
[  240.542373][ T8334] netlink: 'syz.1.1498': attribute type 10 has an invalid length.
[  240.542395][ T8334] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1498'.
[  240.629339][ T8342] netlink: 'syz.4.1502': attribute type 21 has an invalid length.
[  240.631864][ T8342] netlink: 'syz.4.1502': attribute type 1 has an invalid length.
[  240.647503][ T8342] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1502'.
[  240.992618][ T8351] loop1: detected capacity change from 0 to 512
[  241.314556][ T8351] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.1506: bad orphan inode 15
[  241.319662][ T8351] ext4_test_bit(bit=14, block=18) = 1
[  241.321356][ T8351] is_bad_inode(inode)=0
[  241.322521][ T8351] NEXT_ORPHAN(inode)=1023
[  241.323746][ T8351] max_ino=32
[  241.324688][ T8351] i_nlink=0
[  241.330175][ T8351] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2934: inode #15: comm syz.1.1506: corrupted xattr block 19
[  241.336244][ T8351] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[  241.339325][ T8351] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  242.901789][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  243.063210][ T4776] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.151158][ T4776] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.156289][ T8364] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  243.161374][ T8362] tipc: Disabling bearer <eth:syzkaller0>
[  243.169016][ T8368] netlink: 'syz.2.1513': attribute type 10 has an invalid length.
[  243.171370][ T8368] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1513'.
[  243.173938][ T8368] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  243.230681][ T4776] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.242341][ T8373] lo speed is unknown, defaulting to 1000
[  243.340766][ T4776] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.348662][ T8373] lo speed is unknown, defaulting to 1000
[  243.363445][ T8377] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  243.369051][ T8378] IPv4: Oversized IP packet from 127.202.26.0
[  243.390581][ T4300] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  243.394201][ T4300] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  243.396864][ T4300] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  243.413820][ T4300] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  243.418551][ T8375] tipc: Disabling bearer <eth:syzkaller0>
[  243.421943][ T4300] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  243.424943][ T4300] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  243.671373][ T8380] lo speed is unknown, defaulting to 1000
[  243.708720][ T4776] tipc: Left network mode
[  243.757132][ T8396] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  243.861988][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  243.862005][   T27] audit: type=1326 audit(243.830:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.893419][   T27] audit: type=1326 audit(243.830:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.903684][   T27] audit: type=1326 audit(243.860:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.911874][   T27] audit: type=1326 audit(243.860:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.928417][   T27] audit: type=1326 audit(243.860:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.934330][   T27] audit: type=1326 audit(243.860:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.940730][   T27] audit: type=1326 audit(243.860:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.947031][   T27] audit: type=1326 audit(243.860:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.962126][   T27] audit: type=1326 audit(243.860:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  243.968416][   T27] audit: type=1326 audit(243.860:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.0.1522" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  244.085786][ T8416] loop2: detected capacity change from 0 to 512
[  244.137628][ T8380] lo speed is unknown, defaulting to 1000
[  244.192706][ T8416] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  244.591093][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  244.712026][ T8441] netlink: 'syz.0.1528': attribute type 13 has an invalid length.
[  244.725743][ T8441] infiniband s
z1: set down
[  245.049286][ T8441] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.051617][ T8441] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.460122][ T4302] Bluetooth: hci4: command 0x0409 tx timeout
[  245.625963][ T8441] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.659050][ T8441] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.986063][ T8441] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  245.988783][ T8441] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  245.991190][ T8441] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  245.994105][ T8441] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.307365][ T4400] lo speed is unknown, defaulting to 1000
[  246.352827][ T8447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  246.373775][ T4400] lo speed is unknown, defaulting to 1000
[  246.377516][ T8444] tipc: Disabling bearer <eth:syzkaller0>
[  246.387550][ T8380] chnl_net:caif_netlink_parms(): no params data found
[  246.504462][ T8464] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  246.666779][ T8480] netlink: 404 bytes leftover after parsing attributes in process `syz.4.1536'.
[  246.762739][ T8380] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.772836][ T8380] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.793296][ T8380] device bridge_slave_0 entered promiscuous mode
[  246.904943][ T8380] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.904987][ T8380] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.905600][ T8380] device bridge_slave_1 entered promiscuous mode
[  247.299383][ T8380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.375262][ T8380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.537986][ T4302] Bluetooth: hci4: command 0x041b tx timeout
[  247.806009][ T8521] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  247.808199][ T8523] sch_tbf: burst 32854 is lower than device lo mtu (11337746) !
[  247.915141][ T8535] loop1: detected capacity change from 0 to 1024
[  247.946635][ T8380] team0: Port device team_slave_0 added
[  247.984154][ T8517] tipc: Disabling bearer <eth:syzkaller0>
[  247.986366][ T8535] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  248.026062][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  248.086948][ T8380] team0: Port device team_slave_1 added
[  248.328441][ T4776] device veth1_macvtap left promiscuous mode
[  248.330520][ T4776] device veth0_macvtap left promiscuous mode
[  248.333188][ T4776] device veth1_vlan left promiscuous mode
[  248.334873][ T4776] device veth0_vlan left promiscuous mode
[  248.654305][ T4776] team0 (unregistering): Port device geneve0 removed
[  248.668272][ T8562] vhci_hcd: invalid port number 96
[  248.669719][ T8562] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  248.713457][ T8565] 9pnet_fd: Insufficient options for proto=fd
[  248.826411][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  248.828322][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  249.618265][ T4313] Bluetooth: hci4: command 0x040f tx timeout
[  251.697924][ T4302] Bluetooth: hci4: command 0x0419 tx timeout
[  251.720918][ T4776] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  253.191015][ T4776] bond0 (unregistering): Released all slaves
[  253.422096][ T8380] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.424132][ T8380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.431529][ T8380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.440183][ T8568] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1554'.
[  253.470213][ T8380] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.472217][ T8380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.484464][ T8380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.574667][ T8578] loop2: detected capacity change from 0 to 512
[  253.589847][ T8380] device hsr_slave_0 entered promiscuous mode
[  253.613694][ T8578] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  253.629882][ T8380] device hsr_slave_1 entered promiscuous mode
[  253.633197][ T8578] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #2: comm syz.2.1558: corrupted inode contents
[  253.637535][ T8578] EXT4-fs error (device loop2): ext4_dirty_inode:6118: inode #2: comm syz.2.1558: mark_inode_dirty error
[  253.638406][ T8578] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #2: comm syz.2.1558: corrupted inode contents
[  253.639591][ T8578] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #2: comm syz.2.1558: corrupted inode contents
[  253.639900][ T8578] EXT4-fs error (device loop2): ext4_setattr:5512: inode #2: comm syz.2.1558: mark_inode_dirty error
[  253.653031][ T8380] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  253.653089][ T8380] Cannot create hsr debugfs directory
[  253.677963][ T8584] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.684734][ T4296] EXT4-fs (loop2): unmounting filesystem.
[  253.782433][ T8581] tipc: Disabling bearer <eth:syzkaller0>
[  253.893260][ T8593] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  253.985719][ T8604] device syzkaller0 entered promiscuous mode
[  254.333658][ T8380] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  254.403633][ T8380] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  254.466680][ T8380] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  254.547375][   T27] kauditd_printk_skb: 63 callbacks suppressed
[  254.547388][   T27] audit: type=1326 audit(254.510:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz.2.1566" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  254.566818][   T27] audit: type=1326 audit(254.530:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz.2.1566" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=81 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  254.585117][   T27] audit: type=1326 audit(254.550:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz.2.1566" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  254.603830][ T8380] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  254.785920][ T8626] lo speed is unknown, defaulting to 1000
[  255.198476][ T8626] lo speed is unknown, defaulting to 1000
[  255.244570][ T8380] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.262806][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  255.268688][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  255.289167][ T8380] 8021q: adding VLAN 0 to HW filter on device team0
[  255.291368][ T8648] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  255.375925][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  255.388751][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  255.391423][ T1611] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.393407][ T1611] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.405607][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  255.420568][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  255.423368][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  255.426049][ T1611] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.427997][ T1611] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.467237][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  255.475530][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  255.487587][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  255.493139][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  255.498416][ T1611] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  255.518006][ T8661] loop0: detected capacity change from 0 to 512
[  255.569931][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  255.574043][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  255.604223][   T27] audit: type=1326 audit(255.570:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.615350][ T8661] EXT4-fs (loop0): orphan cleanup on readonly fs
[  255.623557][   T27] audit: type=1326 audit(255.570:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.645876][ T8661] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm wÞ£ÿ: bg 0: block 248: padding at end of block bitmap is not set
[  255.652608][   T27] audit: type=1326 audit(255.570:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.670861][   T27] audit: type=1326 audit(255.570:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.684213][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  255.687172][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  255.697224][   T27] audit: type=1326 audit(255.580:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.719867][   T27] audit: type=1326 audit(255.580:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.735756][   T27] audit: type=1326 audit(255.580:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  255.753783][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  255.756735][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  255.774594][ T8661] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm wÞ£ÿ: Failed to acquire dquot type 1
[  255.794715][ T8661] EXT4-fs (loop0): 1 truncate cleaned up
[  255.801941][ T8661] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  255.833990][ T8661] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm wÞ£ÿ: deleted inode referenced: 12
[  255.904677][ T4303] EXT4-fs (loop0): unmounting filesystem.
[  255.943013][ T8380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  255.951036][ T8675] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  255.977395][ T8678] device syzkaller0 entered promiscuous mode
[  256.245027][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  256.247439][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  256.297553][ T8380] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.696724][ T8714] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  256.766591][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  256.769847][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  256.935944][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  256.940286][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  256.974237][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  256.977577][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  256.988825][ T8380] device veth0_vlan entered promiscuous mode
[  257.002058][ T8380] device veth1_vlan entered promiscuous mode
[  257.034514][ T8735] loop1: detected capacity change from 0 to 256
[  257.091702][ T8734] device syzkaller0 entered promiscuous mode
[  257.094611][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  257.097440][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  257.099176][ T8735] FAT-fs (loop1): Directory bread(block 64) failed
[  257.107462][ T8735] FAT-fs (loop1): Directory bread(block 65) failed
[  257.108315][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  257.113993][ T8735] FAT-fs (loop1): Directory bread(block 66) failed
[  257.119555][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  257.122074][ T8735] FAT-fs (loop1): Directory bread(block 67) failed
[  257.125992][ T8380] device veth0_macvtap entered promiscuous mode
[  257.142481][ T8735] FAT-fs (loop1): Directory bread(block 68) failed
[  257.156456][ T8735] FAT-fs (loop1): Directory bread(block 69) failed
[  257.162163][ T8735] FAT-fs (loop1): Directory bread(block 70) failed
[  257.164005][ T8735] FAT-fs (loop1): Directory bread(block 71) failed
[  257.165870][ T8735] FAT-fs (loop1): Directory bread(block 72) failed
[  257.167649][ T8735] FAT-fs (loop1): Directory bread(block 73) failed
[  257.217338][ T8380] device veth1_macvtap entered promiscuous mode
[  257.262195][ T8740] sch_tbf: burst 32854 is lower than device lo mtu (11337746) !
[  257.298250][ T8735] usb usb1: usbfs: process 8735 (syz.1.1593) did not claim interface 0 before use
[  257.301446][ T8380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.304405][ T8380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.338697][ T8380] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.342827][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  257.345348][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  257.353143][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  257.358302][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  257.430126][ T8380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.433090][ T8380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.449783][ T8380] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.466520][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  257.469777][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  257.522091][ T8380] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.524752][ T8380] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.530166][ T8380] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.532822][ T8380] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.579759][ T8749] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  257.679576][ T4776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.682072][ T4776] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.686649][  T181] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  257.789339][  T181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.791712][  T181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.796444][ T7200] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  257.831651][ T8760] device vlan0 entered promiscuous mode
[  258.064607][ T8773] device syzkaller0 entered promiscuous mode
[  258.143512][ T8771] loop1: detected capacity change from 0 to 164
[  258.175201][ T8579] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  259.075259][ T8786] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1613'.
[  259.143453][ T8788] tipc: Started in network mode
[  259.145004][ T8788] tipc: Node identity e2b126daf13, cluster identity 4711
[  259.154381][ T8788] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.193074][ T8788] device syzkaller0 entered promiscuous mode
[  259.195320][ T8788] tipc: Resetting bearer <eth:syzkaller0>
[  259.206502][ T8787] tipc: Resetting bearer <eth:syzkaller0>
[  259.496033][ T8812] vhci_hcd: invalid port number 96
[  259.497662][ T8812] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  260.187979][ T3875] tipc: Node number set to 327231194
[  271.361525][ T8787] tipc: Disabling bearer <eth:syzkaller0>
[  271.373605][ T8807] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  271.516424][ T8857] netlink: 'syz.0.1628': attribute type 13 has an invalid length.
[  272.002187][ T8889] loop1: detected capacity change from 0 to 2048
[  272.045884][ T8901] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  272.063105][ T8889] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  272.103374][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  272.134833][ T8910] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  272.283274][ T8918] netlink: 'syz.1.1641': attribute type 13 has an invalid length.
[  272.519466][ T8867] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  272.521642][ T8867] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  272.523768][ T8867] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  272.535722][ T8867] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  272.541670][ T8867] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  272.548003][ T8867] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  272.550628][ T8867] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  272.553686][ T8867] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  272.558666][ T8918] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.565863][ T8867] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  272.574573][ T8867] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  272.576619][ T8867] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  272.581744][ T8867] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  272.588585][ T8867] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  272.593169][ T8867] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  272.598154][ T8867] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  273.163092][ T8918] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.211010][ T8918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.656684][ T8918] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.659469][ T8918] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.662273][ T8918] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.664910][ T8918] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.778175][ T4313] Bluetooth: hci0: command 0x0c1a tx timeout
[  273.963454][ T4349] lo speed is unknown, defaulting to 1000
[  274.399348][   T27] kauditd_printk_skb: 32 callbacks suppressed
[  274.399361][   T27] audit: type=1326 audit(274.370:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.0.1649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  274.425248][ T8979] loop1: detected capacity change from 0 to 512
[  274.425383][   T27] audit: type=1326 audit(274.380:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.0.1649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8335a8a8 code=0x7ffc0000
[  274.505120][ T8979] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  274.542527][ T8979] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  274.574730][ T8979] EXT4-fs (loop1): 1 truncate cleaned up
[  274.576355][ T8979] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  274.579229][ T4313] Bluetooth: hci3: command 0x0c1a tx timeout
[  274.580921][ T4313] Bluetooth: hci2: command 0x0c1a tx timeout
[  274.582577][ T4313] Bluetooth: hci1: command 0x0c1a tx timeout
[  274.583144][ T8992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1654'.
[  274.658014][ T4302] Bluetooth: hci4: command 0x0c1a tx timeout
[  274.679428][ T8997] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  274.716521][ T4297] EXT4-fs (loop1): unmounting filesystem.
[  274.835036][   T27] audit: type=1326 audit(274.800:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.842934][   T27] audit: type=1326 audit(274.810:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.858176][   T27] audit: type=1326 audit(274.810:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.864297][   T27] audit: type=1326 audit(274.820:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.884872][   T27] audit: type=1326 audit(274.820:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.895452][   T27] audit: type=1326 audit(274.820:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffff8fb5a8a8 code=0x7ffc0000
[  274.901114][ T9006] loop2: detected capacity change from 0 to 764
[  274.901995][   T27] audit: type=1326 audit(274.820:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff8fb5a8dc code=0x7ffc0000
[  274.914250][   T27] audit: type=1326 audit(274.820:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.2.1657" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffff8fb58f70 code=0x7ffc0000
[  275.006652][ T9013] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  275.133603][ T9013] device syzkaller0 entered promiscuous mode
[  275.135786][ T9013] tipc: Resetting bearer <eth:syzkaller0>
[  275.152937][ T9018] device syzkaller0 entered promiscuous mode
[  275.256691][ T9010] tipc: Resetting bearer <eth:syzkaller0>
[  275.409026][ T9039] loop5: detected capacity change from 0 to 1024
[  275.479699][ T9039] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  275.667542][ T7200] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm kworker/u4:17: bg 0: block 393: padding at end of block bitmap is not set
[  275.674932][ T7200] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[  275.683090][ T7200] EXT4-fs (loop5): This should not happen!! Data will be lost
[  275.683090][ T7200] 
[  275.742376][ T8380] EXT4-fs (loop5): unmounting filesystem.
[  275.868143][ T4313] Bluetooth: hci0: command 0x0406 tx timeout
[  276.106798][ T4349] tipc: Node number set to 973615327
[  276.657936][ T4302] Bluetooth: hci1: command 0x0406 tx timeout
[  276.659718][ T4302] Bluetooth: hci2: command 0x0406 tx timeout
[  276.661430][ T4302] Bluetooth: hci3: command 0x0406 tx timeout
[  276.738035][ T4313] Bluetooth: hci4: command 0x0406 tx timeout
[  286.510380][ T9010] tipc: Disabling bearer <eth:syzkaller0>
[  286.513567][ T9033] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  286.763170][ T9071] loop4: detected capacity change from 0 to 512
[  286.779489][ T9075] sch_tbf: burst 32854 is lower than device lo mtu (11337746) !
[  286.836875][ T9071] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  286.878928][ T9071] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #2: comm syz.4.1667: corrupted inode contents
[  286.883529][ T9071] EXT4-fs error (device loop4): ext4_dirty_inode:6118: inode #2: comm syz.4.1667: mark_inode_dirty error
[  286.914688][ T9071] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #2: comm syz.4.1667: corrupted inode contents
[  286.942541][ T9071] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.1667: mark_inode_dirty error
[  286.962248][ T9083] 
[  286.962977][ T9083] ======================================================
[  286.964988][ T9083] WARNING: possible circular locking dependency detected
[  286.966923][ T9083] 6.1.141-syzkaller #0 Not tainted
[  286.968327][ T9083] ------------------------------------------------------
[  286.970331][ T9083] syz.4.1667/9083 is trying to acquire lock:
[  286.972263][ T9083] ffff0000f522d228 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x50/0x1c4
[  286.974688][ T9083] 
[  286.974688][ T9083] but task is already holding lock:
[  286.976689][ T9083] ffff0000f51f48c0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x7c4/0x1770
[  286.979652][ T9083] 
[  286.979652][ T9083] which lock already depends on the new lock.
[  286.979652][ T9083] 
[  286.982483][ T9083] 
[  286.982483][ T9083] the existing dependency chain (in reverse order) is:
[  286.984980][ T9083] 
[  286.984980][ T9083] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[  286.987203][ T9083]        down_read+0x64/0x304
[  286.988468][ T9083]        ext4_map_blocks+0x278/0x1770
[  286.990022][ T9083]        ext4_getblk+0x170/0x654
[  286.991395][ T9083]        ext4_bread+0x3c/0x1b0
[  286.992708][ T9083]        ext4_quota_write+0x228/0x51c
[  286.994151][ T9083]        get_free_dqblk+0x284/0x574
[  286.995564][ T9083]        do_insert_tree+0x1c4/0xc38
[  286.997026][ T9083]        do_insert_tree+0x794/0xc38
[  286.998471][ T9083]        do_insert_tree+0x768/0xc38
[  286.999907][ T9083]        do_insert_tree+0x768/0xc38
[  287.001338][ T9083]        qtree_write_dquot+0x3bc/0x4c8
[  287.002854][ T9083]        v2_write_dquot+0xf0/0x180
[  287.004264][ T9083]        dquot_acquire+0x2a8/0x4e0
[  287.005675][ T9083]        ext4_acquire_dquot+0x270/0x428
[  287.007320][ T9083]        dqget+0x654/0xccc
[  287.008560][ T9083]        __dquot_initialize+0x264/0xa80
[  287.010064][ T9083]        add_dquot_ref+0x298/0x360
[  287.011450][ T9083]        dquot_load_quota_sb+0x7c4/0xa24
[  287.012973][ T9083]        dquot_load_quota_inode+0x274/0x4e4
[  287.014680][ T9083]        ext4_enable_quotas+0x3c4/0xa4c
[  287.016232][ T9083]        ext4_reconfigure+0x1734/0x2268
[  287.017799][ T9083]        reconfigure_super+0x1d4/0x79c
[  287.019415][ T9083]        vfs_fsconfig_locked+0x164/0x374
[  287.021016][ T9083]        __arm64_sys_fsconfig+0x634/0x77c
[  287.022616][ T9083]        invoke_syscall+0x98/0x2bc
[  287.024094][ T9083]        el0_svc_common+0x138/0x258
[  287.025552][ T9083]        do_el0_svc+0x58/0x13c
[  287.026867][ T9083]        el0_svc+0x58/0x138
[  287.028149][ T9083]        el0t_64_sync_handler+0x84/0xf0
[  287.029677][ T9083]        el0t_64_sync+0x18c/0x190
[  287.031114][ T9083] 
[  287.031114][ T9083] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[  287.033405][ T9083]        down_read+0x64/0x304
[  287.034757][ T9083]        v2_read_dquot+0x4c/0x118
[  287.036168][ T9083]        dquot_acquire+0x120/0x4e0
[  287.037597][ T9083]        ext4_acquire_dquot+0x270/0x428
[  287.039139][ T9083]        dqget+0x654/0xccc
[  287.040364][ T9083]        __dquot_initialize+0x2d4/0xa80
[  287.041922][ T9083]        dquot_initialize+0x24/0x34
[  287.043375][ T9083]        ext4_set_acl+0x124/0x4bc
[  287.044809][ T9083]        posix_acl_xattr_set+0x2f8/0x398
[  287.046419][ T9083]        __vfs_setxattr+0x388/0x3a4
[  287.047918][ T9083]        __vfs_setxattr_noperm+0x120/0x564
[  287.049603][ T9083]        __vfs_setxattr_locked+0x1ec/0x218
[  287.051204][ T9083]        vfs_setxattr+0x158/0x2ac
[  287.052622][ T9083]        setxattr+0x228/0x28c
[  287.053958][ T9083]        path_setxattr+0x12c/0x25c
[  287.055399][ T9083]        __arm64_sys_setxattr+0xbc/0xd8
[  287.057022][ T9083]        invoke_syscall+0x98/0x2bc
[  287.058468][ T9083]        el0_svc_common+0x138/0x258
[  287.059973][ T9083]        do_el0_svc+0x58/0x13c
[  287.061331][ T9083]        el0_svc+0x58/0x138
[  287.062582][ T9083]        el0t_64_sync_handler+0x84/0xf0
[  287.064263][ T9083]        el0t_64_sync+0x18c/0x190
[  287.065689][ T9083] 
[  287.065689][ T9083] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[  287.067833][ T9083]        __lock_acquire+0x293c/0x6544
[  287.069374][ T9083]        lock_acquire+0x20c/0x644
[  287.070849][ T9083]        __mutex_lock_common+0x190/0x1f38
[  287.072482][ T9083]        mutex_lock_nested+0x38/0x44
[  287.073886][ T9083]        dquot_commit+0x50/0x1c4
[  287.075299][ T9083]        ext4_write_dquot+0x1b4/0x31c
[  287.076758][ T9083]        ext4_mark_dquot_dirty+0xe8/0x140
[  287.078431][ T9083]        mark_all_dquot_dirty+0x108/0x424
[  287.080011][ T9083]        __dquot_alloc_space+0x560/0xce8
[  287.081560][ T9083]        ext4_mb_new_blocks+0xd30/0x435c
[  287.083187][ T9083]        ext4_ext_map_blocks+0x1018/0x559c
[  287.084750][ T9083]        ext4_map_blocks+0x860/0x1770
[  287.086217][ T9083]        ext4_getblk+0x170/0x654
[  287.087542][ T9083]        ext4_bread+0x3c/0x1b0
[  287.088825][ T9083]        ext4_append+0x238/0x474
[  287.090228][ T9083]        ext4_init_new_dir+0x264/0x4f4
[  287.091766][ T9083]        ext4_mkdir+0x3c0/0xa2c
[  287.093089][ T9083]        vfs_mkdir+0x314/0x4d4
[  287.094419][ T9083]        do_mkdirat+0x1b4/0x3e0
[  287.095747][ T9083]        __arm64_sys_mkdirat+0x90/0xa8
[  287.097372][ T9083]        invoke_syscall+0x98/0x2bc
[  287.098822][ T9083]        el0_svc_common+0x138/0x258
[  287.100284][ T9083]        do_el0_svc+0x58/0x13c
[  287.101645][ T9083]        el0_svc+0x58/0x138
[  287.102878][ T9083]        el0t_64_sync_handler+0x84/0xf0
[  287.104420][ T9083]        el0t_64_sync+0x18c/0x190
[  287.105785][ T9083] 
[  287.105785][ T9083] other info that might help us debug this:
[  287.105785][ T9083] 
[  287.108673][ T9083] Chain exists of:
[  287.108673][ T9083]   &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[  287.108673][ T9083] 
[  287.112438][ T9083]  Possible unsafe locking scenario:
[  287.112438][ T9083] 
[  287.114555][ T9083]        CPU0                    CPU1
[  287.116076][ T9083]        ----                    ----
[  287.117575][ T9083]   lock(&ei->i_data_sem/2);
[  287.118845][ T9083]                                lock(&s->s_dquot.dqio_sem);
[  287.120920][ T9083]                                lock(&ei->i_data_sem/2);
[  287.122909][ T9083]   lock(&dquot->dq_lock);
[  287.124144][ T9083] 
[  287.124144][ T9083]  *** DEADLOCK ***
[  287.124144][ T9083] 
[  287.126389][ T9083] 4 locks held by syz.4.1667/9083:
[  287.127767][ T9083]  #0: ffff0000cbd9c460 (sb_writers#3){++++}-{0:0}, at: mnt_want_write+0x44/0x9c
[  287.130364][ T9083]  #1: ffff0000e1f32218 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: filename_create+0x1ac/0x39c
[  287.133331][ T9083]  #2: ffff0000f51f48c0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x7c4/0x1770
[  287.136090][ T9083]  #3: ffff80001537d548 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x10/0x4c
[  287.138689][ T9083] 
[  287.138689][ T9083] stack backtrace:
[  287.140382][ T9083] CPU: 1 PID: 9083 Comm: syz.4.1667 Not tainted 6.1.141-syzkaller #0
[  287.142652][ T9083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.145478][ T9083] Call trace:
[  287.146403][ T9083]  dump_backtrace+0x1c8/0x1f4
[  287.147938][ T9083]  show_stack+0x2c/0x3c
[  287.149113][ T9083]  __dump_stack+0x30/0x40
[  287.150328][ T9083]  dump_stack_lvl+0xf8/0x160
[  287.151632][ T9083]  dump_stack+0x1c/0x5c
[  287.152776][ T9083]  print_circular_bug+0x148/0x1b0
[  287.154181][ T9083]  check_noncircular+0x240/0x2d4
[  287.155524][ T9083]  __lock_acquire+0x293c/0x6544
[  287.156914][ T9083]  lock_acquire+0x20c/0x644
[  287.158148][ T9083]  __mutex_lock_common+0x190/0x1f38
[  287.159532][ T9083]  mutex_lock_nested+0x38/0x44
[  287.160868][ T9083]  dquot_commit+0x50/0x1c4
[  287.162098][ T9083]  ext4_write_dquot+0x1b4/0x31c
[  287.163412][ T9083]  ext4_mark_dquot_dirty+0xe8/0x140
[  287.164859][ T9083]  mark_all_dquot_dirty+0x108/0x424
[  287.166328][ T9083]  __dquot_alloc_space+0x560/0xce8
[  287.167741][ T9083]  ext4_mb_new_blocks+0xd30/0x435c
[  287.169178][ T9083]  ext4_ext_map_blocks+0x1018/0x559c
[  287.170641][ T9083]  ext4_map_blocks+0x860/0x1770
[  287.171963][ T9083]  ext4_getblk+0x170/0x654
[  287.173243][ T9083]  ext4_bread+0x3c/0x1b0
[  287.174399][ T9083]  ext4_append+0x238/0x474
[  287.175589][ T9083]  ext4_init_new_dir+0x264/0x4f4
[  287.176937][ T9083]  ext4_mkdir+0x3c0/0xa2c
[  287.178115][ T9083]  vfs_mkdir+0x314/0x4d4
[  287.179225][ T9083]  do_mkdirat+0x1b4/0x3e0
[  287.180399][ T9083]  __arm64_sys_mkdirat+0x90/0xa8
[  287.181756][ T9083]  invoke_syscall+0x98/0x2bc
[  287.183021][ T9083]  el0_svc_common+0x138/0x258
[  287.184324][ T9083]  do_el0_svc+0x58/0x13c
[  287.185550][ T9083]  el0_svc+0x58/0x138
[  287.186653][ T9083]  el0t_64_sync_handler+0x84/0xf0
[  287.188030][ T9083]  el0t_64_sync+0x18c/0x190
[  287.202870][ T9071] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #18: comm syz.4.1667: directory missing '.'
[  287.231318][ T4304] EXT4-fs (loop4): unmounting filesystem.