last executing test programs:

4.420260234s ago: executing program 3 (id=1879):
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f00000000c0)=0x8000000000000001, 0x263)

4.273172475s ago: executing program 3 (id=1882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x200000000003}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r2, 0x5608)

4.064881458s ago: executing program 3 (id=1886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000280)}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000380)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000480)=ANY=[], 0x0)

2.682723585s ago: executing program 2 (id=1908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000200000000000000000850000"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x74}, 0x1, 0x0, 0x0, 0x4048000}, 0x880)

2.617984236s ago: executing program 1 (id=1909):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000240)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

2.540169218s ago: executing program 0 (id=1910):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="c2a1c8a71372f3b1d929915a2924c3dc123328b883e797ff7719ce7165d09f5c1f192c5d55869caadb50e9470d0665be4b864c3ee2068889b7bf1d24c64b15ad395ff9abf46d92ee4436a4cd7a99f858c9ef799612bda96294b26bb0ec447db56aa63362a7c5152bfb14a3a1dcabd12aa922caa3413e68e738b921c2df023e"}], 0x4, 0x0, 0x0, 0x408c4}}], 0x1, 0x6001010)
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

2.540019558s ago: executing program 4 (id=1911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10)

2.532129787s ago: executing program 2 (id=1912):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22000406, &(0x7f00000014c0)={[{@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x40}}, {@errors_continue}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@noload}, {@acl}, {@jqfmt_vfsv1}, {@noquota}], [], 0x2c}, 0x0, 0x4bf, &(0x7f0000001000)="$eJzs3E1oHGUfAPD/TD763aR9+76v/dCuVjFYTZq0ag8eVBR6EQQ9VPAS01hq01aaCLYUG0XqUTx5VI+C4MmLJwUR9aR41bsIRXpp9SArszuT7Ca7280m29ju7we7+zzzsc/8Z54n88w8mQ2gZ5WytyRia0T8EhFD1Wz9AqXqx41rl6b+vHZpKoly+YU/kspy169dmioWLdbbkmdG0oj03ST2Nih39sLF05MzM9Pn8/zY3JnXx2YvXHzk1JnJk9Mnp89OHD165PD4449NPLomcWZxXd/z1rl9u4+99MFzU+V45fvPsu3dms+vjaNqeNVllqIU5dzi1MHK+wOr/vZ/l2016aR/HTeEFemLiOxwDVTa/1D0xeLBG4pn31nIfLNOGwh0TXZu2rFsal/+mS6cv4A7UaKNQ48qzvjZ9W/xupX9j/V29ansfboS/438VZ3TH2l2LTtcvWLva7L+/9osp7wkP5h/bo2I4/N/fZS9ouF9CACAtfVV1v95uFH/L63r22zPx1CGI+JgROyMiP9ExK6I+G/eD/p/RNy1wvJLS/LL+z8/beoosDZl/b8n8rGt+v5fmi+RLOS2VeIfSF49NTN9KN8nIzGwIcuPtyjj62d+fr/ZvFJN/y97ZeUXfcF8O37v31C/zonJuclVhFzn6tsRe/obxZ8sjARke2B3ROzp4PuzfXbqoU/3ZentW5bPv0n8rY/9GowzlT+JeLB6/OdjSfyFpFpSs/HJsY0xM31orKgVy/3w45Xna/MDNem6+De2F9PGToNtIDv+mxvW/zz+ohkU47WzKy/jyq/vNb2mWX78kzg+X7tEXv9rakJW/weTFyvp4jrqzcm5ufPjEYP5hLrpE4vrFvli+Sz+kQON2//OiL8/ztfbGxFZJb47Iu6JiP35tt8bEfdFxIEW8X/39P2vtd5Drdp/d2Xxn2h1/COGk9rx+g4Sfae//bJZ+e39/TtSSY3kU9r5+5cXXpyOmm5gp/sNAAAAbidpZQw6SUeLdM3NqV2xOZ05Nzt3sBRvnD1RHasejoG0uNM1VHM/dDy/N1zkJ5bkD0fEjsp/Gm2q5Eenzs1sW8/AgcqzOnXtP9J0dLQ677dm//QC3DlWNI5W+3Tg51+s/cYAt5TnNaF3af/Qu7R/6F3aP/SuRu3/csSNddgU4BZz/ofepf1D79L+oXdp/9CTlj8SX/zQQidP+i8mdh5b1epdT5SHuvLN8ytfq69LkUbtj3Y0TSStfhyhZSLS1ssMtlF6k8TLH1arYPcqQHrTZZ7sYul5Yn+e2BAR7a51ufO92kH9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuP39EwAA///xS9f+")

2.489195778s ago: executing program 1 (id=1913):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
setregid(0x0, 0x0)

2.32805537s ago: executing program 4 (id=1914):
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$netlink(0x10, 0x3, 0x5)
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r3, 0x0, 0x415}, 0x18)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r9, 0x0)
shutdown(r8, 0x0)
connect$unix(r5, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r10 = accept(r9, 0x0, 0x0)
sendto$inet6(r10, &(0x7f00000007c0), 0x0, 0x640408e9, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@set2={{0x28}, {{0x0, 0x40}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

2.32774288s ago: executing program 1 (id=1915):
unshare(0x2a020400)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000014c0)=@nat={'nat\x00', 0x62, 0x5, 0x338, 0x398, 0x2a0, 0xffffffff, 0xe0, 0x188, 0x398, 0x398, 0xffffffff, 0x398, 0x398, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bond\x00', 'wg1\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x22e}}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast1, @remote, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast1, @empty, @gre_key, @icmp_id}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @private, @multicast2, @gre_key}}}}, {{@ip={@remote, @empty, 0x0, 0x0, 'veth1_to_batadv\x00', 'pim6reg\x00', {0xff}}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x16, @remote, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x123400, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

2.31509646s ago: executing program 2 (id=1916):
r0 = socket(0x2b, 0x1, 0x1)
msgsnd(0x0, 0x0, 0x2000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)

2.148105373s ago: executing program 0 (id=1917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, [@srh]}}}}}}}, 0x0)

2.096073223s ago: executing program 2 (id=1918):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r0 = gettid()
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r7, {0xc, 0x6}, {}, {0x7, 0xa}}}, 0x24}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r9, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

1.767853517s ago: executing program 1 (id=1919):
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4, 0x0, 0x9}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x12, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5, 0x0, 0x2}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f00000006c0)=@deltaction={0x14c, 0x31, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x6c, 0x1, [{0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x401}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0x14, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x4}, @TCA_ACT_TAB={0x48, 0x1, [{0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x1}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r6 = syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000680)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r8], 0x118)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00ff000000007110b5000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r6, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0, <r10=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)='%+9llu \x00'}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, r10, {0x2}}, './file0\x00'})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.427578142s ago: executing program 0 (id=1920):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
flock(r0, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
flock(r1, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/4\x00')
read$watch_queue(r2, &(0x7f0000000000)=""/196, 0xc4)

1.204100045s ago: executing program 0 (id=1921):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80084}, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000480), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f0000000280)={&(0x7f0000000100)={0x5, 0x0, 0x0, {0x0, 0xea60}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "1d0b6382972f4b8f"}}, 0x48}}, 0x0)

1.164718325s ago: executing program 4 (id=1922):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0)

987.836207ms ago: executing program 4 (id=1923):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa5a}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x95, 0x3, 0xe4, 0x5, 0x5}, 0x2}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x84}, 0x20000800)

939.923168ms ago: executing program 0 (id=1924):
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x202, 0x0)
socket$netlink(0x10, 0x3, 0xf)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x80, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x2}, 0x11)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x48d40, 0x0)
ioctl$RTC_WKALM_RD(r3, 0x80287010, &(0x7f0000000080))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{}, 0x0, 0x0}, 0x20)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000c40)={0x2, 0x2}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r5}, 0x10)
r6 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000e80)=@mangle={'mangle\x00', 0x44, 0x6, 0x590, 0x0, 0x390, 0x1f8, 0x138, 0x138, 0x4f8, 0x4f8, 0x4f8, 0x4f8, 0x4f8, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x7}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x168, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x3e}, [0x0, 0xffffff00, 0x0, 0xff], @ipv6=@ipv4={'\x00', '\xff\xff', @private=0xa010100}, [0xffffffff, 0xffffffff, 0xffffff00, 0xffffff00], @ipv6=@local, [0x0, 0xffffff00, 0xff000000, 0xffffff00], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff0000ff, 0xff000000, 0xffffffff], 0x5c, 0x6, 0x20, 0x4e22, 0x4e22, 0x4e23, 0x4e21, 0x4, 0x941}, 0x200, 0x104, 0x4e21, 0x4e22, 0x4e24, 0x4e24}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5f0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000c00)={0xffffffffffffffff, &(0x7f0000000b40)="66f3fcba3e48cf0fe4ae40406f6269ad9052dbda4ffd05dc7da608887d9a55562b826896fdfb95cc38cc023497c72e134a61ca1ede12b1d2f3dff3ae6e10ab56fdd7c5dc126d5b56d4d1f819b9c672ae28f5b5852131059749aa4047e40c510e72aca3d134d6e13864b3bb80f5139276b8c70b8ac3f02340cffd3a48", &(0x7f0000000240)=@tcp=r0}, 0x20)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='ext4_es_lookup_extent_enter\x00', r7, 0x0, 0x6}, 0x18)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0xc0)

939.681468ms ago: executing program 3 (id=1925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10)

780.49148ms ago: executing program 0 (id=1926):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newsa={0x154, 0x10, 0x713, 0x70bd28, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x1b}, 0x4e23, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x84, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x33}, {0x0, 0x0, 0x8, 0x9, 0x6}, {0x0, 0x0, 0x2, 0xfffffffffffffffc}, {0xc}, 0x70bd28, 0x0, 0x2}, [@algo_aead={0x61, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0xa8, 0x80, "316f74eeac053deb73fc018493cc121927a9bca207"}}]}, 0x154}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

777.96385ms ago: executing program 3 (id=1927):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="c2a1c8a71372f3b1d929915a2924c3dc123328b883e797ff7719ce7165d09f5c1f192c5d55869caadb50e9470d0665be4b864c3ee2068889b7bf1d24c64b15ad395ff9abf46d92ee4436a4cd7a99f858c9ef799612bda96294b26bb0ec447db56aa63362a7c5152bfb14a3a1dcabd12aa922caa3413e68e738b921c2df023e"}], 0x4, 0x0, 0x0, 0x408c4}}], 0x1, 0x6001010)
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

713.573541ms ago: executing program 2 (id=1928):
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
unshare(0x20040400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x7}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)

616.215072ms ago: executing program 1 (id=1929):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
bind$netlink(r2, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

394.059185ms ago: executing program 4 (id=1930):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2409c8c5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0x68e}, 0x18)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=@newlink={0x5c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8808}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x40, 0x6}}]}]}}}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x5c}, 0x1, 0xba01, 0x0, 0x20004401}, 0x0)

201.591127ms ago: executing program 3 (id=1931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f00000001c0)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50)

170.606358ms ago: executing program 1 (id=1932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

138.57µs ago: executing program 2 (id=1933):
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.log\x00', 0x220000, 0x11)
set_mempolicy(0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r0}, 0x18)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x4, 0x2f, 0x0, @empty, @multicast1}}}})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
brk(0x20001000)
socket(0x2, 0x80805, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)

0s ago: executing program 4 (id=1934):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0xc8, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x1], 0x0, [0x8, 0x4], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x18, 0x4, 0x8000}]}]}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x16, 0x5, 0x1, 0x80000003, 0x0, 0xffffffff, 0x7fffffff}}, {0x4}}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

kernel console output (not intermixed with test programs):

[ T5346] netlink: 'syz.0.415': attribute type 29 has an invalid length.
[  117.399886][ T5346] netlink: 'syz.0.415': attribute type 29 has an invalid length.
[  117.496394][ T5351] loop3: detected capacity change from 0 to 1024
[  117.573334][ T5351] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  117.754957][ T5360] loop2: detected capacity change from 0 to 512
[  118.115921][ T5370] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  118.133888][ T5370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  118.142451][ T5370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  118.340406][ T5360] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  118.502420][ T5360] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.595071][   T27] audit: type=1800 audit(1748427921.410:178): pid=5360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.420" name="file1" dev="loop2" ino=18 res=0 errno=0
[  118.667731][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  118.772641][ T5376] __nla_validate_parse: 8 callbacks suppressed
[  118.772659][ T5376] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.427'.
[  118.791943][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  118.973662][ T5382] sch_fq: defrate 2048 ignored.
[  119.021659][ T5385] loop2: detected capacity change from 0 to 2048
[  119.106700][ T5387] netlink: 'syz.0.429': attribute type 29 has an invalid length.
[  119.114531][ T5387] netlink: 'syz.0.429': attribute type 29 has an invalid length.
[  119.132943][ T5390] netlink: 40 bytes leftover after parsing attributes in process `syz.4.430'.
[  119.153921][ T5385] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  119.278511][ T5395] netlink: 20 bytes leftover after parsing attributes in process `syz.1.431'.
[  119.295524][ T5395] netlink: 20 bytes leftover after parsing attributes in process `syz.1.431'.
[  119.422896][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  119.556885][ T5404] loop0: detected capacity change from 0 to 1024
[  119.633671][ T5404] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  119.730998][ T5412] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  119.730998][ T5412]    program syz.3.439 not setting count and/or reply_len properly
[  119.771863][ T5411] loop2: detected capacity change from 0 to 512
[  119.959414][ T5411] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  120.151069][ T5423] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  120.168258][ T5423] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  120.176759][ T5423] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  120.306753][ T5411] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.577727][ T5421] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.442'.
[  120.645892][   T27] audit: type=1800 audit(1748427923.430:179): pid=5411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.437" name="file1" dev="loop2" ino=18 res=0 errno=0
[  120.723829][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  120.741840][ T5430] netlink: 40 bytes leftover after parsing attributes in process `syz.3.444'.
[  120.814002][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  120.998367][ T5435] netlink: 'syz.2.446': attribute type 29 has an invalid length.
[  121.021223][ T5435] netlink: 'syz.2.446': attribute type 29 has an invalid length.
[  121.023704][ T5439] netlink: 20 bytes leftover after parsing attributes in process `syz.3.448'.
[  121.091492][ T5439] netlink: 20 bytes leftover after parsing attributes in process `syz.3.448'.
[  121.267643][ T5446] netlink: 8 bytes leftover after parsing attributes in process `syz.4.451'.
[  121.481552][ T5456] loop3: detected capacity change from 0 to 512
[  121.540312][ T5456] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  121.545066][ T5457] loop2: detected capacity change from 0 to 1024
[  121.584041][ T5456] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.634107][ T5457] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  121.648311][ T5461] netlink: 40 bytes leftover after parsing attributes in process `syz.0.459'.
[  121.673233][   T27] audit: type=1800 audit(1748427924.490:180): pid=5456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.456" name="file1" dev="loop3" ino=18 res=0 errno=0
[  122.081474][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  122.096041][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  122.104646][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  122.501599][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  122.637202][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  122.746389][ T5474] device bond1 entered promiscuous mode
[  122.754590][ T5474] 8021q: adding VLAN 0 to HW filter on device bond1
[  122.967084][ T5474] bond1 (unregistering): Released all slaves
[  122.974785][ T5482] netlink: 'syz.3.462': attribute type 29 has an invalid length.
[  123.025993][ T5482] netlink: 'syz.3.462': attribute type 29 has an invalid length.
[  123.374541][ T5496] loop1: detected capacity change from 0 to 1024
[  123.392597][ T5496] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.423817][ T5499] loop2: detected capacity change from 0 to 512
[  123.505538][ T5496] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e814c018, mo2=0002]
[  123.513803][ T5496] System zones: 0-1, 3-12
[  123.543621][ T5496] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  123.628254][ T5499] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  123.670550][ T5499] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.684452][ T5505] loop0: detected capacity change from 0 to 1024
[  123.749129][   T27] audit: type=1800 audit(1748427926.570:181): pid=5499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.473" name="file1" dev="loop2" ino=18 res=0 errno=0
[  123.795255][ T5505] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  123.854584][ T5517] __nla_validate_parse: 4 callbacks suppressed
[  123.854601][ T5517] netlink: 20 bytes leftover after parsing attributes in process `syz.4.479'.
[  123.878197][ T5517] netlink: 20 bytes leftover after parsing attributes in process `syz.4.479'.
[  123.965212][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  123.998127][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  124.360731][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  124.377654][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  124.386338][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  124.904209][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  124.968778][ T5532] netlink: 'syz.1.481': attribute type 29 has an invalid length.
[  125.036170][ T5532] netlink: 'syz.1.481': attribute type 29 has an invalid length.
[  125.311732][ T5545] loop3: detected capacity change from 0 to 1024
[  125.353905][ T5545] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.391143][ T5545] EXT4-fs: Ignoring removed nobh option
[  125.410597][ T5550] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.490'.
[  125.411255][ T5545] EXT4-fs: Ignoring removed bh option
[  125.458132][ T5552] loop0: detected capacity change from 0 to 512
[  125.507365][ T5545] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  125.625695][ T5561] netlink: 20 bytes leftover after parsing attributes in process `syz.1.494'.
[  125.664288][ T5552] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  125.684685][ T5561] netlink: 20 bytes leftover after parsing attributes in process `syz.1.494'.
[  125.685234][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  125.720375][ T5552] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.783520][   T27] audit: type=1800 audit(1748427928.600:182): pid=5552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.491" name="file1" dev="loop0" ino=18 res=0 errno=0
[  125.972696][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  126.202606][ T5572] netlink: 'syz.3.500': attribute type 29 has an invalid length.
[  126.210691][ T5572] netlink: 'syz.3.500': attribute type 29 has an invalid length.
[  126.219577][ T5573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.498'.
[  126.399935][ T5578] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  126.416254][ T5578] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  126.424585][ T5578] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  127.098929][ T5586] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.505'.
[  127.633631][ T5610] random: crng reseeded on system resumption
[  127.711338][ T5616] netlink: 'syz.1.514': attribute type 29 has an invalid length.
[  127.726141][ T5617] loop3: detected capacity change from 0 to 1024
[  127.733104][ T5616] netlink: 'syz.1.514': attribute type 29 has an invalid length.
[  127.802248][ T5617] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  128.243819][ T5628] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  128.261133][ T5628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  128.269991][ T5628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  128.791378][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  129.025737][ T5636] netlink: 202920 bytes leftover after parsing attributes in process `syz.0.522'.
[  129.712442][ T5655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.528'.
[  129.808846][ T5658] netlink: 'syz.2.530': attribute type 29 has an invalid length.
[  129.823562][ T5658] netlink: 'syz.2.530': attribute type 29 has an invalid length.
[  130.289663][ T5667] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  130.291649][ T5667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  130.291777][ T5667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  131.098347][ T5672] loop2: detected capacity change from 0 to 128
[  131.125839][ T5672] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  131.177159][ T5673] netlink: 202920 bytes leftover after parsing attributes in process `syz.4.536'.
[  131.837942][ T5685] loop2: detected capacity change from 0 to 512
[  131.962417][   T27] audit: type=1326 audit(1748427934.780:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  131.994470][ T5685] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  132.031706][ T5685] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.041633][   T27] audit: type=1326 audit(1748427934.810:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.125236][   T27] audit: type=1326 audit(1748427934.810:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.212742][   T27] audit: type=1326 audit(1748427934.810:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.276489][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  132.299716][   T27] audit: type=1326 audit(1748427934.810:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.359988][ T5698] netlink: 'syz.1.545': attribute type 3 has an invalid length.
[  132.396566][   T27] audit: type=1326 audit(1748427934.810:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.442353][ T5701] loop0: detected capacity change from 0 to 1024
[  132.496139][   T27] audit: type=1326 audit(1748427934.810:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  132.567588][ T5701] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  132.720764][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  132.727193][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  132.836586][   T27] audit: type=1326 audit(1748427934.810:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  133.396723][ T5720] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  133.407154][ T5720] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  133.414663][ T5720] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  133.507437][   T27] audit: type=1326 audit(1748427934.810:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  133.606360][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  133.806609][   T27] audit: type=1326 audit(1748427934.810:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5688 comm="syz.4.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  133.980396][ T5736] loop3: detected capacity change from 0 to 512
[  134.069534][ T5736] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  134.102046][ T5736] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.298735][ T5751] netlink: 16 bytes leftover after parsing attributes in process `syz.4.564'.
[  134.326471][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  134.334014][ T5750] loop2: detected capacity change from 0 to 1024
[  134.416644][ T5750] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  134.430892][ T5755] loop1: detected capacity change from 0 to 512
[  134.784259][ T5755] EXT4-fs (loop1): 1 orphan inode deleted
[  134.888667][ T5765] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  134.903729][ T5765] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  134.912309][ T5765] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  135.247265][ T5755] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  135.313433][ T5755] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.340945][ T5771] netlink: 'syz.4.568': attribute type 13 has an invalid length.
[  135.416552][ T5424] EXT4-fs error (device loop1): ext4_release_dquot:6838: comm kworker/u4:15: Failed to release dquot type 1
[  135.497481][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  135.708918][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  136.207541][ T5799] loop3: detected capacity change from 0 to 512
[  136.280652][ T5799] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  136.305855][ T5799] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.440808][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  136.461222][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.469760][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.576441][ T5808] loop0: detected capacity change from 0 to 1024
[  136.679401][ T5808] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  138.095887][ T5771] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.157160][ T5771] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.525716][ T5836] loop3: detected capacity change from 0 to 512
[  138.598513][ T5836] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  138.620760][ T5836] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.650326][   T27] kauditd_printk_skb: 29 callbacks suppressed
[  138.650342][   T27] audit: type=1800 audit(1748427941.470:221): pid=5836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.590" name="file1" dev="loop3" ino=18 res=0 errno=0
[  138.710919][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  138.901794][ T5771] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.910447][ T5771] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.918995][ T5771] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.927443][ T5771] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.082967][ T5818] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  139.093299][ T5818] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  139.100999][ T5818] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  139.245644][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  139.301068][ T5847] device ipvlan2 entered promiscuous mode
[  139.324717][ T5847] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  139.369913][ T5847] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  139.426623][ T5851] syz.0.594[5851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.426732][ T5851] syz.0.594[5851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.452501][   T22] kernel write not supported for file bpf-prog (pid: 22 comm: kworker/1:0)
[  139.460267][ T5851] hub 8-0:1.0: USB hub found
[  139.481584][ T5851] hub 8-0:1.0: 1 port detected
[  139.717600][ T5859] netlink: 28 bytes leftover after parsing attributes in process `syz.0.599'.
[  139.883421][ T5865] loop3: detected capacity change from 0 to 512
[  139.967310][ T5865] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  140.010093][ T5865] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.061027][ T5872] loop0: detected capacity change from 0 to 1024
[  140.094566][   T27] audit: type=1800 audit(1748427942.910:222): pid=5865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.601" name="file1" dev="loop3" ino=18 res=0 errno=0
[  140.159108][ T5872] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  140.178678][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  140.620671][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  140.636695][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  140.645105][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  141.165198][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  141.624413][ T5900] device wireguard0 entered promiscuous mode
[  142.183803][ T5918] loop0: detected capacity change from 0 to 512
[  142.337309][ T5923] loop2: detected capacity change from 0 to 1024
[  142.372520][ T5918] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  142.398938][ T5918] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.513324][   T27] audit: type=1800 audit(1748427945.330:223): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.617" name="file1" dev="loop0" ino=18 res=0 errno=0
[  142.528463][ T5923] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  142.594586][ T5931] loop1: detected capacity change from 0 to 4096
[  142.678718][ T5931] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  142.758772][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  143.022331][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  143.036999][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  143.045523][ T5940] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  143.645040][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  143.767203][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  143.876718][ T5954] loop0: detected capacity change from 0 to 1024
[  143.936236][ T5954] EXT4-fs: Ignoring removed bh option
[  143.995643][ T5954] EXT4-fs: inline encryption not supported
[  144.036313][ T5954] EXT4-fs: Ignoring removed i_version option
[  144.140996][ T5954] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #3: block 1: comm syz.0.622: lblock 1 mapped to illegal pblock 1 (length 1)
[  144.202650][ T5954] Quota error (device loop0): write_blk: dquota write failed
[  144.228361][ T5954] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  144.295920][ T5954] EXT4-fs error (device loop0): ext4_acquire_dquot:6802: comm syz.0.622: Failed to acquire dquot type 0
[  144.317625][ T5954] EXT4-fs error (device loop0): ext4_free_blocks:6210: comm syz.0.622: Freeing blocks not in datazone - block = 0, count = 4096
[  144.385723][ T5954] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.622: Invalid inode bitmap blk 0 in block_group 0
[  144.423533][ T5941] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:19: lblock 1 mapped to illegal pblock 1 (length 1)
[  144.465688][ T5954] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  144.495536][ T5941] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  144.504497][ T5954] EXT4-fs (loop0): 1 orphan inode deleted
[  144.520711][ T5954] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  144.524546][ T5941] EXT4-fs error (device loop0): ext4_release_dquot:6838: comm kworker/u4:19: Failed to release dquot type 0
[  144.614021][ T5954] EXT4-fs (loop0): unmounting filesystem.
[  144.699496][ T5977] loop1: detected capacity change from 0 to 512
[  144.742318][ T5951] netlink: 'syz.3.627': attribute type 4 has an invalid length.
[  144.788420][ T5977] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  144.836756][ T5977] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.932812][ T5986] netlink: 20 bytes leftover after parsing attributes in process `syz.0.634'.
[  144.945708][   T27] audit: type=1800 audit(1748427947.770:224): pid=5977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.632" name="file1" dev="loop1" ino=18 res=0 errno=0
[  145.178144][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  146.211826][ T6006] loop3: detected capacity change from 0 to 256
[  146.391277][ T6016] netlink: 'syz.3.647': attribute type 21 has an invalid length.
[  146.416168][ T6018] netlink: 20 bytes leftover after parsing attributes in process `syz.4.648'.
[  146.465216][ T6020] loop0: detected capacity change from 0 to 512
[  146.559405][ T6020] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  146.583058][ T6020] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.640039][ T6030] sch_tbf: burst 3504 is lower than device lo mtu (65550) !
[  146.759323][   T27] audit: type=1800 audit(1748427949.580:225): pid=6020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.649" name="file1" dev="loop0" ino=18 res=0 errno=0
[  147.196157][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  147.876968][ T6056] netlink: 20 bytes leftover after parsing attributes in process `syz.4.663'.
[  148.047423][ T6064] loop3: detected capacity change from 0 to 512
[  148.056633][ T6060] Falling back ldisc for ttyS3.
[  148.118556][ T6064] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  148.128295][ T6069] loop2: detected capacity change from 0 to 2048
[  148.150374][ T6064] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.191765][   T27] audit: type=1326 audit(1748427951.010:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  148.249680][   T27] audit: type=1326 audit(1748427951.040:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  148.272639][   T27] audit: type=1326 audit(1748427951.040:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  148.332510][ T6080] loop0: detected capacity change from 0 to 1024
[  148.334911][   T27] audit: type=1326 audit(1748427951.040:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  148.364064][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  148.388586][   T27] audit: type=1326 audit(1748427951.040:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  148.440116][ T6080] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  148.655899][   T22] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  148.677901][ T6095] xt_addrtype: ipv6 does not support BROADCAST matching
[  148.895334][ T6099] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  148.912705][ T6099] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  148.921356][ T6099] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  149.075795][   T22] usb 3-1: Using ep0 maxpacket: 16
[  149.130776][   T22] usb 3-1: config 0 has an invalid interface number: 163 but max is 0
[  149.253594][   T22] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.284449][   T22] usb 3-1: config 0 has no interface number 0
[  149.315493][   T22] usb 3-1: config 0 interface 163 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  149.372225][   T22] usb 3-1: config 0 interface 163 has no altsetting 0
[  149.396364][   T27] kauditd_printk_skb: 29 callbacks suppressed
[  149.396379][   T27] audit: type=1326 audit(1748427952.220:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.446336][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  149.464300][   T22] usb 3-1: New USB device found, idVendor=0403, idProduct=d9a9, bcdDevice=46.9e
[  149.470466][   T27] audit: type=1326 audit(1748427952.250:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.513291][   T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.515797][   T27] audit: type=1326 audit(1748427952.280:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.535477][   T22] usb 3-1: Product: syz
[  149.580160][   T22] usb 3-1: Manufacturer: syz
[  149.595102][   T22] usb 3-1: SerialNumber: syz
[  149.616128][   T27] audit: type=1326 audit(1748427952.280:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.640319][   T22] usb 3-1: config 0 descriptor??
[  149.695494][   T27] audit: type=1326 audit(1748427952.280:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.732169][ T6109] 9pnet_fd: Insufficient options for proto=fd
[  149.760125][   T27] audit: type=1326 audit(1748427952.280:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.761457][ T6111] loop1: detected capacity change from 0 to 512
[  149.823224][   T27] audit: type=1326 audit(1748427952.280:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.854911][ T6115] netlink: 12 bytes leftover after parsing attributes in process `syz.0.688'.
[  149.868357][   T22] ftdi_sio 3-1:0.163: FTDI USB Serial Device converter detected
[  149.902065][   T22] ftdi_sio ttyUSB0: unknown device type: 0x469e
[  149.906443][   T27] audit: type=1326 audit(1748427952.280:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7facf098e56b code=0x7ffc0000
[  149.939928][   T22] usb 3-1: USB disconnect, device number 2
[  149.960342][   T22] ftdi_sio 3-1:0.163: device disconnected
[  149.969178][ T6111] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  149.984461][ T6111] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.989649][   T27] audit: type=1326 audit(1748427952.420:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6104 comm="syz.3.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  150.061774][   T27] audit: type=1326 audit(1748427952.420:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6104 comm="syz.3.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  150.064020][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  150.208252][ T6128] netlink: 24 bytes leftover after parsing attributes in process `syz.3.695'.
[  150.453524][ T6136] loop3: detected capacity change from 0 to 512
[  150.817612][ T6136] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  150.992773][ T6136] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.236593][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  151.768409][ T6173] netlink: 112 bytes leftover after parsing attributes in process `syz.4.711'.
[  151.864973][ T6175] loop0: detected capacity change from 0 to 1024
[  151.882426][ T6171] loop2: detected capacity change from 0 to 8192
[  151.907114][ T6175] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  151.967361][ T6171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.710'.
[  152.359067][ T6186] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  152.375488][ T6186] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  152.383965][ T6186] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  152.851876][ T6188] loop1: detected capacity change from 0 to 512
[  152.906038][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  152.953343][ T6188] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  153.002811][ T6188] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.182175][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  153.352988][ T6215] loop3: detected capacity change from 0 to 512
[  153.453579][ T6215] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  153.464005][ T6215] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.428625][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  154.537057][ T6225] loop1: detected capacity change from 0 to 512
[  154.549206][ T6225] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  154.665854][ T6225] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c118, mo2=0002]
[  154.669333][ T6233] loop3: detected capacity change from 0 to 2048
[  154.683392][ T6233] EXT4-fs: Ignoring removed bh option
[  154.703820][ T6225] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm +}[@: corrupted in-inode xattr
[  154.725778][ T6225] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm +}[@: couldn't read orphan inode 15 (err -117)
[  154.754212][ T6225] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  154.764472][ T6233] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  154.828580][ T6241] loop2: detected capacity change from 0 to 512
[  154.891586][ T6241] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  154.951197][ T6241] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.019168][   T27] kauditd_printk_skb: 10 callbacks suppressed
[  155.019184][   T27] audit: type=1800 audit(1748427957.840:280): pid=6241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.736" name="file1" dev="loop2" ino=18 res=0 errno=0
[  155.055062][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  155.162253][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  155.220913][ T6255] device pim6reg1 entered promiscuous mode
[  155.294665][ T6260] loop2: detected capacity change from 0 to 512
[  155.326604][ T6260] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  155.342459][ T6260] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.567523][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  155.604952][   T33] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  155.637715][   T33] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  155.657584][   T33] EXT4-fs (loop3): This should not happen!! Data will be lost
[  155.657584][   T33] 
[  155.667917][   T33] EXT4-fs (loop3): Total free blocks count 0
[  155.674018][   T33] EXT4-fs (loop3): Free/Dirty block details
[  155.685647][   T33] EXT4-fs (loop3): free_blocks=2415919104
[  155.694273][   T33] EXT4-fs (loop3): dirty_blocks=3856
[  155.699950][   T33] EXT4-fs (loop3): Block reservation details
[  155.706529][   T33] EXT4-fs (loop3): i_reserved_data_blocks=241
[  155.724626][ T4313] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  155.739956][ T6273] loop2: detected capacity change from 0 to 512
[  155.774337][ T6273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  155.789088][ T6273] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.895324][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  155.909565][ T6279] netlink: 16 bytes leftover after parsing attributes in process `syz.0.750'.
[  156.037907][   T27] audit: type=1326 audit(1748427958.860:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6280 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  156.124899][   T27] audit: type=1326 audit(1748427958.900:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6280 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  156.205175][   T27] audit: type=1326 audit(1748427958.900:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6280 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  156.227558][   T27] audit: type=1326 audit(1748427958.900:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6280 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  156.250493][   T27] audit: type=1326 audit(1748427958.900:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6280 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  157.296389][ T6298] device pim6reg1 entered promiscuous mode
[  157.371217][ T6305] netlink: 20 bytes leftover after parsing attributes in process `syz.3.761'.
[  157.417065][   T27] audit: type=1107 audit(1748427960.240:286): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  157.491451][ T6309] loop2: detected capacity change from 0 to 512
[  157.554804][ T6309] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  157.574889][ T6309] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.641639][   T27] audit: type=1326 audit(1748427960.460:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.4.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  157.669005][ T6319] loop0: detected capacity change from 0 to 512
[  157.676873][   T27] audit: type=1326 audit(1748427960.460:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.4.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  157.700157][   T27] audit: type=1326 audit(1748427960.460:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.4.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  157.757850][ T6319] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  157.769538][ T6319] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.804120][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  157.852091][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  158.233930][ T6336] netlink: 20 bytes leftover after parsing attributes in process `syz.1.774'.
[  158.583936][ T6350] loop2: detected capacity change from 0 to 512
[  158.624925][ T6350] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  158.651714][ T6350] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.784502][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  158.828988][ T6367] netlink: 20 bytes leftover after parsing attributes in process `syz.1.788'.
[  160.064958][ T6391] loop3: detected capacity change from 0 to 512
[  160.126062][ T6391] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  160.145467][ T6391] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.187629][   T27] kauditd_printk_skb: 39 callbacks suppressed
[  160.187644][   T27] audit: type=1800 audit(1748427963.010:329): pid=6391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.799" name="file1" dev="loop3" ino=18 res=0 errno=0
[  160.371521][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  160.406228][ T6403] Falling back ldisc for ttyS3.
[  160.679397][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'.
[  160.694660][ T6421] binfmt_misc: register: failed to install interpreter file ./bus
[  160.715208][ T6419] device syz_tun entered promiscuous mode
[  160.721575][ T6419] device macvtap1 entered promiscuous mode
[  160.761753][ T6423] device syz_tun left promiscuous mode
[  161.036579][ T6434] netlink: 12 bytes leftover after parsing attributes in process `syz.4.817'.
[  161.069720][ T6430] loop3: detected capacity change from 0 to 512
[  161.159070][ T6430] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  161.182226][ T6430] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.244025][   T27] audit: type=1800 audit(1748427964.060:330): pid=6430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.816" name="file1" dev="loop3" ino=18 res=0 errno=0
[  161.335539][   T27] audit: type=1326 audit(1748427964.130:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6448 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  161.396501][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  161.460414][   T27] audit: type=1326 audit(1748427964.130:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6448 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  161.505565][   T27] audit: type=1326 audit(1748427964.130:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6448 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  161.547267][ T6457] netlink: 'wg1': attribute type 13 has an invalid length.
[  161.591503][   T27] audit: type=1326 audit(1748427964.130:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6448 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  161.629707][ T6459] Cannot find add_set index 0 as target
[  161.675528][   T27] audit: type=1326 audit(1748427964.130:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6448 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  161.772976][   T27] audit: type=1326 audit(1748427964.180:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6450 comm="syz.0.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  161.800707][ T6469] usb usb1: usbfs: process 6469 (syz.3.832) did not claim interface 0 before use
[  161.844638][   T27] audit: type=1326 audit(1748427964.190:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6450 comm="syz.0.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  161.893142][   T27] audit: type=1326 audit(1748427964.200:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6450 comm="syz.0.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  162.058501][ T6478] loop1: detected capacity change from 0 to 512
[  162.128738][ T6478] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  162.157027][ T6478] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.290911][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  162.312224][ T6457] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.320403][ T6457] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.389307][ T6484] loop3: detected capacity change from 0 to 1024
[  162.427265][ T6484] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.483174][ T6484] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  162.505074][ T6490] netlink: 'syz.1.840': attribute type 2 has an invalid length.
[  162.566391][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  163.422152][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.587224][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.785271][ T6457] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  164.801267][ T6457] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  164.815013][ T6457] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  164.831065][ T6457] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  165.435504][ T4300] bond0 speed is unknown, defaulting to 1000
[  165.894329][ T6511] loop0: detected capacity change from 0 to 512
[  165.970385][ T6515] binfmt_misc: register: failed to install interpreter file ./file2
[  165.983508][ T6521] netlink: 96 bytes leftover after parsing attributes in process `syz.1.852'.
[  166.001739][ T6511] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  166.010998][ T6511] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.049310][   T27] kauditd_printk_skb: 10 callbacks suppressed
[  166.049327][   T27] audit: type=1800 audit(1748427968.870:349): pid=6511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.849" name="file1" dev="loop0" ino=18 res=0 errno=0
[  166.439912][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  167.005083][ T6559] loop2: detected capacity change from 0 to 512
[  167.023388][ T6559] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.061886][ T6559] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  167.085625][ T6559] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.130791][ T6559] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.869: corrupted xattr block 19
[  167.305299][ T6573] loop0: detected capacity change from 0 to 512
[  167.312659][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  167.351532][ T6573] EXT4-fs: quotafile must be on filesystem root
[  167.415571][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.879'.
[  167.422871][ T6580] loop1: detected capacity change from 0 to 512
[  167.436296][ T6577] ksmbd: Unknown IPC event: 0, ignore.
[  167.485748][ T6580] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  167.516254][ T6580] EXT4-fs warning (device loop1): ext4_enable_quotas:7054: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  167.533767][ T6580] EXT4-fs (loop1): mount failed
[  167.568158][ T6588] netlink: 84 bytes leftover after parsing attributes in process `syz.4.881'.
[  167.624724][ T6591] loop0: detected capacity change from 0 to 512
[  167.689620][ T6591] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  167.750395][ T6591] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.865554][   T27] audit: type=1800 audit(1748427970.640:350): pid=6591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.882" name="file1" dev="loop0" ino=18 res=0 errno=0
[  167.950566][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  168.143117][ T6601] x_tables: duplicate underflow at hook 1
[  168.906859][ T6611] netlink: 'syz.2.888': attribute type 2 has an invalid length.
[  169.220518][ T6628] loop0: detected capacity change from 0 to 2048
[  169.223312][ T6630] loop1: detected capacity change from 0 to 512
[  169.256241][ T6628] EXT4-fs: Ignoring removed bh option
[  169.284348][ T6630] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  169.334398][ T6630] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.435600][   T27] audit: type=1800 audit(1748427972.250:351): pid=6630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.897" name="file1" dev="loop1" ino=18 res=0 errno=0
[  169.542442][ T6628] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  169.580947][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  170.085652][   T27] audit: type=1800 audit(1748427972.850:352): pid=6628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.898" name="file1" dev="loop0" ino=15 res=0 errno=0
[  170.157935][ T6520] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  170.276658][ T6628] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  170.326346][ T6628] EXT4-fs (loop0): This should not happen!! Data will be lost
[  170.326346][ T6628] 
[  170.384709][ T6628] EXT4-fs (loop0): Total free blocks count 0
[  170.411299][ T6628] EXT4-fs (loop0): Free/Dirty block details
[  170.431678][ T6628] EXT4-fs (loop0): free_blocks=2415919104
[  170.455573][ T6628] EXT4-fs (loop0): dirty_blocks=16
[  170.494484][ T6655] netlink: 'syz.3.907': attribute type 2 has an invalid length.
[  170.506414][ T6628] EXT4-fs (loop0): Block reservation details
[  170.522852][ T6628] EXT4-fs (loop0): i_reserved_data_blocks=1
[  170.531561][   T27] audit: type=1326 audit(1748427973.350:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6650 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  170.567301][ T6628] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  170.606335][   T27] audit: type=1326 audit(1748427973.350:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6650 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  170.678582][   T27] audit: type=1326 audit(1748427973.380:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6650 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  170.794545][   T27] audit: type=1326 audit(1748427973.380:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6650 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  170.875668][ T6662] loop1: detected capacity change from 0 to 256
[  170.881784][   T27] audit: type=1326 audit(1748427973.380:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6650 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  170.912883][ T6662] FAT-fs (loop1): bogus number of FAT sectors
[  170.927875][ T6662] FAT-fs (loop1): Can't find a valid FAT filesystem
[  170.974502][ T6667] loop0: detected capacity change from 0 to 2048
[  171.061784][ T6667]  loop0: p1 < > p4
[  171.068280][ T6667] loop0: p4 size 8388608 extends beyond EOD, truncated
[  171.189176][ T6675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.915'.
[  171.528915][ T6684] loop3: detected capacity change from 0 to 512
[  171.578020][ T6684] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  171.667966][ T6684] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.492407][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  172.673351][ T6702] loop3: detected capacity change from 0 to 512
[  172.702331][ T6702] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  172.790187][ T6705] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.804128][ T6702] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  172.850183][ T6702] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  172.871417][ T6702] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm syz.3.924: Failed to acquire dquot type 0
[  172.952694][ T6702] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  172.968313][ T6705] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.986254][ T6702] EXT4-fs (loop3): 1 truncate cleaned up
[  172.992159][ T6702] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  173.087216][ T6705] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.098690][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  173.280535][ T6705] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.301605][ T6717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.930'.
[  173.489948][ T6705] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.544211][ T6705] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.584593][ T6705] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.624621][ T6726] x_tables: duplicate underflow at hook 1
[  173.787827][ T6705] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.777539][ T6741] loop0: detected capacity change from 0 to 512
[  174.841788][ T6741] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  174.861870][ T6747] netlink: 8 bytes leftover after parsing attributes in process `syz.4.941'.
[  174.894234][ T6741] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.040874][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  175.060619][ T6753] netlink: 236 bytes leftover after parsing attributes in process `syz.4.945'.
[  175.389960][ T6769] loop2: detected capacity change from 0 to 512
[  175.493434][ T6769] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  175.533224][ T6769] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.769046][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  175.893284][ T6788] syz.2.957[6788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.893394][ T6788] syz.2.957[6788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  176.414011][ T6809] loop3: detected capacity change from 0 to 512
[  176.490671][ T6809] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  176.515967][ T6809] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.683039][ T6824] netlink: 20 bytes leftover after parsing attributes in process `syz.4.974'.
[  176.708649][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  176.822224][   T27] audit: type=1326 audit(1748427979.640:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  176.887719][   T27] audit: type=1326 audit(1748427979.640:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  176.940558][   T27] audit: type=1326 audit(1748427979.640:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  177.034439][   T27] audit: type=1326 audit(1748427979.640:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  177.108137][   T27] audit: type=1326 audit(1748427979.650:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  177.181323][   T27] audit: type=1326 audit(1748427979.650:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.3.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  177.244441][   T27] audit: type=1326 audit(1748427979.820:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.1.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  177.313534][   T27] audit: type=1326 audit(1748427979.820:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.1.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  178.283922][ T6887] loop2: detected capacity change from 0 to 512
[  178.317367][ T6887] EXT4-fs: Ignoring removed orlov option
[  178.323140][ T6887] ext4: Unknown parameter 'seclabel'
[  179.671348][   T27] kauditd_printk_skb: 26 callbacks suppressed
[  179.671366][   T27] audit: type=1326 audit(1748427982.500:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  179.730802][   T27] audit: type=1326 audit(1748427982.500:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  179.760146][   T27] audit: type=1326 audit(1748427982.500:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  179.798236][   T27] audit: type=1326 audit(1748427982.500:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  179.855651][   T27] audit: type=1326 audit(1748427982.500:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  179.941334][   T27] audit: type=1326 audit(1748427982.500:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  180.016845][   T27] audit: type=1326 audit(1748427982.500:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  180.029731][ T6935] loop1: detected capacity change from 0 to 512
[  180.049507][ T6936] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1021'.
[  180.051522][   T27] audit: type=1326 audit(1748427982.500:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  180.082270][   T27] audit: type=1326 audit(1748427982.500:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  180.110195][ T6936] device batadv1 entered promiscuous mode
[  180.129942][   T27] audit: type=1326 audit(1748427982.500:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.4.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  180.166327][ T6935] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  180.187101][ T6935] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.266238][ T6945] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1028'.
[  180.549537][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  181.352099][ T6954] bond0 speed is unknown, defaulting to 1000
[  182.352420][ T6967] loop1: detected capacity change from 0 to 1024
[  182.454181][ T6967] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  182.464113][ T6975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1036'.
[  182.482869][ T6967] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.649965][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  183.184407][ T6979] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1038'.
[  183.198753][ T6979] 0�X���: renamed from caif0
[  183.215009][ T6979] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  183.319194][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1036'.
[  183.332822][ T6969] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1036'.
[  183.375475][ T6969] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1036'.
[  183.632513][ T7019] Illegal XDP return value 1378042384 on prog  (id 443) dev N/A, expect packet loss!
[  183.728990][ T6996] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  183.758242][ T6996] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  183.827246][ T7028] loop0: detected capacity change from 0 to 512
[  183.909601][ T7028] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  183.942865][ T7028] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.155224][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  184.205076][ T7048] loop2: detected capacity change from 0 to 512
[  184.262412][ T7048] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  184.279091][ T7048] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.348518][ T7054] capability: warning: `syz.4.1072' uses deprecated v2 capabilities in a way that may be insecure
[  184.350469][ T7058] loop1: detected capacity change from 0 to 128
[  184.367139][ T7058] EXT4-fs: Ignoring removed nobh option
[  184.449053][ T7058] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  184.497876][ T7048] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1068'.
[  184.507159][ T7058] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  184.602872][ T7058] EXT4-fs (loop1): shut down requested (0)
[  184.802438][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  184.890169][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1068'.
[  184.900655][ T7080] loop1: detected capacity change from 0 to 512
[  184.912572][ T7048] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1068'.
[  184.986846][ T7080] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  185.001857][ T7080] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.070921][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  185.090566][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  185.427970][ T7101] bond0 speed is unknown, defaulting to 1000
[  185.524091][   T27] kauditd_printk_skb: 48 callbacks suppressed
[  185.524107][   T27] audit: type=1326 audit(1748427988.340:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.602740][   T27] audit: type=1326 audit(1748427988.380:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.687937][   T27] audit: type=1326 audit(1748427988.380:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.771251][   T27] audit: type=1326 audit(1748427988.380:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.858069][   T27] audit: type=1326 audit(1748427988.380:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.944409][   T27] audit: type=1326 audit(1748427988.380:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  185.975889][ T7116] loop1: detected capacity change from 0 to 512
[  186.001553][   T27] audit: type=1326 audit(1748427988.380:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  186.076531][   T27] audit: type=1326 audit(1748427988.380:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  186.100947][   T27] audit: type=1326 audit(1748427988.380:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  186.123856][   T27] audit: type=1326 audit(1748427988.380:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.4.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  186.134727][ T7116] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  186.172302][ T7116] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.250081][ T7126] netlink: 'syz.0.1100': attribute type 21 has an invalid length.
[  186.275570][ T7126] __nla_validate_parse: 1 callbacks suppressed
[  186.275589][ T7126] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1100'.
[  186.421907][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  186.630484][ T7137] loop1: detected capacity change from 0 to 2048
[  186.680073][ T7137] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  186.902168][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  187.763328][ T7169] loop2: detected capacity change from 0 to 512
[  187.907785][ T7169] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  187.951146][ T7169] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.189127][ T7179] bond0 speed is unknown, defaulting to 1000
[  189.066886][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  189.166088][ T7185] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1122'.
[  189.304161][ T7185] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1122'.
[  189.659824][ T7185] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1122'.
[  189.676836][ T4296] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  189.853409][ T7209] bond0 speed is unknown, defaulting to 1000
[  189.873441][ T4296] usb 3-1: unable to get BOS descriptor or descriptor too short
[  189.890807][ T7211] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1132'.
[  189.899805][ T4296] usb 3-1: unable to read config index 0 descriptor/start: -71
[  189.899843][ T4296] usb 3-1: can't read configurations, error -71
[  190.318703][ T7215] bond0 speed is unknown, defaulting to 1000
[  191.419572][ T7226] loop3: detected capacity change from 0 to 512
[  191.442670][ T7226] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  191.674220][ T7226] EXT4-fs (loop3): 1 truncate cleaned up
[  191.688307][ T7226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  192.521724][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  192.912272][ T7253] ALSA: seq fatal error: cannot create timer (-19)
[  193.085556][ T5780] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  193.280570][ T5780] usb 2-1: unable to get BOS descriptor or descriptor too short
[  193.297893][ T5780] usb 2-1: unable to read config index 0 descriptor/start: -71
[  193.315103][ T5780] usb 2-1: can't read configurations, error -71
[  193.762958][ T7261] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  193.840867][ T7261] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  194.161866][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  194.168345][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  194.220391][ T7279] binfmt_misc: register: failed to install interpreter file ./file2
[  194.239499][ T7287] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1159'.
[  194.284937][ T7287] 0�X���: renamed from caif0
[  194.294822][ T7287] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  194.390284][ T7292] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1163'.
[  194.700544][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  194.700560][   T27] audit: type=1326 audit(1748427997.520:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  194.772974][   T27] audit: type=1326 audit(1748427997.520:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  194.815252][   T27] audit: type=1326 audit(1748427997.570:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  194.874206][   T27] audit: type=1326 audit(1748427997.570:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  194.903663][   T27] audit: type=1326 audit(1748427997.600:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  194.946308][   T27] audit: type=1326 audit(1748427997.600:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7306 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7efd321c1225 code=0x7ffc0000
[  194.996618][   T27] audit: type=1326 audit(1748427997.750:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7306 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  195.025805][   T27] audit: type=1326 audit(1748427997.820:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  195.057196][   T27] audit: type=1326 audit(1748427997.820:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  195.143261][ T7317] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1173'.
[  195.315130][ T7321] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1174'.
[  195.324276][ T7321] 0�X���: renamed from caif0
[  195.334413][ T7321] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  196.235710][ T4268] Bluetooth: hci4: command 0x0406 tx timeout
[  196.241795][ T4268] Bluetooth: hci0: command 0x0406 tx timeout
[  196.245805][ T4262] Bluetooth: hci2: command 0x0406 tx timeout
[  196.248049][ T4268] Bluetooth: hci3: command 0x0406 tx timeout
[  196.253788][ T4262] Bluetooth: hci1: command 0x0406 tx timeout
[  196.353659][ T7336] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1181'.
[  196.484776][   T27] audit: type=1326 audit(1748427999.300:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.2.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  196.487879][ T7344] sch_tbf: burst 3504 is lower than device lo mtu (65550) !
[  199.917746][ T7441] loop2: detected capacity change from 0 to 8192
[  200.972211][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  200.972226][   T27] audit: type=1326 audit(1748428003.790:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.009698][ T7463] loop1: detected capacity change from 0 to 2048
[  201.059807][ T7463]  loop1: p1 < > p4
[  201.071566][ T7463] loop1: p4 size 8388608 extends beyond EOD, truncated
[  201.073246][   T27] audit: type=1326 audit(1748428003.820:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.137222][   T27] audit: type=1326 audit(1748428003.850:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.201362][ T7471] loop2: detected capacity change from 0 to 512
[  201.212126][   T27] audit: type=1326 audit(1748428003.850:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.261121][   T27] audit: type=1326 audit(1748428003.850:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.311176][   T27] audit: type=1326 audit(1748428003.850:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.347124][ T7471] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[  201.390127][ T7471] EXT4-fs warning (device loop2): ext4_enable_quotas:7054: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  201.418284][ T7482] loop3: detected capacity change from 0 to 1024
[  201.427079][   T27] audit: type=1326 audit(1748428003.850:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.449751][ T7482] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  201.461335][   T27] audit: type=1326 audit(1748428003.850:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.462108][ T7471] EXT4-fs (loop2): mount failed
[  201.483909][   T27] audit: type=1326 audit(1748428003.850:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  201.518315][ T7482] EXT4-fs (loop3): invalid journal inode
[  201.535113][ T7482] EXT4-fs (loop3): can't get journal size
[  201.545711][ T7482] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #2: comm syz.3.1247: blocks 48-48 from inode overlap system zone
[  201.570769][ T7482] EXT4-fs (loop3): failed to initialize system zone (-117)
[  201.592914][ T7482] EXT4-fs (loop3): mount failed
[  202.057804][ T7500] bond0 speed is unknown, defaulting to 1000
[  204.782165][ T7511] loop0: detected capacity change from 0 to 1024
[  204.847172][ T7511] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  204.991720][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  205.010980][ T7509] smc: net device bond0 applied user defined pnetid SYZ2
[  205.049572][ T7509] smc: net device bond0 erased user defined pnetid SYZ2
[  205.521125][ T7533] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1261'.
[  206.076327][ T7542] bond0 speed is unknown, defaulting to 1000
[  206.692450][ T7563] loop2: detected capacity change from 0 to 1024
[  206.738309][ T7563] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  206.768447][ T7563] netem: change failed
[  206.795306][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  206.795323][   T27] audit: type=1800 audit(1748428009.610:522): pid=7563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1275" name="bus" dev="loop2" ino=18 res=0 errno=0
[  206.843740][ T7563] Trying to write to read-only block-device loop2
[  206.886272][ T7563] Trying to write to read-only block-device loop2
[  207.095661][   T27] audit: type=1326 audit(1748428009.910:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7fc00000
[  207.138542][ T4264] Trying to write to read-only block-device loop2
[  207.159258][ T4264] Trying to write to read-only block-device loop2
[  207.184260][ T4264] Trying to write to read-only block-device loop2
[  207.190873][   T27] audit: type=1326 audit(1748428009.910:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7efd3218e969 code=0x7fc00000
[  207.205626][ T4264] Trying to write to read-only block-device loop2
[  207.252153][ T4264] Trying to write to read-only block-device loop2
[  207.263349][ T4264] Trying to write to read-only block-device loop2
[  207.279035][ T4264] Trying to write to read-only block-device loop2
[  207.288281][ T4264] Trying to write to read-only block-device loop2
[  207.317918][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  210.024204][ T7594] netlink: 'syz.4.1287': attribute type 16 has an invalid length.
[  210.032363][ T7594] netlink: 'syz.4.1287': attribute type 17 has an invalid length.
[  210.893807][ T7636] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1303'.
[  211.069703][ T7666] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1322'.
[  211.526875][ T7688] netlink: 'syz.1.1331': attribute type 1 has an invalid length.
[  211.658458][ T7692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1327'.
[  212.575625][ T7688] 8021q: adding VLAN 0 to HW filter on device bond1
[  212.624739][ T7692] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  212.634257][ T7692] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  212.643932][ T7692] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  212.715641][ T7693] bond1: (slave vlan2): making interface the new active one
[  212.765088][ T7693] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  212.824986][ T5526] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  213.313128][ T7709] loop3: detected capacity change from 0 to 512
[  213.423145][ T7709] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  213.450754][ T7709] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.727597][ T7709] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.1337: Attempting to read directory block (0) that is past i_size (3)
[  213.933488][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  214.118994][ T7706] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1335'.
[  214.214136][ T7735] loop3: detected capacity change from 0 to 512
[  214.254578][ T7735] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  214.284288][ T7735] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.347382][   T27] audit: type=1800 audit(1748428017.170:525): pid=7735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1349" name="file1" dev="loop3" ino=18 res=0 errno=0
[  214.531007][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  214.812306][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1351'.
[  215.863778][ T7757] loop0: detected capacity change from 0 to 2048
[  215.942659][ T7757] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  216.005599][ T7757] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  217.028687][ T4336] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  217.233663][ T4336] usb 4-1: unable to get BOS descriptor or descriptor too short
[  217.253616][ T4336] usb 4-1: unable to read config index 0 descriptor/start: -71
[  217.270931][ T4336] usb 4-1: can't read configurations, error -71
[  217.373297][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  218.170149][ T7779] loop3: detected capacity change from 0 to 512
[  218.212107][ T7779] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  218.237933][ T7779] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.291855][ T7775] Falling back ldisc for ttyS3.
[  218.433507][   T27] audit: type=1800 audit(1748428021.250:526): pid=7779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1365" name="file1" dev="loop3" ino=18 res=0 errno=0
[  218.607853][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  218.906785][ T7802] loop2: detected capacity change from 0 to 2048
[  218.924204][ T7802] /dev/loop2: Can't open blockdev
[  220.096258][ T7816] Falling back ldisc for ttyS3.
[  220.322972][ T7820] smc: net device bond0 applied user defined pnetid SYZ2
[  220.344745][ T7820] smc: net device bond0 erased user defined pnetid SYZ2
[  220.428773][   T27] audit: type=1326 audit(1748428023.250:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.497731][   T27] audit: type=1326 audit(1748428023.280:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.531433][ T7837] netlink: 'syz.2.1387': attribute type 3 has an invalid length.
[  220.565794][   T27] audit: type=1326 audit(1748428023.280:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.620299][ T7841] loop1: detected capacity change from 0 to 2048
[  220.629198][   T27] audit: type=1326 audit(1748428023.280:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.661011][   T27] audit: type=1326 audit(1748428023.280:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.691092][   T27] audit: type=1326 audit(1748428023.280:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.764573][   T27] audit: type=1326 audit(1748428023.280:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.767350][ T7841] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  220.787766][   T27] audit: type=1326 audit(1748428023.280:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.818574][   T27] audit: type=1326 audit(1748428023.280:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.841045][   T27] audit: type=1326 audit(1748428023.280:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7834 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  220.876326][ T7851] bond0 speed is unknown, defaulting to 1000
[  220.957244][ T7841] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  221.177688][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  221.836022][ T7876] bond0 speed is unknown, defaulting to 1000
[  223.152763][ T7889] loop2: detected capacity change from 0 to 512
[  223.179671][ T7889] /dev/loop2: Can't open blockdev
[  223.264088][ T7892] loop1: detected capacity change from 0 to 512
[  223.349358][ T7892] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  223.389669][ T7892] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.491766][ T7904] loop2: detected capacity change from 0 to 512
[  223.547247][ T7904] /dev/loop2: Can't open blockdev
[  223.903648][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  224.143307][ T7918] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  224.156479][ T7918] bond0: (slave ipvlan0): The slave device specified does not support setting the MAC address
[  224.167032][ T7918] bond0: (slave ipvlan0): Error -95 calling set_mac_address
[  224.442541][ T7939] Cannot find add_set index 3 as target
[  224.450108][ T7942] loop1: detected capacity change from 0 to 512
[  224.538512][ T7942] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  224.556569][ T7942] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.602768][ T7948] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1432'.
[  224.633295][ T7948] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  224.674020][ T7952] loop2: detected capacity change from 0 to 512
[  224.691336][ T7953] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.1428: Attempting to read directory block (0) that is past i_size (3)
[  224.746923][ T7952] /dev/loop2: Can't open blockdev
[  224.871791][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  225.332545][ T7977] loop0: detected capacity change from 0 to 2048
[  225.394429][ T7983] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1444'.
[  225.411029][ T7977] Alternate GPT is invalid, using primary GPT.
[  225.436705][ T7977]  loop0: p2 p3 p7
[  225.610837][ T7991] loop2: detected capacity change from 0 to 512
[  225.619026][ T7991] /dev/loop2: Can't open blockdev
[  226.859394][ T8015] loop1: detected capacity change from 0 to 128
[  226.866030][ T8017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1461'.
[  226.895567][ T8017] device hsr_slave_0 left promiscuous mode
[  226.904542][ T8015] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  226.918302][ T8017] device hsr_slave_1 left promiscuous mode
[  226.925808][ T8015] ext4 filesystem being mounted at /272/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  226.950877][   T27] kauditd_printk_skb: 102 callbacks suppressed
[  226.950893][   T27] audit: type=1326 audit(1748428029.770:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  227.022398][   T27] audit: type=1326 audit(1748428029.770:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  227.053097][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  227.079859][ T8024] syz.4.1463[8024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.079971][ T8024] syz.4.1463[8024] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.080743][   T27] audit: type=1326 audit(1748428029.770:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  227.220458][   T27] audit: type=1326 audit(1748428029.770:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  227.283050][ T8030] loop2: detected capacity change from 0 to 512
[  227.290474][   T27] audit: type=1326 audit(1748428029.770:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  227.319413][ T8030] /dev/loop2: Can't open blockdev
[  227.396837][   T27] audit: type=1326 audit(1748428029.770:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.1.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  228.493148][ T8052] netlink: 'syz.2.1472': attribute type 10 has an invalid length.
[  228.505229][ T8052] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  228.516181][ T8051] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  228.695153][ T8051] loop1: detected capacity change from 0 to 8192
[  228.747828][ T8051] syz.1.1473 (8051): attempted to duplicate a private mapping with mremap.  This is not supported.
[  228.946279][ T8061] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1478'.
[  229.854205][ T8090] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1489'.
[  230.464242][ T8095] loop3: detected capacity change from 0 to 164
[  230.618531][   T27] audit: type=1326 audit(1748428033.440:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8094 comm="syz.3.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  230.671616][   T27] audit: type=1326 audit(1748428033.440:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8094 comm="syz.3.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  230.707979][   T27] audit: type=1326 audit(1748428033.440:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8094 comm="syz.3.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  230.781279][   T27] audit: type=1326 audit(1748428033.440:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8094 comm="syz.3.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efd3218e969 code=0x7ffc0000
[  230.947310][ T8119] loop2: detected capacity change from 0 to 512
[  230.956596][ T8119] EXT4-fs: Ignoring removed oldalloc option
[  230.968569][ T8119] /dev/loop2: Can't open blockdev
[  231.228153][ T8132] SET target dimension over the limit!
[  231.287767][ T8134] netlink: 'syz.2.1507': attribute type 1 has an invalid length.
[  232.686375][ T8161] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1519'.
[  232.709053][ T8165] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1523'.
[  232.739660][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  232.739676][   T27] audit: type=1326 audit(1748428035.560:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.1.1522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  232.762101][ T8167] loop3: detected capacity change from 0 to 1024
[  232.800306][   T27] audit: type=1326 audit(1748428035.560:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.1.1522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  232.823347][   T27] audit: type=1326 audit(1748428035.600:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.1.1522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  232.849464][ T8167] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.854815][ T8169] bond0 speed is unknown, defaulting to 1000
[  232.890065][ T8167] EXT4-fs: Ignoring removed nobh option
[  232.899429][ T8167] EXT4-fs: Ignoring removed bh option
[  232.948492][ T8167] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  232.979815][   T27] audit: type=1326 audit(1748428035.800:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.1.1522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  233.053820][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  233.071629][   T27] audit: type=1326 audit(1748428035.830:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.1.1522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  233.472480][ T8197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1536'.
[  233.491850][ T8197] device hsr_slave_0 left promiscuous mode
[  233.509894][ T8197] device hsr_slave_1 left promiscuous mode
[  234.325083][ T8232] loop0: detected capacity change from 0 to 1024
[  234.343243][ T8232] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  234.795310][ T8245] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  234.812686][ T8245] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  234.821154][ T8245] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  235.401998][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  235.523324][ T8258] hub 9-0:1.0: USB hub found
[  235.528527][ T8258] hub 9-0:1.0: 1 port detected
[  235.743252][ T8268] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  235.823802][ T8274] loop2: detected capacity change from 0 to 1024
[  235.834439][ T8274] /dev/loop2: Can't open blockdev
[  235.866624][ T8276] xt_hashlimit: max too large, truncated to 1048576
[  236.314975][ T8282] device macvtap1 left promiscuous mode
[  236.911474][ T8284] IPv6: Can't replace route, no match found
[  236.968688][ T8288] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1572'.
[  236.985936][ T8288] 8021q: VLANs not supported on hsr0
[  237.009050][ T8292] loop9: detected capacity change from 0 to 7
[  237.035806][ T5778] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  237.043741][ T8292] Dev loop9: unable to read RDB block 7
[  237.054165][ T8292]  loop9: unable to read partition table
[  237.065891][ T8292] loop9: partition table beyond EOD, truncated
[  237.095803][ T8292] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[  237.095803][ T8292] 
U�������) failed (rc=-5)
[  237.229207][ T5778] usb 1-1: unable to get BOS descriptor or descriptor too short
[  237.251764][ T5778] usb 1-1: unable to read config index 0 descriptor/start: -71
[  237.280079][ T5778] usb 1-1: can't read configurations, error -71
[  238.681059][ T8324] loop2: detected capacity change from 0 to 1024
[  238.689138][ T8324] /dev/loop2: Can't open blockdev
[  239.769494][   T27] audit: type=1326 audit(1748428042.590:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.4.1587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  239.846146][   T27] audit: type=1326 audit(1748428042.620:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.4.1587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  239.913597][ T8345] loop2: detected capacity change from 0 to 1024
[  239.918338][   T27] audit: type=1326 audit(1748428042.620:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.4.1587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  239.969804][ T8345] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.993473][ T8345] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  240.019061][   T27] audit: type=1326 audit(1748428042.630:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.4.1587" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x0
[  240.161175][ T8345] JBD2: no valid journal superblock found
[  240.255532][ T8345] EXT4-fs (loop2): error loading journal
[  240.314670][ T8345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1588'.
[  240.902909][ T8345] 8021q: adding VLAN 0 to HW filter on device bond2
[  241.990914][ T8408] loop2: detected capacity change from 0 to 1024
[  242.017539][ T8408] /dev/loop2: Can't open blockdev
[  242.023640][ T8410] loop0: detected capacity change from 0 to 1024
[  242.034082][ T8410] EXT4-fs: Ignoring removed bh option
[  242.065576][ T5780] usb 4-1: new low-speed USB device number 4 using dummy_hcd
[  242.232622][ T8410] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  242.264795][ T5780] usb 4-1: unable to get BOS descriptor or descriptor too short
[  242.279486][   T27] audit: type=1326 audit(1748428045.100:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  242.394584][   T27] audit: type=1326 audit(1748428045.140:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  242.925552][   T27] audit: type=1326 audit(1748428045.340:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  243.071130][   T27] audit: type=1326 audit(1748428045.350:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  243.098607][ T5780] usb 4-1: unable to read config index 0 descriptor/start: -71
[  243.115509][   T27] audit: type=1326 audit(1748428045.350:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  243.158221][ T5780] usb 4-1: can't read configurations, error -71
[  243.218885][   T27] audit: type=1326 audit(1748428045.360:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  243.266681][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  244.384004][ T8464] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  244.545280][ T8469] loop2: detected capacity change from 0 to 1024
[  244.565299][ T8469] /dev/loop2: Can't open blockdev
[  244.581116][ T8474] smc: net device bond0 applied user defined pnetid SYZ2
[  244.605256][ T8474] smc: net device bond0 erased user defined pnetid SYZ2
[  244.683350][ T8477] loop1: detected capacity change from 0 to 512
[  244.723963][ T8477] EXT4-fs (loop1): 1 orphan inode deleted
[  244.746591][ T5526] EXT4-fs error (device loop1): ext4_release_dquot:6838: comm kworker/u4:16: Failed to release dquot type 1
[  244.785941][ T8477] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  244.809440][ T8477] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.856552][ T8486] loop0: detected capacity change from 0 to 512
[  244.933450][ T8486] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  244.962066][ T8486] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.017846][ T8490] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.1624: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 257, max 0(0), depth 0(0)
[  245.069139][ T8486] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.1626: Attempting to read directory block (0) that is past i_size (3)
[  245.129131][ T8491] netlink: 'syz.1.1624': attribute type 4 has an invalid length.
[  245.200446][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  245.534945][   T27] kauditd_printk_skb: 40 callbacks suppressed
[  245.534962][   T27] audit: type=1800 audit(1748428048.350:718): pid=8477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1624" name="file1" dev="loop1" ino=15 res=0 errno=0
[  245.764413][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  245.775910][   T46] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  245.792414][   T46] EXT4-fs error (device loop1): ext4_release_dquot:6838: comm kworker/u4:3: Failed to release dquot type 1
[  245.818630][ T8501] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1633'.
[  246.098822][ T8513] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1635'.
[  246.128433][ T8514] 8021q: adding VLAN 0 to HW filter on device bond1
[  246.728400][ T8522] loop0: detected capacity change from 0 to 512
[  246.762413][ T8524] hub 9-0:1.0: USB hub found
[  246.776951][ T8524] hub 9-0:1.0: 1 port detected
[  246.822057][   T27] audit: type=1326 audit(1748428049.640:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  246.852884][ T8522] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  246.885218][ T8522] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.920711][   T27] audit: type=1326 audit(1748428049.670:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.014575][   T27] audit: type=1326 audit(1748428049.670:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.059409][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  247.089585][   T27] audit: type=1326 audit(1748428049.670:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.186918][   T27] audit: type=1326 audit(1748428049.670:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.258737][   T27] audit: type=1326 audit(1748428049.670:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.325606][   T27] audit: type=1326 audit(1748428049.670:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.383019][   T27] audit: type=1326 audit(1748428049.670:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.2.1640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7facf098e969 code=0x7ffc0000
[  247.444923][ T8521] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1638'.
[  249.234929][ T8557] loop1: detected capacity change from 0 to 2048
[  249.288673][ T8557] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  249.440405][ T8557] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  249.478521][ T8557] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 702 with error 28
[  249.500562][ T8478] Set syz1 is full, maxelem 65536 reached
[  249.508225][ T8557] EXT4-fs (loop1): This should not happen!! Data will be lost
[  249.508225][ T8557] 
[  249.508978][ T8568] loop0: detected capacity change from 0 to 512
[  249.538819][ T8557] EXT4-fs (loop1): Total free blocks count 0
[  249.551567][ T8557] EXT4-fs (loop1): Free/Dirty block details
[  249.552285][ T8568] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  249.564221][ T8557] EXT4-fs (loop1): free_blocks=2415919104
[  249.576035][ T8557] EXT4-fs (loop1): dirty_blocks=704
[  249.581677][ T8557] EXT4-fs (loop1): Block reservation details
[  249.594982][ T8557] EXT4-fs (loop1): i_reserved_data_blocks=44
[  249.612828][ T8568] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.1657: corrupted in-inode xattr
[  249.642217][ T8568] EXT4-fs (loop0): Remounting filesystem read-only
[  249.652632][ T8568] EXT4-fs (loop0): 1 truncate cleaned up
[  249.658440][ T8568] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  249.727299][ T8575] loop2: detected capacity change from 0 to 1024
[  249.748572][ T8575] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  249.780124][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  249.805502][ T8575] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  249.831598][ T8575] JBD2: no valid journal superblock found
[  249.842040][ T8575] EXT4-fs (loop2): error loading journal
[  249.850538][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  249.903527][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1660'.
[  250.293116][ T8603] loop2: detected capacity change from 0 to 512
[  250.305023][ T8603] /dev/loop2: Can't open blockdev
[  250.500058][ T8611] loop2: detected capacity change from 0 to 1024
[  250.510623][ T8611] EXT4-fs: Ignoring removed nobh option
[  250.519861][ T8611] EXT4-fs: Ignoring removed bh option
[  250.528404][ T8611] /dev/loop2: Can't open blockdev
[  250.611557][ T8611] loop2: detected capacity change from 0 to 1024
[  250.628291][ T8611] EXT4-fs: Ignoring removed nomblk_io_submit option
[  250.635327][ T8611] /dev/loop2: Can't open blockdev
[  251.517054][ T8637] loop0: detected capacity change from 0 to 2048
[  251.589964][ T8637] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  251.673628][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  251.833743][ T8653] tmpfs: Unknown parameter 'rootcontext'
[  252.099172][ T8660] loop0: detected capacity change from 0 to 1024
[  252.107433][ T8660] EXT4-fs: Ignoring removed nobh option
[  252.113283][ T8660] EXT4-fs: Ignoring removed nobh option
[  252.125312][ T8660] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  252.141320][ T8660] EXT4-fs error (device loop0): ext4_get_journal_inode:5723: comm syz.0.1692: inode #4294967295: comm syz.0.1692: iget: illegal inode #
[  252.161881][ T8660] EXT4-fs (loop0): no journal found
[  252.168964][ T8660] EXT4-fs (loop0): can't get journal size
[  252.177308][ T8660] EXT4-fs (loop0): failed to initialize system zone (-22)
[  252.184862][ T8660] EXT4-fs (loop0): mount failed
[  252.879950][ T8680] loop3: detected capacity change from 0 to 512
[  252.940288][ T8680] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  252.982301][ T8680] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.011488][ T8688] loop2: detected capacity change from 0 to 512
[  253.046969][ T8688] /dev/loop2: Can't open blockdev
[  253.090675][ T8680] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.1699: Attempting to read directory block (0) that is past i_size (3)
[  253.268333][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  253.412691][ T8706] loop3: detected capacity change from 0 to 2048
[  253.451661][   T27] kauditd_printk_skb: 31 callbacks suppressed
[  253.451677][   T27] audit: type=1326 audit(1748428056.270:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.483033][ T8706] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  253.581598][   T27] audit: type=1326 audit(1748428056.270:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.684097][   T27] audit: type=1326 audit(1748428056.270:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efc48790887 code=0x7ffc0000
[  253.755689][   T27] audit: type=1326 audit(1748428056.270:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.829117][   T27] audit: type=1326 audit(1748428056.270:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.890596][ T8729] loop0: detected capacity change from 0 to 512
[  253.915608][   T27] audit: type=1326 audit(1748428056.270:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.969940][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  253.976966][   T27] audit: type=1326 audit(1748428056.270:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  253.978289][ T8729] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  253.999448][   T27] audit: type=1326 audit(1748428056.270:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  254.030828][   T27] audit: type=1326 audit(1748428056.290:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8707 comm="syz.0.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc4878e969 code=0x7ffc0000
[  254.054419][   T27] audit: type=1326 audit(1748428056.340:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8715 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  254.082548][ T8729] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.274917][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  254.405684][ T4336] usb 3-1: new low-speed USB device number 5 using dummy_hcd
[  254.409788][ T8753] loop1: detected capacity change from 0 to 764
[  254.470894][ T8753] Symlink component flag not implemented
[  254.496067][ T8753] Symlink component flag not implemented (7)
[  254.606105][ T4336] usb 3-1: unable to get BOS descriptor or descriptor too short
[  254.626246][ T4336] usb 3-1: unable to read config index 0 descriptor/start: -71
[  254.632455][ T8759] bond0 speed is unknown, defaulting to 1000
[  254.647737][ T4336] usb 3-1: can't read configurations, error -71
[  254.969307][ T8774] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  254.976472][ T8774] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  255.014307][ T8774] vhci_hcd vhci_hcd.0: Device attached
[  255.034202][ T8776] vhci_hcd: connection closed
[  255.037639][ T5941] vhci_hcd: stop threads
[  255.060074][ T5941] vhci_hcd: release socket
[  255.064601][ T5941] vhci_hcd: disconnect device
[  255.104634][ T8781] program syz.0.1743 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.204043][ T8767] xt_CT: You must specify a L4 protocol and not use inversions on it
[  255.366126][ T8788] Falling back ldisc for ttyS3.
[  255.397461][ T8790] netlink: 'syz.1.1745': attribute type 13 has an invalid length.
[  255.598017][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  255.604394][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  256.013416][ T8811] program syz.3.1756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.112346][ T8790] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.121702][ T8790] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.530514][ T8816] loop3: detected capacity change from 0 to 128
[  257.035813][ T8790] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.126885][ T8790] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.686479][ T8790] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.696170][ T8790] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.705067][ T8790] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.713998][ T8790] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  258.096152][ T8787] bond0 speed is unknown, defaulting to 1000
[  258.299780][ T8851] loop0: detected capacity change from 0 to 128
[  258.804530][   T27] kauditd_printk_skb: 18 callbacks suppressed
[  258.804546][   T27] audit: type=1326 audit(1748428061.620:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  258.905742][   T27] audit: type=1326 audit(1748428061.660:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  258.968045][   T27] audit: type=1326 audit(1748428061.660:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  259.056570][   T27] audit: type=1326 audit(1748428061.660:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  259.125431][   T27] audit: type=1326 audit(1748428061.660:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6398e969 code=0x7ffc0000
[  259.363233][ T8891] loop1: detected capacity change from 0 to 256
[  259.643394][ T8898] loop3: detected capacity change from 0 to 512
[  259.851270][ T8912] ipt_ECN: cannot use operation on non-tcp rule
[  259.881781][ T8898] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  259.901493][ T8898] ext4 filesystem being mounted at /343/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.940593][ T8904] loop2: detected capacity change from 0 to 8192
[  260.159212][   T27] audit: type=1800 audit(1748428062.980:791): pid=8898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1795" name="file1" dev="loop3" ino=18 res=0 errno=0
[  260.676015][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  261.173271][ T8940] loop2: detected capacity change from 0 to 512
[  261.190682][ T8940] /dev/loop2: Can't open blockdev
[  261.196293][ T8943] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1813'.
[  261.214231][ T8944] loop3: detected capacity change from 0 to 764
[  261.337800][ T8946] device bond2 entered promiscuous mode
[  261.343822][ T8946] 8021q: adding VLAN 0 to HW filter on device bond2
[  261.460951][ T8950] loop1: detected capacity change from 0 to 512
[  261.509281][ T8950] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  261.539808][ T8950] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.634702][ T8962] loop3: detected capacity change from 0 to 512
[  261.657327][ T8962] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.667015][ T8962] ext4: Unknown parameter 'seclabel'
[  261.790272][ T8946] bond2 (unregistering): Released all slaves
[  261.876781][ T8969] IPVS: Error connecting to the multicast addr
[  262.247155][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  262.270372][ T8976] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.443634][ T8976] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.520090][ T8997] lo speed is unknown, defaulting to 1000
[  262.535758][ T8997] lo speed is unknown, defaulting to 1000
[  262.543035][ T8997] lo speed is unknown, defaulting to 1000
[  262.584416][ T8997] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  262.627481][ T8976] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.662233][ T8997] lo speed is unknown, defaulting to 1000
[  262.681431][ T8997] lo speed is unknown, defaulting to 1000
[  262.699756][ T8997] lo speed is unknown, defaulting to 1000
[  262.774400][ T8976] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.844698][ T8997] lo speed is unknown, defaulting to 1000
[  262.852400][ T8997] lo speed is unknown, defaulting to 1000
[  262.991122][ T8976] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.015769][ T9011] netlink: 4 bytes leftover after parsing attributes in process `wޣ�'.
[  263.048546][ T8976] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.060226][ T9014] loop0: detected capacity change from 0 to 512
[  263.093426][ T8976] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.129203][ T8976] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.142896][ T9017] loop1: detected capacity change from 0 to 512
[  263.158368][ T9014] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  263.169207][ T9017] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  263.199332][ T9014] ext4 filesystem being mounted at /366/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.233973][ T9017] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  263.249735][ T9017] ext4 filesystem being mounted at /346/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.260139][   T27] audit: type=1800 audit(1748428066.080:792): pid=9014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1841" name="file1" dev="loop0" ino=18 res=0 errno=0
[  263.327235][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  263.381010][ T4257] EXT4-fs (loop0): unmounting filesystem.
[  263.383992][ T9029] loop3: detected capacity change from 0 to 1024
[  263.394180][ T9029] EXT4-fs: Ignoring removed orlov option
[  263.405160][ T9029] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  263.450296][   T27] audit: type=1804 audit(1748428066.270:793): pid=9029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1845" name="/newroot/352/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  263.749650][ T9040] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1851'.
[  263.764847][   T27] audit: type=1326 audit(1748428066.580:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  263.835864][ T9043] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1852'.
[  263.845927][   T27] audit: type=1326 audit(1748428066.610:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  263.907719][   T27] audit: type=1326 audit(1748428066.620:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  264.344153][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  264.448390][ T9062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1861'.
[  264.727164][ T9077] netlink: 87 bytes leftover after parsing attributes in process `syz.0.1867'.
[  264.846972][ T9082] loop0: detected capacity change from 0 to 2048
[  264.898562][ T9082] Alternate GPT is invalid, using primary GPT.
[  264.911895][ T9082]  loop0: p2 p3 p7
[  265.274131][   T27] audit: type=1326 audit(1748428068.090:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.311597][   T27] audit: type=1326 audit(1748428068.100:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.354951][   T27] audit: type=1326 audit(1748428068.100:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.408168][   T27] audit: type=1326 audit(1748428068.100:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.457781][   T27] audit: type=1326 audit(1748428068.100:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.525696][   T27] audit: type=1326 audit(1748428068.100:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.573547][ T9110] loop1: detected capacity change from 0 to 2048
[  265.611800][   T27] audit: type=1326 audit(1748428068.120:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.639897][ T9110] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  265.669587][   T27] audit: type=1326 audit(1748428068.120:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe8a738e969 code=0x7ffc0000
[  265.784312][ T9120] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  265.801030][ T9120] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 270 with error 28
[  265.816329][ T9120] EXT4-fs (loop1): This should not happen!! Data will be lost
[  265.816329][ T9120] 
[  265.845505][ T9120] EXT4-fs (loop1): Total free blocks count 0
[  265.851558][ T9120] EXT4-fs (loop1): Free/Dirty block details
[  265.891506][ T9120] EXT4-fs (loop1): free_blocks=2415919104
[  265.925452][ T9120] EXT4-fs (loop1): dirty_blocks=272
[  265.941242][ T9120] EXT4-fs (loop1): Block reservation details
[  265.965568][ T4332] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  265.966103][ T9120] EXT4-fs (loop1): i_reserved_data_blocks=17
[  265.996678][ T9123] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  266.125471][ T4332] usb 4-1: device descriptor read/64, error -71
[  266.395487][ T4332] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  266.555924][ T4332] usb 4-1: device descriptor read/64, error -71
[  266.564767][ T9145] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1897'.
[  266.625073][ T9149] loop2: detected capacity change from 0 to 512
[  266.646488][ T9149] /dev/loop2: Can't open blockdev
[  266.675732][ T4332] usb usb4-port1: attempt power cycle
[  267.105526][ T4332] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  267.146149][ T4332] usb 4-1: device descriptor read/8, error -71
[  267.224246][ T9173] loop2: detected capacity change from 0 to 512
[  267.239363][ T9173] EXT4-fs: quotafile must be on filesystem root
[  267.415483][ T4332] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  267.456199][ T4332] usb 4-1: device descriptor read/8, error -71
[  267.580278][ T4332] usb usb4-port1: unable to enumerate USB device
[  267.743565][ T9192] bond0 speed is unknown, defaulting to 1000
[  267.750769][ T9192] lo speed is unknown, defaulting to 1000
[  268.218327][ T9191] loop2: detected capacity change from 0 to 2048
[  268.249806][ T9191] /dev/loop2: Can't open blockdev
[  268.567395][ T9203] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1922'.
[  269.324940][ T9227] 8021q: adding VLAN 0 to HW filter on device bond2
[  269.426560][ T9232] bridge0: port 3(vlan0) entered blocking state
[  269.433025][ T9232] bridge0: port 3(vlan0) entered disabled state
[  269.720076][ T9247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1934'.
[  269.730739][ T9247] ------------[ cut here ]------------
[  269.736800][ T9247] WARNING: CPU: 1 PID: 9247 at net/sched/sch_taprio.c:1020 taprio_get_start_time+0x139/0x160
[  269.747109][ T9247] Modules linked in:
[  269.751062][ T9247] CPU: 1 PID: 9247 Comm: syz.4.1934 Not tainted 6.1.140-syzkaller #0
[  269.759221][ T9247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.769411][ T9247] RIP: 0010:taprio_get_start_time+0x139/0x160
[  269.775595][ T9247] Code: 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 1c 68 86 f9 4c 89 23 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 87 f1 34 f9 <0f> 0b b8 f2 ff ff ff eb e7 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c
[  269.795359][ T9247] RSP: 0018:ffffc9000c606d88 EFLAGS: 00010283
[  269.801472][ T9247] RAX: ffffffff884be589 RBX: ffffc9000c606e98 RCX: 0000000000080000
[  269.809535][ T9247] RDX: ffffc9000e319000 RSI: 0000000000005115 RDI: 0000000000005116
[  269.817588][ T9247] RBP: 0000000000000003 R08: dffffc0000000000 R09: fffffbfff211707a
[  269.825649][ T9247] R10: fffffbfff211707a R11: 1ffffffff2117079 R12: 0000003ecb0cf55a
[  269.833661][ T9247] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.841726][ T9247] FS:  00007fe8a82456c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  269.850735][ T9247] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  269.857482][ T9247] CR2: 000000110c2505ef CR3: 0000000075e00000 CR4: 00000000003506e0
[  269.865527][ T9247] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  269.873541][ T9247] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  269.881602][ T9247] Call Trace:
[  269.884909][ T9247]  <TASK>
[  269.887904][ T9247]  taprio_change+0x3daa/0x50f0
[  269.892761][ T9247]  ? taprio_destroy+0x4b0/0x4b0
[  269.897697][ T9247]  ? qdisc_create+0x7cb/0x1090
[  269.902508][ T9247]  ? ____sys_sendmsg+0x59b/0x970
[  269.907537][ T9247]  ? ___sys_sendmsg+0x21c/0x290
[  269.912442][ T9247]  ? __se_sys_sendmsg+0x19e/0x270
[  269.917566][ T9247]  ? do_syscall_64+0x4c/0xa0
[  269.922196][ T9247]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  269.928354][ T9247]  ? qdisc_alloc+0x95/0xa50
[  269.932893][ T9247]  ? fifo_init+0x3ab/0x650
[  269.937393][ T9247]  ? qdisc_peek_head+0x40/0x40
[  269.942212][ T9247]  ? qdisc_alloc+0x77a/0xa50
[  269.946892][ T9247]  ? mutex_is_locked+0xe/0x40
[  269.951631][ T9247]  ? taprio_peek+0x590/0x590
[  269.956302][ T9247]  qdisc_create+0x7cb/0x1090
[  269.960945][ T9247]  ? qdisc_notify+0x370/0x370
[  269.965711][ T9247]  ? lockdep_rtnl_is_held+0x22/0x30
[  269.970987][ T9247]  ? qdisc_lookup+0x366/0x6c0
[  269.975828][ T9247]  tc_modify_qdisc+0xb0f/0x1be0
[  269.980748][ T9247]  ? qdisc_offload_query_caps+0x140/0x140
[  269.986600][ T9247]  ? qdisc_offload_query_caps+0x140/0x140
[  269.992369][ T9247]  ? rtnetlink_rcv_msg+0x1d8/0xed0
[  269.997574][ T9247]  rtnetlink_rcv_msg+0x79b/0xed0
[  270.002556][ T9247]  ? rtnetlink_bind+0x80/0x80
[  270.007311][ T9247]  ? mark_lock+0x94/0x320
[  270.011684][ T9247]  ? __lock_acquire+0x12e5/0x7c50
[  270.016806][ T9247]  ? netlink_sendmsg+0x645/0xbc0
[  270.021786][ T9247]  ? verify_lock_unused+0x140/0x140
[  270.027129][ T9247]  netlink_rcv_skb+0x1de/0x420
[  270.031958][ T9247]  ? rtnetlink_bind+0x80/0x80
[  270.036740][ T9247]  ? netlink_ack+0x1100/0x1100
[  270.041566][ T9247]  ? netlink_deliver_tap+0x2e/0x1b0
[  270.046860][ T9247]  netlink_unicast+0x74c/0x8c0
[  270.051677][ T9247]  netlink_sendmsg+0x89e/0xbc0
[  270.056542][ T9247]  ? netlink_getsockopt+0x540/0x540
[  270.061798][ T9247]  ? aa_sock_msg_perm+0x94/0x150
[  270.062908][ T9252] loop2: detected capacity change from 0 to 512
[  270.066803][ T9247]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  270.078448][ T9247]  ? security_socket_sendmsg+0x7c/0xa0
[  270.083968][ T9247]  ? netlink_getsockopt+0x540/0x540
[  270.089265][ T9247]  ____sys_sendmsg+0x59b/0x970
[  270.094096][ T9247]  ? __sys_sendmsg_sock+0x30/0x30
[  270.099208][ T9247]  ? __import_iovec+0x315/0x500
[  270.104115][ T9247]  ? import_iovec+0x6f/0xa0
[  270.108709][ T9247]  ___sys_sendmsg+0x21c/0x290
[  270.113442][ T9247]  ? __sys_sendmsg+0x270/0x270
[  270.118346][ T9247]  ? __fdget+0x17c/0x200
[  270.122729][ T9247]  __se_sys_sendmsg+0x19e/0x270
[  270.127665][ T9247]  ? __se_sys_futex+0x14a/0x440
[  270.132584][ T9247]  ? __x64_sys_sendmsg+0x80/0x80
[  270.137633][ T9247]  ? lockdep_hardirqs_on+0x94/0x140
[  270.142880][ T9247]  do_syscall_64+0x4c/0xa0
[  270.144107][ T9252] /dev/loop2: Can't open blockdev
[  270.147360][ T9247]  ? clear_bhb_loop+0x60/0xb0
[  270.147389][ T9247]  ? clear_bhb_loop+0x60/0xb0
[  270.147414][ T9247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.147449][ T9247] RIP: 0033:0x7fe8a738e969
[  270.147483][ T9247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.192018][ T9247] RSP: 002b:00007fe8a8245038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.200507][ T9247] RAX: ffffffffffffffda RBX: 00007fe8a75b5fa0 RCX: 00007fe8a738e969
[  270.208545][ T9247] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  270.216590][ T9247] RBP: 00007fe8a7410ab1 R08: 0000000000000000 R09: 0000000000000000
[  270.224607][ T9247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  270.232685][ T9247] R13: 0000000000000000 R14: 00007fe8a75b5fa0 R15: 00007fff2e0d6d28
[  270.240818][ T9247]  </TASK>
[  270.244037][ T9247] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  270.251335][ T9247] CPU: 1 PID: 9247 Comm: syz.4.1934 Not tainted 6.1.140-syzkaller #0
[  270.259415][ T9247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  270.269474][ T9247] Call Trace:
[  270.272756][ T9247]  <TASK>
[  270.275698][ T9247]  dump_stack_lvl+0x168/0x22e
[  270.280394][ T9247]  ? memcpy+0x3c/0x60
[  270.284383][ T9247]  ? show_regs_print_info+0x12/0x12
[  270.289592][ T9247]  ? load_image+0x3b0/0x3b0
[  270.294125][ T9247]  panic+0x2c9/0x710
[  270.298040][ T9247]  ? bpf_jit_dump+0xd0/0xd0
[  270.302575][ T9247]  __warn+0x2f8/0x4f0
[  270.306569][ T9247]  ? taprio_get_start_time+0x139/0x160
[  270.312043][ T9247]  ? taprio_get_start_time+0x139/0x160
[  270.317516][ T9247]  report_bug+0x2ba/0x4f0
[  270.321863][ T9247]  ? taprio_get_start_time+0x139/0x160
[  270.327339][ T9247]  handle_bug+0x3a/0x70
[  270.331522][ T9247]  exc_invalid_op+0x16/0x40
[  270.336057][ T9247]  asm_exc_invalid_op+0x16/0x20
[  270.341025][ T9247] RIP: 0010:taprio_get_start_time+0x139/0x160
[  270.347112][ T9247] Code: 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 1c 68 86 f9 4c 89 23 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 87 f1 34 f9 <0f> 0b b8 f2 ff ff ff eb e7 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c
[  270.366815][ T9247] RSP: 0018:ffffc9000c606d88 EFLAGS: 00010283
[  270.372891][ T9247] RAX: ffffffff884be589 RBX: ffffc9000c606e98 RCX: 0000000000080000
[  270.380870][ T9247] RDX: ffffc9000e319000 RSI: 0000000000005115 RDI: 0000000000005116
[  270.388858][ T9247] RBP: 0000000000000003 R08: dffffc0000000000 R09: fffffbfff211707a
[  270.396836][ T9247] R10: fffffbfff211707a R11: 1ffffffff2117079 R12: 0000003ecb0cf55a
[  270.404815][ T9247] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.412802][ T9247]  ? taprio_get_start_time+0x139/0x160
[  270.418288][ T9247]  ? taprio_get_start_time+0x139/0x160
[  270.423763][ T9247]  taprio_change+0x3daa/0x50f0
[  270.428553][ T9247]  ? taprio_destroy+0x4b0/0x4b0
[  270.433415][ T9247]  ? qdisc_create+0x7cb/0x1090
[  270.438194][ T9247]  ? ____sys_sendmsg+0x59b/0x970
[  270.443168][ T9247]  ? ___sys_sendmsg+0x21c/0x290
[  270.448034][ T9247]  ? __se_sys_sendmsg+0x19e/0x270
[  270.453079][ T9247]  ? do_syscall_64+0x4c/0xa0
[  270.457679][ T9247]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.463776][ T9247]  ? qdisc_alloc+0x95/0xa50
[  270.468298][ T9247]  ? fifo_init+0x3ab/0x650
[  270.472724][ T9247]  ? qdisc_peek_head+0x40/0x40
[  270.477499][ T9247]  ? qdisc_alloc+0x77a/0xa50
[  270.482237][ T9247]  ? mutex_is_locked+0xe/0x40
[  270.486961][ T9247]  ? taprio_peek+0x590/0x590
[  270.491578][ T9247]  qdisc_create+0x7cb/0x1090
[  270.496205][ T9247]  ? qdisc_notify+0x370/0x370
[  270.500903][ T9247]  ? lockdep_rtnl_is_held+0x22/0x30
[  270.506115][ T9247]  ? qdisc_lookup+0x366/0x6c0
[  270.510815][ T9247]  tc_modify_qdisc+0xb0f/0x1be0
[  270.515695][ T9247]  ? qdisc_offload_query_caps+0x140/0x140
[  270.521449][ T9247]  ? qdisc_offload_query_caps+0x140/0x140
[  270.527186][ T9247]  ? rtnetlink_rcv_msg+0x1d8/0xed0
[  270.532316][ T9247]  rtnetlink_rcv_msg+0x79b/0xed0
[  270.537276][ T9247]  ? rtnetlink_bind+0x80/0x80
[  270.541999][ T9247]  ? mark_lock+0x94/0x320
[  270.546384][ T9247]  ? __lock_acquire+0x12e5/0x7c50
[  270.551484][ T9247]  ? netlink_sendmsg+0x645/0xbc0
[  270.556465][ T9247]  ? verify_lock_unused+0x140/0x140
[  270.561704][ T9247]  netlink_rcv_skb+0x1de/0x420
[  270.566504][ T9247]  ? rtnetlink_bind+0x80/0x80
[  270.571198][ T9247]  ? netlink_ack+0x1100/0x1100
[  270.575986][ T9247]  ? netlink_deliver_tap+0x2e/0x1b0
[  270.581221][ T9247]  netlink_unicast+0x74c/0x8c0
[  270.586016][ T9247]  netlink_sendmsg+0x89e/0xbc0
[  270.590810][ T9247]  ? netlink_getsockopt+0x540/0x540
[  270.596026][ T9247]  ? aa_sock_msg_perm+0x94/0x150
[  270.601001][ T9247]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  270.606299][ T9247]  ? security_socket_sendmsg+0x7c/0xa0
[  270.611812][ T9247]  ? netlink_getsockopt+0x540/0x540
[  270.617029][ T9247]  ____sys_sendmsg+0x59b/0x970
[  270.621843][ T9247]  ? __sys_sendmsg_sock+0x30/0x30
[  270.626882][ T9247]  ? __import_iovec+0x315/0x500
[  270.631757][ T9247]  ? import_iovec+0x6f/0xa0
[  270.636271][ T9247]  ___sys_sendmsg+0x21c/0x290
[  270.640973][ T9247]  ? __sys_sendmsg+0x270/0x270
[  270.645806][ T9247]  ? __fdget+0x17c/0x200
[  270.650088][ T9247]  __se_sys_sendmsg+0x19e/0x270
[  270.654980][ T9247]  ? __se_sys_futex+0x14a/0x440
[  270.659860][ T9247]  ? __x64_sys_sendmsg+0x80/0x80
[  270.664828][ T9247]  ? lockdep_hardirqs_on+0x94/0x140
[  270.670070][ T9247]  do_syscall_64+0x4c/0xa0
[  270.674525][ T9247]  ? clear_bhb_loop+0x60/0xb0
[  270.679215][ T9247]  ? clear_bhb_loop+0x60/0xb0
[  270.683905][ T9247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.689824][ T9247] RIP: 0033:0x7fe8a738e969
[  270.694262][ T9247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.713915][ T9247] RSP: 002b:00007fe8a8245038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.722351][ T9247] RAX: ffffffffffffffda RBX: 00007fe8a75b5fa0 RCX: 00007fe8a738e969
[  270.730340][ T9247] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  270.738323][ T9247] RBP: 00007fe8a7410ab1 R08: 0000000000000000 R09: 0000000000000000
[  270.746305][ T9247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  270.754283][ T9247] R13: 0000000000000000 R14: 00007fe8a75b5fa0 R15: 00007fff2e0d6d28
[  270.762275][ T9247]  </TASK>
[  270.765639][ T9247] Kernel Offset: disabled
[  270.770072][ T9247] Rebooting in 86400 seconds..