last executing test programs:

3.163232937s ago: executing program 1 (id=899):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x301000, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
flock(r0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r1, 0x1)
flock(r1, 0x2)

2.927109736s ago: executing program 3 (id=905):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2.897472038s ago: executing program 3 (id=908):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000080)='bpf\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00')
readlinkat(r3, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/204, 0xcc)

2.557948925s ago: executing program 3 (id=909):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000002"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
fdatasync(0xffffffffffffffff)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

2.283865497s ago: executing program 3 (id=914):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000003, 0x2, @perf_config_ext={0x8, 0x4}, 0x8, 0x0, 0x800000, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000000000c0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = memfd_secret(0x0)
ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000100)=""/75)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.171867326s ago: executing program 1 (id=916):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x10)
r0 = gettid()
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x69, 0x8}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={0x0, 0x0, 0x1a}, 0x28)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000200)="0517c100", 0x4, 0x50, &(0x7f0000000080)={0x11, 0x8100, r2, 0x1, 0x0, 0x6, @remote}, 0x14)

2.032942078s ago: executing program 1 (id=921):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r2, 0x400, 0x1)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r3, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.858219931s ago: executing program 3 (id=923):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x6e22, 0x2, @empty, 0xb}, 0x1c)
listen(r2, 0x204)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth0_to_bridge\x00', 0x10)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r1, 0x0)

1.788331087s ago: executing program 3 (id=924):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0xa0380, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c00)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000280000000000000095000000000000002ba724a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4308123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762011052eac2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dc8aff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e4b9ec7a410ec42315255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e993ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798ab20000000bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d2000000000000000819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba84279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5603a9d801300000000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9060000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d74df524b760ab92efcce7dd1574052c73596f860221156437f4d6b76ecc4b35bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d535556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba0790ee0d112f99e59ba82e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee52303da186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c44500f8ffff970d5254727e804fbd99ccefb7c09269dd2c5ca93125e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c1b04e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305977eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f87204311327c18380fedf3d309d8549f99bf6c5cb060fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f39d01719cdbab3f1ce1060f3e6806e774a5f079c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae794286b6c3e1f5a76b85ed6e1f0000c608b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a650be5114c31582d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc882d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1951393352bc756f3fcaad2c1c399a3e43eaaeca70db90f2fa395964434476719334482eb5424c81814079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fbdd351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd61dfb3de7f503d58ac8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2dff78ce9308c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416f80ba17d21d53961471b2d2d459e4bb23230d676ca49633b25e26a322024beb7c3427da59f7daa70a5d44a0eb895f29245df6401295d3da9399507126a3be932f47fe61ef1bfe83086651af7e23c2a8fa702b9aaa65aa3edaaa6b3f5a0c7cdfd008c898d73bb97168ca390ef539800000000000077a5ad1e683aeff92bb0b66b33ed878df1e344b99450086c819bf174578705c049d2fb25a91ba04643cde1a3c391d8646e5249dbf28b13b1c4d5127f685ee0c0576bf74e17cd3b4df4eb7095e504e361689572b0f93ff1dc6f52e8728a03e5a4df80a32c6055df8f4f4152c0d74d793b20ac2cfa907b5af80716118f82027d3e4cb096fe86de545008b85cb9b637bca30d765b0c3ad489db32955454dcfe000000002830e5e125322d2f5829040a91405bf2fe5bf14833fd7b1e72c775f267bc4511183096eff3188a288c408b10285e7ec75f826e9b08a82cde1f4470545eebc71440623752e87ecc689b7fec2f667e22705b4660b2ef936cce446244bb48f8c7d062ea4a955facf6c2957cfb3c3ee9229efab5b72a5c5266eb493c7c3b08a91971692d9673cb9df620a8240d4f94b9fafd8e2bf0f9cedd1e08f4f10fd8f25f3169ed878624adccb5572cb918e0e3ba7e4ac0967aa65241903509778e63bebf00107524f858d7d48ef9e2c112c75d732344dc0a9bc506172d5a45e3bcb203862307c24c20fe1ffe6b5a43dbc1b20156161b5f59ab9955f2a6fbc64f547a671ded4896d8c4bac78f23e15c8e6cb72599d27607e5a1ad434cdee73d026e5dd14d9824202052181dda714fff7dc43444bc948541f641ac8215a5dae7fa8a50897b916a856aedcdf16be8736b33823ab7b2f1c77554bf2c36e412fcdc2c7c2bf0499ed5dfe84db2d7d3bb802f47dd2ebb7945e09f542d464dfbd2c70a90ab36ebd331a6549fa16f2e83a06c512c83eec56b5b94040d31da56e021a48c8651ebf3e1f8931a6d18150f1d76d07e7d8ecacbed15e9c2a50e610f1d0b523083b182cde6cf655ddd45409400c23fb89eba0db0ab4eee055a60a6ac7fea75703e8e4d737bfabae0fc3c1406b6b454ba694673a69b1782eb0052c2a4e251c8f96c7bcab1845dc347ded7fb207fd19f2bea2e496d63613af735b8e8376658ce4b43a09b53846f0a0218661d917e39bcd79063128f4c5c570b6214db8ed5e1255d48725ad8dc0d3c5aafafb47095dc1f3572650e4b3d0540cec5340638d325897dc3ecc721634875abc32f6ea1c28bf579013269343786a7e8389df8bf34fee174310f070f0abfb9b5e035aa32be5721b5c8475faba7cce82fc9af55e73d8398a45dd151b0a1490700c02135e81d4153c992e171cec6720269625daec40c909f2bb92f9dae7e7caf86be26f080daeb973bd5912562e4211ef924f284dd583537e15b342ef7a7c3cf4c976742c086915d8d92be7e9f9464fb12fa3908c957ae1b2e4443be891828c9cf41036fcd4d871080e4d035c6dcab88a13704f0538c48d7b24f35282adaa33f588ecd4ce7eb861023e10c5adfd80df856524d14c6485198bb7045921f8ca677a7e50123d8ad717d259f31e4f4808f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f00000001c0)=r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

1.306530406s ago: executing program 4 (id=936):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f00000007c0)={0x1d0, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x9}, {0xc, 0x90, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0xfffffffffffffff9}, {0xc, 0x90, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0xc356}, {0xc, 0x90, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x40}, {0xc, 0x90, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0x4}, {0xc, 0x90, 0x3}}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
socket$nl_generic(0x11, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r2, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

1.2580976s ago: executing program 4 (id=937):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x14, 0x6, 0x1, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xf}}}}}}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r3 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0xfffffffc, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

1.232869611s ago: executing program 4 (id=938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
syz_clone(0x500, 0x0, 0x0, 0x0, 0x0, 0x0)

1.151997578s ago: executing program 1 (id=940):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x2, 0x1}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000090}, 0x95)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r2 = dup3(r0, r1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)

1.074040794s ago: executing program 1 (id=943):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000011c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095000000000000009957f332f9ffffff"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)

667.901497ms ago: executing program 4 (id=945):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0xb, 0xfa00, @id_afonly={0x0, 0xffffffffffffffff, 0x0, 0x2, 0xfffffffffffffe44}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0, 0x800)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
open(0x0, 0x4000, 0x0)

465.321173ms ago: executing program 4 (id=948):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
getpriority(0x1000000, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000b00)={0x17, 0xde, &(0x7f0000000a00)="a4b0bd466ebd56bcc92886d6b740ee6af3526ddf67443a3bf9b6b0c3e4504e7061a3da69c90c8fad3f87a5dd64cab09d6bf6b47d5a836fcdc143e80fa3629026cb81793b360629645c2e7928062a061a1295f0cbd001843fbd32248fc173f9af1830687e74478a7087427e079fd4c1c63067d93e09d3aceb9983b379baaa844372045f93dbe473d99371c7422a59447f0d69a67f2f4b55569f19bbec9566eb707339dbe923f310acd460045209bb54b6f4fce7bbc9fb08acc81e46faa4360497969440575df51ccd7eaa5f49e33d3cde2fc0f2416e63d01279a91101aaf5"})
wait4(0x0, 0x0, 0x40000000, 0x0)

364.580111ms ago: executing program 4 (id=951):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r2, 0x400, 0x1)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r3, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

294.700947ms ago: executing program 0 (id=953):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='afs_flock_ev\x00', 0xffffffffffffffff, 0x0, 0xbb1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x2000002, &(0x7f0000000180)={[], [{@dont_appraise}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fowner_eq}, {@uid_eq}, {@subj_type={'subj_type', 0x3d, ')!\\'}}]}, 0x1, 0x7ac, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJImTYuJIGg9BQQNlCamxlbBQ8WDCBYKerYNyTbUbLIluylNCLRFBC+CigdBLz37o968+uOq/4UHsVRNixUPEpnNTLNJNtskTXa1+XxgMu/Nj33vuzPz5m1mmAlg3xpI/xQijkTEB0lEX2FlehIRXbVUZ8SpleXuLi2Op0MSy8tv/J7UlrmztDief1aSjQ9lmSci4vt3I44WNpZbmV+YGiuVirNZfrg6fXG4Mr9w7ML02GRxsjhzYmR09PjJ50+e2L1Y//xp4fDND1995qtTf7/z+I33f0jiVBzO5tXHsVsGYiD7TrrSr3CNV3a7sDZL2l0BdiQ9NDtWjvI4En3RUUsBAA+zKxGxDADsM4nzPwDsM/n/Ae4sLY7nQ3v/I9Fat16OiJ6V+PPrmytzOrNrdj2166C9d5I1V0aSiOjfhfIHIuKzb976Ih1ij65DAjRy9VpEnOsfWNP+1xq6ZMM9C9v1bJN5B7LxwLrp2j9onW/T/s8Ljfp/hXv9n2jQ/+lucOzuxH2P/4NNVu548PLT/t9Ldfe23a2LP9PfkeWWO9I+X1dy/kKpmLZtj0TEYHR1p/mRJmUM3v7n9mbz6vt/f3z09udp+el4dYnCr53da9eZGKuOPUjM9W5di3iys1H8yb3tn2zS/z2zxTJee/G9Tzebl8afxpsPG+OP7O6kvbF8PeLphtt/9Y62pOn9icO13WE43yka+PrnT3o3Kz/f/gezcVp+/lugFdLt39s8/v6k/n7NyvbL+PF633ebzavf/xvHv27/z6uVvFkb5f2Iy2PV6uxIxIHk9Y3Tj6+unufz5dP4B59qfPw32//T34Tnthh/583fvtwwsa7tah5/Iw1uqN2hNP6JbW3/7Sdu3J3atKXe0vYvjNZSg9mUBu3flfWfu9UKPuj3BwAAAAAAAAAAAAAAAAAAAAAAAABbUYiIw5EUhu6lC4WhoZV3eD8WvYVSuVI9er48NzMRtXdl90dXIX/UZV+sPg91JHsefp4/XpfviVLxuYh4NCI+7j6Y5M9RnGhz7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQO7Ty/v8k1r3/P/VLd5srBwDsnZ52VwAAaDnnfwDYf5z/AWD/2f75v3NP6gEAtI7f/wCw/+z8/J/saj0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4aJ05fTodlv9aWhxP8xOX5uemypeOTRQrU0PTc+ND4+XZi0OT5fJkqTg0Xp6+3+eVyuWLozEzd3m4WqxUhyvzC2eny3Mz1bMXpscmi2eLXS2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pzK/MDVWKhVnJXaQWP5vVOO+iQOxx0V0ZLtT2yNNE1cjopWFJu0PuUkiiaS2aba7elubJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/jX8DAAD//8KhGgA=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000540)}, 0x20)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setresuid(0xee00, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8923, &(0x7f0000000000)={'vlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}})

267.085039ms ago: executing program 2 (id=954):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0x14020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xc}, 0x100202, 0x0, 0xfffffffe, 0x0, 0x40, 0xfffffffe, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r3, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r3, 0x1)

242.388261ms ago: executing program 0 (id=955):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
writev(r4, &(0x7f00000006c0)=[{&(0x7f0000000700)="dc", 0x1}], 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
close_range(r2, 0xffffffffffffffff, 0x0)

216.622043ms ago: executing program 2 (id=956):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(r1)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000019000100000000000000000000000000000000000000000000000000fe8000000000000000833449155bf3c2640000000000000002"], 0xb8}}, 0x0)

208.773234ms ago: executing program 2 (id=957):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x4e22, @rand_addr=0x64010101}, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e24, @rand_addr=0x64010106}, 0x104, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000380)='ip6_vti0\x00', 0x9a, 0x0, 0x4})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f00001d8000/0x2000)=nil, 0x2000, 0x8, 0x12, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000540), 0x84)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x20e, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x8, 0x0, 0x20000002}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x5}, 0x18)
munmap(&(0x7f00001d9000/0x3000)=nil, 0x3000)

207.888114ms ago: executing program 0 (id=958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/15], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0500"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r3, &(0x7f00000007c0)}, 0x20)

186.065596ms ago: executing program 0 (id=959):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000}, 0x0, 0x10, 0x0, 0x0, 0x7, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
write$cgroup_int(r2, &(0x7f0000000240)=0x2, 0x12)

176.919286ms ago: executing program 1 (id=960):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

116.386151ms ago: executing program 2 (id=961):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x4, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x1ff, 0x4, 0x0, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x2, 0xb1e, 0x1, 0xffffffff}}]}]}}}]}, 0x6c}}, 0x0)

67.767835ms ago: executing program 2 (id=962):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8020, {0x0, 0x0, 0x0, r3, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x5, 0x7}, {}, {0xa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x22044028}, 0x84)

40.676527ms ago: executing program 0 (id=963):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xc)
r2 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e0000001"], 0x38}}, 0x0)

1.11094ms ago: executing program 2 (id=964):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
timerfd_create(0x0, 0x1000)
clock_gettime(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, 0x0, 0x0)
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)

0s ago: executing program 0 (id=965):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000e40)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xd, 0xd0ea, 0x20000001, 0x3, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x2c, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {}, {0xb, 0xfff3}}, [@TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)

kernel console output (not intermixed with test programs):

  option from the mount to silence this warning.
[   29.859121][ T3531] =======================================================
[   29.908883][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   29.920435][ T3285]  loop0: p1 p2 p4 < >
[   29.933903][ T3285] loop0: p1 start 4261412864 is beyond EOD, truncated
[   29.940822][ T3285] loop0: p2 start 4009754624 is beyond EOD, truncated
[   29.966821][ T3519]  loop0: p1 p2 p4 < >
[   29.971136][ T3519] loop0: p1 start 4261412864 is beyond EOD, truncated
[   29.978098][ T3519] loop0: p2 start 4009754624 is beyond EOD, truncated
[   29.990536][ T3538] serio: Serial port ptm0
[   29.993393][ T3540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18'.
[   30.003908][ T3540] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18'.
[   30.183301][ T3535] udevd[3535]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   30.238225][ T3549] syz.0.30 (3549) used greatest stack depth: 10048 bytes left
[   30.303583][ T3572] bridge0: port 3(veth1) entered blocking state
[   30.310128][ T3572] bridge0: port 3(veth1) entered disabled state
[   30.316747][ T3572] veth1: entered allmulticast mode
[   30.322561][ T3572] veth1: entered promiscuous mode
[   30.329431][ T3567] ALSA: seq fatal error: cannot create timer (-19)
[   30.329913][ T3572] bridge0: port 3(veth1) entered blocking state
[   30.342564][ T3572] bridge0: port 3(veth1) entered forwarding state
[   30.566394][ T3604] pim6reg1: entered promiscuous mode
[   30.571864][ T3604] pim6reg1: entered allmulticast mode
[   31.109474][ T3697] netlink: 4 bytes leftover after parsing attributes in process `syz.3.50'.
[   31.119088][ T3697] netlink: 32 bytes leftover after parsing attributes in process `syz.3.50'.
[   31.251345][ T3719] loop4: detected capacity change from 0 to 512
[   31.265449][ T3719] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   31.276801][ T3719] EXT4-fs (loop4): orphan cleanup on readonly fs
[   31.283425][ T3719] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.52: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[   31.305736][ T3719] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.52: Bad quota inode: 3, type: 0
[   31.317358][ T3721] loop1: detected capacity change from 0 to 4096
[   31.324501][ T3719] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   31.339375][ T3719] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   31.347855][ T3721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.361636][ T3719] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   31.383501][ T3721] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.53: corrupted inode contents
[   31.404509][ T3721] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.53: mark_inode_dirty error
[   31.416527][ T3721] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.53: corrupted inode contents
[   31.416671][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.429352][ T3721] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #15: comm syz.1.53: mark_inode_dirty error
[   31.449804][ T3721] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.53: corrupted inode contents
[   31.455645][ T3729] netlink: 'syz.1.53': attribute type 13 has an invalid length.
[   31.464062][ T3721] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #15: comm syz.1.53: mark_inode_dirty error
[   31.482800][ T3721] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.53: corrupted inode contents
[   31.495755][ T3721] EXT4-fs error (device loop1): ext4_truncate:4666: inode #15: comm syz.1.53: mark_inode_dirty error
[   31.507063][ T3721] EXT4-fs error (device loop1) in ext4_setattr:6071: Corrupt filesystem
[   31.549566][ T3729] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.556749][ T3729] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.613697][ T3736] netlink: 32 bytes leftover after parsing attributes in process `syz.0.56'.
[   31.636307][ T3729] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   31.649240][ T3729] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   31.704801][   T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.713898][   T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.725992][   T12] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.735072][   T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.762438][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.849789][ T3746] syz.1.59 uses obsolete (PF_INET,SOCK_PACKET)
[   32.000827][ T3751] loop3: detected capacity change from 0 to 1024
[   32.007837][ T3751] EXT4-fs: Ignoring removed orlov option
[   32.021140][ T3751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.353840][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.959837][ T3836] loop4: detected capacity change from 0 to 164
[   32.971092][ T3836] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   32.988645][ T3836] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   33.006231][ T3836] Symlink component flag not implemented
[   33.011913][ T3836] Symlink component flag not implemented
[   33.025644][ T3836] Symlink component flag not implemented (7)
[   33.031760][ T3836] Symlink component flag not implemented (116)
[   33.109823][    C1] hrtimer: interrupt took 54289 ns
[   33.227581][ T3850] netlink: 28 bytes leftover after parsing attributes in process `syz.4.76'.
[   33.236708][ T3850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.76'.
[   33.246055][ T3850] netlink: 28 bytes leftover after parsing attributes in process `syz.4.76'.
[   33.267436][ T3850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.76'.
[   33.321742][ T3854] pim6reg1: entered promiscuous mode
[   33.327321][ T3854] pim6reg1: entered allmulticast mode
[   33.432442][ T3858] Driver unsupported XDP return value 0 on prog  (id 65) dev N/A, expect packet loss!
[   33.861700][ T3881] syz.0.88 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   34.043348][ T3889] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   34.284960][ T3899] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.292329][ T3899] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.330608][ T3905] loop2: detected capacity change from 0 to 8192
[   34.342013][   T29] kauditd_printk_skb: 227 callbacks suppressed
[   34.342031][   T29] audit: type=1400 audit(1755470611.253:350): avc:  denied  { mount } for  pid=3903 comm="syz.2.99" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   34.376996][   T29] audit: type=1400 audit(1755470611.283:351): avc:  denied  { write } for  pid=3904 comm="syz.3.98" path="socket:[8115]" dev="sockfs" ino=8115 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   34.401414][   T29] audit: type=1400 audit(1755470611.293:352): avc:  denied  { write } for  pid=3907 comm="syz.1.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   34.492876][   T29] audit: type=1400 audit(1755470611.403:353): avc:  denied  { unmount } for  pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   34.550743][   T29] audit: type=1326 audit(1755470611.463:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.556221][ T3899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   34.574415][   T29] audit: type=1326 audit(1755470611.463:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.574450][   T29] audit: type=1326 audit(1755470611.463:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.574474][   T29] audit: type=1326 audit(1755470611.463:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.574526][   T29] audit: type=1326 audit(1755470611.463:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.574551][   T29] audit: type=1326 audit(1755470611.463:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.2.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   34.633801][ T3913] loop0: detected capacity change from 0 to 164
[   34.667409][ T3899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   34.744117][ T3913] process 'syz.0.102' launched '/dev/fd/3' with NULL argv: empty string added
[   34.783719][ T3913] syz.0.102: attempt to access beyond end of device
[   34.783719][ T3913] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   34.802517][ T3913] syz.0.102: attempt to access beyond end of device
[   34.802517][ T3913] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   34.833443][ T3778] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   34.842919][ T3778] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   34.855530][ T3921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   34.871596][ T3778] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   34.881934][ T3778] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   34.896817][ T3921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   34.907662][ T3915] batman_adv: batadv0: Adding interface: dummy0
[   34.913975][ T3915] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   34.916064][ T3926] netlink: 12 bytes leftover after parsing attributes in process `syz.1.107'.
[   34.942404][ T3915] batman_adv: batadv0: Interface activated: dummy0
[   34.968687][ T3915] batadv0: mtu less than device minimum
[   34.974779][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.985716][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.996553][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.007543][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.018679][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.029549][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.040452][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.051288][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.062123][ T3915] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.612087][ T3958] syzkaller0: entered promiscuous mode
[   35.617800][ T3958] syzkaller0: entered allmulticast mode
[   35.896219][ T3967] loop3: detected capacity change from 0 to 1024
[   35.992195][ T3967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.007966][ T3967] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.128414][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.311092][ T3998] netlink: 'syz.4.132': attribute type 1 has an invalid length.
[   36.351031][ T3998] netlink: 8 bytes leftover after parsing attributes in process `syz.4.132'.
[   36.364014][ T3998] 8021q: adding VLAN 0 to HW filter on device batadv1
[   36.372314][ T3998] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[   36.388198][ T3998] bond1 (unregistering): (slave batadv1): Releasing backup interface
[   36.398674][ T3998] bond1 (unregistering): Released all slaves
[   36.611754][ T4027] hsr0: entered promiscuous mode
[   36.632389][ T4027] netlink: 4 bytes leftover after parsing attributes in process `syz.4.143'.
[   36.669500][ T4027] hsr_slave_0: left promiscuous mode
[   36.706633][ T4027] hsr_slave_1: left promiscuous mode
[   36.795939][ T4027] hsr0 (unregistering): left promiscuous mode
[   36.931332][ T4041] mmap: syz.4.148 (4041) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   37.041926][ T4050] loop2: detected capacity change from 0 to 1024
[   37.069622][ T4050] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   37.106461][ T4050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.212644][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.319052][ T4069] netlink: 60 bytes leftover after parsing attributes in process `syz.2.155'.
[   37.581044][ T4091] netlink: 96 bytes leftover after parsing attributes in process `syz.3.169'.
[   37.587475][ T4092] loop4: detected capacity change from 0 to 512
[   37.596828][ T4089] syzkaller0: entered allmulticast mode
[   37.615158][ T4092] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   37.628629][ T4092] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   37.656226][ T4089] syzkaller0: entered promiscuous mode
[   37.668856][ T4096] syzkaller0 (unregistering): left allmulticast mode
[   37.675702][ T4096] syzkaller0 (unregistering): left promiscuous mode
[   37.686500][ T4092] EXT4-fs (loop4): 1 truncate cleaned up
[   37.694437][ T4092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.708692][ T4092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.833563][ T4112] netlink: 'syz.0.178': attribute type 12 has an invalid length.
[   38.180901][ T4140] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.316180][ T4140] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.364696][ T4145] loop4: detected capacity change from 0 to 512
[   38.381451][ T4145] EXT4-fs: Ignoring removed nobh option
[   38.402433][ T4140] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.430736][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm wÞ£ÿ: corrupted inode contents
[   38.449601][ T4140] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.460474][ T4145] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm wÞ£ÿ: mark_inode_dirty error
[   38.487963][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm wÞ£ÿ: corrupted inode contents
[   38.514831][ T4145] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm wÞ£ÿ: mark_inode_dirty error
[   38.530073][ T3788] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.542919][ T3788] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.552648][ T4145] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm wÞ£ÿ: Failed to acquire dquot type 0
[   38.591284][ T3788] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.601257][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm wÞ£ÿ: corrupted inode contents
[   38.614109][ T4145] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm wÞ£ÿ: mark_inode_dirty error
[   38.625507][ T3785] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.647942][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm wÞ£ÿ: corrupted inode contents
[   38.664395][ T4145] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm wÞ£ÿ: mark_inode_dirty error
[   38.677505][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm wÞ£ÿ: corrupted inode contents
[   38.689627][ T4145] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   38.700130][ T4145] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm wÞ£ÿ: corrupted inode contents
[   38.712216][ T4145] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm wÞ£ÿ: mark_inode_dirty error
[   38.743049][ T4145] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   38.769956][ T4145] EXT4-fs (loop4): 1 truncate cleaned up
[   38.776470][ T4145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.792713][ T4145] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.910131][ T4145] wÞ£ÿ (4145) used greatest stack depth: 9760 bytes left
[   38.925986][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.068213][ T4170] bridge: RTM_NEWNEIGH with invalid ether address
[   39.271814][ T4168] loop0: detected capacity change from 0 to 512
[   39.432663][ T4168] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.201: error while reading EA inode 32 err=-116
[   39.596239][ T4168] EXT4-fs (loop0): Remounting filesystem read-only
[   39.603152][ T4168] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   39.617703][ T4168] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   39.647806][ T4190] syzkaller0: entered promiscuous mode
[   39.653329][ T4190] syzkaller0: entered allmulticast mode
[   39.697026][ T4168] EXT4-fs (loop0): 1 orphan inode deleted
[   39.722950][ T4192] unsupported nla_type 52263
[   39.732429][ T4168] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.803742][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.999802][   T29] kauditd_printk_skb: 443 callbacks suppressed
[   39.999819][   T29] audit: type=1400 audit(1755470616.913:801): avc:  denied  { ioctl } for  pid=4206 comm="syz.0.213" path="socket:[9249]" dev="sockfs" ino=9249 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   40.069135][ T4216] ref_ctr increment failed for inode: 0xcc offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff8881097aa280
[   40.075679][   T29] audit: type=1326 audit(1755470616.973:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.103938][   T29] audit: type=1326 audit(1755470616.973:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.127242][   T29] audit: type=1326 audit(1755470616.973:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.150668][   T29] audit: type=1326 audit(1755470616.973:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.174149][   T29] audit: type=1326 audit(1755470616.973:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4dd767d550 code=0x7ffc0000
[   40.197640][   T29] audit: type=1326 audit(1755470616.973:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.221085][   T29] audit: type=1326 audit(1755470616.973:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.244473][   T29] audit: type=1326 audit(1755470616.973:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.268027][   T29] audit: type=1326 audit(1755470616.973:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4213 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4dd767ebe9 code=0x7ffc0000
[   40.292986][ T4216] uprobe: syz.0.216:4216 failed to unregister, leaking uprobe
[   40.381619][ T4235] loop3: detected capacity change from 0 to 512
[   40.406825][ T4235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.419877][ T4235] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.438216][ T4235] netlink: 'syz.3.222': attribute type 1 has an invalid length.
[   40.446045][ T4235] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.222'.
[   40.475228][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.551353][ T4251] syzkaller0: entered allmulticast mode
[   40.558798][ T4251] syzkaller0: entered promiscuous mode
[   40.570719][ T4251] syzkaller0 (unregistering): left allmulticast mode
[   40.577560][ T4251] syzkaller0 (unregistering): left promiscuous mode
[   40.627319][ T4255] loop0: detected capacity change from 0 to 1764
[   40.715611][ T4260] bridge0: entered promiscuous mode
[   40.721432][ T4260] macsec1: entered promiscuous mode
[   40.727821][ T4260] bridge0: port 3(macsec1) entered blocking state
[   40.734299][ T4260] bridge0: port 3(macsec1) entered disabled state
[   40.741150][ T4260] macsec1: entered allmulticast mode
[   40.746513][ T4260] bridge0: entered allmulticast mode
[   40.752877][ T4260] macsec1: left allmulticast mode
[   40.758084][ T4260] bridge0: left allmulticast mode
[   40.764300][ T4260] bridge0: left promiscuous mode
[   40.906248][ T4267] ------------[ cut here ]------------
[   40.912088][ T4267] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0)(1)
[   40.936585][ T4267] WARNING: CPU: 1 PID: 4267 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[   40.947307][ T4267] Modules linked in:
[   40.951321][ T4267] CPU: 1 UID: 0 PID: 4267 Comm: syz.0.234 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[   40.964032][ T4267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   40.974632][ T4267] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   40.981026][ T4267] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 e2 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   41.000896][ T4267] RSP: 0000:ffffc90003437440 EFLAGS: 00010292
[   41.007221][ T4267] RAX: 7ea4318e93a13200 RBX: ffff88811a2ec1a8 RCX: 0000000000080000
[   41.015405][ T4267] RDX: ffffc90001e72000 RSI: 0000000000013393 RDI: 0000000000013394
[   41.023459][ T4267] RBP: fffffffe00000030 R08: 0001c9000343727f R09: 0000000000000000
[   41.031717][ T4267] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a2ec168
[   41.036600][ T4271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.234'.
[   41.039808][ T4267] R13: ffff88811aee0000 R14: ffff88811aee0000 R15: ffff88811a2ec1a0
[   41.056854][ T4267] FS:  00007f8afe0cf6c0(0000) GS:ffff8882aef44000(0000) knlGS:0000000000000000
[   41.065999][ T4267] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.072701][ T4267] CR2: 0000000000000000 CR3: 0000000104a8c000 CR4: 00000000003506f0
[   41.080718][ T4267] Call Trace:
[   41.084033][ T4267]  <TASK>
[   41.087083][ T4267]  reg_set_min_max+0x215/0x260
[   41.092021][ T4267]  check_cond_jmp_op+0x1080/0x16e0
[   41.097286][ T4267]  do_check+0x332a/0x7a10
[   41.101702][ T4267]  do_check_common+0xc3a/0x12a0
[   41.106687][ T4267]  bpf_check+0x942b/0xd9e0
[   41.111217][ T4267]  ? __rcu_read_unlock+0x4f/0x70
[   41.116248][ T4267]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   41.122310][ T4267]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[   41.128048][ T4267]  ? __vmap_pages_range_noflush+0xbb3/0xbd0
[   41.134535][ T4267]  ? try_charge_memcg+0x200/0x9e0
[   41.139624][ T4267]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   41.145797][ T4267]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   41.151886][ T4267]  ? css_rstat_updated+0xb7/0x240
[   41.157044][ T4267]  ? __rcu_read_unlock+0x4f/0x70
[   41.162162][ T4267]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[   41.168098][ T4267]  ? should_fail_ex+0x30/0x280
[   41.173299][ T4267]  ? selinux_bpf_prog_load+0x36/0xf0
[   41.178818][ T4267]  ? should_failslab+0x8c/0xb0
[   41.183622][ T4267]  ? __kmalloc_cache_noprof+0x189/0x320
[   41.189217][ T4267]  ? selinux_bpf_prog_load+0xbf/0xf0
[   41.194818][ T4267]  ? security_bpf_prog_load+0x2c/0xa0
[   41.200274][ T4267]  bpf_prog_load+0xedd/0x1070
[   41.205121][ T4267]  ? security_bpf+0x2b/0x90
[   41.209699][ T4267]  __sys_bpf+0x462/0x7b0
[   41.214064][ T4267]  __x64_sys_bpf+0x41/0x50
[   41.218646][ T4267]  x64_sys_call+0x2aea/0x2ff0
[   41.223761][ T4267]  do_syscall_64+0xd2/0x200
[   41.228373][ T4267]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.234705][ T4267]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   41.240695][ T4267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.246692][ T4267] RIP: 0033:0x7f8aff66ebe9
[   41.251219][ T4267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.271225][ T4267] RSP: 002b:00007f8afe0cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   41.280057][ T4267] RAX: ffffffffffffffda RBX: 00007f8aff895fa0 RCX: 00007f8aff66ebe9
[   41.289175][ T4267] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[   41.297856][ T4267] RBP: 00007f8aff6f1e19 R08: 0000000000000000 R09: 0000000000000000
[   41.306228][ T4267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   41.314461][ T4267] R13: 00007f8aff896038 R14: 00007f8aff895fa0 R15: 00007ffc9fe6d0b8
[   41.322539][ T4267]  </TASK>
[   41.325886][ T4267] ---[ end trace 0000000000000000 ]---
[   41.345982][ T4272] wg2: entered promiscuous mode
[   41.350915][ T4272] wg2: entered allmulticast mode
[   41.648194][ T4286] netlink: 12 bytes leftover after parsing attributes in process `syz.1.241'.
[   41.760066][ T4294] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4294 comm=syz.1.244
[   41.807524][ T4301] loop4: detected capacity change from 0 to 164
[   41.850978][ T4301] rock: directory entry would overflow storage
[   41.857342][ T4301] rock: sig=0x5053, size=7, remaining=4
[   41.863009][ T4301] isofs_fill_super: root inode is not a directory. Corrupted media?
[   41.947807][ T4309] netlink: 9 bytes leftover after parsing attributes in process `syz.0.252'.
[   41.964561][ T4309] 0·: renamed from hsr0 (while UP)
[   41.972435][ T4309] 0·: entered allmulticast mode
[   41.977574][ T4309] hsr_slave_0: entered allmulticast mode
[   41.983252][ T4309] hsr_slave_1: entered allmulticast mode
[   41.992552][ T4309] net_ratelimit: 10 callbacks suppressed
[   41.992624][ T4309] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[   42.137553][ T4321] netlink: 'syz.0.257': attribute type 10 has an invalid length.
[   42.148835][ T4321] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   42.195817][ T4323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.196150][ T4325] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   42.218866][ T4323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.430925][ T4340] Zero length message leads to an empty skb
[   42.458833][ T4344] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.511417][ T4344] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.558048][ T4344] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.600617][ T4354] loop4: detected capacity change from 0 to 512
[   42.609955][ T4344] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.624279][ T4354] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.632402][ T4354] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   42.648836][ T4354] EXT4-fs (loop4): 1 truncate cleaned up
[   42.670560][ T4354] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.684218][ T3788] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   42.698790][ T3788] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.712148][ T3788] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.720948][ T3788] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.995946][ T4379] loop1: detected capacity change from 0 to 512
[   43.011390][ T4379] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.017945][ T4379] EXT4-fs: Ignoring removed bh option
[   43.032178][ T4379] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   43.051642][ T4379] EXT4-fs (loop1): 1 truncate cleaned up
[   43.058018][ T4379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.083109][ T4381] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.109761][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.155441][ T4381] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.223962][ T4385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.283'.
[   43.237837][ T4381] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.316834][ T4381] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.552757][ T4389] program syz.1.285 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   43.664162][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.715962][ T4396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.725828][ T4396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.746265][ T4398] netlink: 36 bytes leftover after parsing attributes in process `syz.3.289'.
[   43.755403][ T4398] bridge_slave_1: left allmulticast mode
[   43.761126][ T4398] bridge_slave_1: left promiscuous mode
[   43.766937][ T4398] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.778709][ T4398] bridge_slave_0: left allmulticast mode
[   43.784566][ T4398] bridge_slave_0: left promiscuous mode
[   43.790611][ T4398] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.799102][ T4401] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4401 comm=syz.0.290
[   43.814391][ T4401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.290'.
[   43.998801][ T4413] loop3: detected capacity change from 0 to 1024
[   44.007230][ T4413] EXT4-fs: Ignoring removed nobh option
[   44.013130][ T4413] EXT4-fs: Ignoring removed bh option
[   44.027680][ T4413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.046307][ T4413] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.292: Allocating blocks 385-513 which overlap fs metadata
[   44.065968][ T4413] EXT4-fs (loop3): pa ffff888107190690: logic 16, phys. 129, len 24
[   44.074098][ T4413] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   44.099509][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.216757][ T4427] loop3: detected capacity change from 0 to 512
[   44.249214][ T4427] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.294: bad orphan inode 11862016
[   44.260750][ T4427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   44.300787][ T4427] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.373099][ T4440] netlink: 36 bytes leftover after parsing attributes in process `syz.4.300'.
[   44.382252][ T4440] netlink: 16 bytes leftover after parsing attributes in process `syz.4.300'.
[   44.391872][ T4440] netlink: 36 bytes leftover after parsing attributes in process `syz.4.300'.
[   44.401018][ T4440] netlink: 36 bytes leftover after parsing attributes in process `syz.4.300'.
[   44.724480][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.731998][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.739470][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.747083][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.754583][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.762377][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.769860][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.777425][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.785231][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.792657][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   44.801137][   T36] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   44.869877][ T4464] wg2: entered promiscuous mode
[   44.874969][ T4464] wg2: entered allmulticast mode
[   44.895855][ T4460] fido_id[4460]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   44.931176][ T4468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   44.940926][ T4468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   44.996449][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   45.030854][ T4473] loop3: detected capacity change from 0 to 512
[   45.063823][ T4473] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.070408][ T4473] EXT4-fs: Ignoring removed bh option
[   45.077631][ T4473] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   45.089811][ T4473] EXT4-fs (loop3): 1 truncate cleaned up
[   45.097456][ T4473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.139716][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.221294][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   45.233166][ T4476] loop3: detected capacity change from 0 to 164
[   45.240655][ T4476] rock: directory entry would overflow storage
[   45.246998][ T4476] rock: sig=0x5053, size=7, remaining=4
[   45.252644][ T4476] isofs_fill_super: root inode is not a directory. Corrupted media?
[   45.420570][   T29] kauditd_printk_skb: 163 callbacks suppressed
[   45.420587][   T29] audit: type=1400 audit(1755470622.333:974): avc:  denied  { read write } for  pid=4481 comm="syz.4.319" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   45.450637][   T29] audit: type=1400 audit(1755470622.333:975): avc:  denied  { open } for  pid=4481 comm="syz.4.319" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   45.552846][   T29] audit: type=1400 audit(1755470622.393:976): avc:  denied  { ioctl } for  pid=4481 comm="syz.4.319" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   45.906035][ T4491] Set syz1 is full, maxelem 65536 reached
[   46.028997][ T4497] loop4: detected capacity change from 0 to 512
[   46.035902][ T4497] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.047680][ T4497] EXT4-fs (loop4): failed to initialize system zone (-117)
[   46.079310][ T4500] loop1: detected capacity change from 0 to 512
[   46.080062][ T4497] EXT4-fs (loop4): mount failed
[   46.100835][   T29] audit: type=1400 audit(1755470623.013:977): avc:  denied  { connect } for  pid=4501 comm="syz.0.326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   46.120924][   T29] audit: type=1400 audit(1755470623.013:978): avc:  denied  { write } for  pid=4501 comm="syz.0.326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   46.157491][ T4500] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.190218][ T4508] loop3: detected capacity change from 0 to 1764
[   46.197348][ T4500] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.234810][   T29] audit: type=1400 audit(1755470623.143:979): avc:  denied  { create } for  pid=4499 comm="syz.1.325" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.261192][   T29] audit: type=1400 audit(1755470623.173:980): avc:  denied  { remove_name } for  pid=4499 comm="syz.1.325" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.261819][ T4500] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz.1.325: invalid size
[   46.284102][   T29] audit: type=1400 audit(1755470623.173:981): avc:  denied  { rename } for  pid=4499 comm="syz.1.325" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.316864][   T29] audit: type=1400 audit(1755470623.173:982): avc:  denied  { rmdir } for  pid=4499 comm="syz.1.325" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.334846][ T4510] loop0: detected capacity change from 0 to 512
[   46.339443][ T4500] EXT4-fs (loop1): Remounting filesystem read-only
[   46.363639][ T4510] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   46.407449][ T4510] EXT4-fs (loop0): 1 orphan inode deleted
[   46.413426][ T4510] EXT4-fs (loop0): 1 truncate cleaned up
[   46.422241][ T4510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.444911][ T4510] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   46.471503][ T4510] EXT4-fs (loop0): Remounting filesystem read-only
[   46.474279][   T29] audit: type=1400 audit(1755470623.353:983): avc:  denied  { connect } for  pid=4514 comm="syz.4.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   46.478427][ T4510] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[   46.511012][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.530701][ T3763] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   46.578953][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.604479][ T4521] veth0_to_team: entered promiscuous mode
[   46.658018][ T3776] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.678755][ T3776] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.697371][ T3776] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.706305][ T3776] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.783262][ T4544] program syz.1.342 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   46.812846][ T4544] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   46.920498][ T4547] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   47.037084][ T4565] loop3: detected capacity change from 0 to 512
[   47.055990][ T4565] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.072703][ T4567] netlink: 36 bytes leftover after parsing attributes in process `syz.0.350'.
[   47.092286][ T4565] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   47.105428][ T4567] bridge_slave_1: left allmulticast mode
[   47.106091][ T4565] EXT4-fs (loop3): 1 truncate cleaned up
[   47.111203][ T4567] bridge_slave_1: left promiscuous mode
[   47.117665][ T4565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.122551][ T4567] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.235737][ T4567] bridge_slave_0: left allmulticast mode
[   47.241545][ T4567] bridge_slave_0: left promiscuous mode
[   47.247610][ T4567] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.467424][ T4583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.480046][ T4583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.893027][ T4593] netlink: 4 bytes leftover after parsing attributes in process `syz.4.356'.
[   48.269777][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.313630][ T4601] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.338824][ T4601] 8021q: adding VLAN 0 to HW filter on device team0
[   48.384512][ T4601] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   48.425082][    T9] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   48.470286][ T4612] netlink: 36 bytes leftover after parsing attributes in process `syz.4.365'.
[   48.487487][ T3408] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   48.503217][ T4614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4614 comm=syz.3.366
[   48.506435][ T4612] bridge_slave_1: left allmulticast mode
[   48.523323][ T4612] bridge_slave_1: left promiscuous mode
[   48.529286][ T4612] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.550977][ T4612] bridge_slave_0: left allmulticast mode
[   48.557051][ T4612] bridge_slave_0: left promiscuous mode
[   48.562803][ T4612] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.605258][ T4624] loop3: detected capacity change from 0 to 512
[   48.622278][ T4624] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   48.639875][ T4624] EXT4-fs (loop3): 1 orphan inode deleted
[   48.645737][ T4624] EXT4-fs (loop3): 1 truncate cleaned up
[   48.654316][ T4624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.674072][ T4624] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   48.691375][ T4624] EXT4-fs (loop3): Remounting filesystem read-only
[   48.711409][ T4637] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.711468][ T4624] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[   48.800977][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.829217][ T4645] netlink: 9 bytes leftover after parsing attributes in process `syz.3.377'.
[   48.844702][ T4645] 0·: renamed from hsr0 (while UP)
[   48.857779][ T4645] 0·: entered allmulticast mode
[   48.863221][ T4645] hsr_slave_0: entered allmulticast mode
[   48.869187][ T4645] hsr_slave_1: entered allmulticast mode
[   48.876194][ T4645] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[   48.933302][ T4648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.378'.
[   49.046743][ T4664] veth0_to_team: entered promiscuous mode
[   49.245783][ T4675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.255650][ T4676] netlink: 36 bytes leftover after parsing attributes in process `syz.1.387'.
[   49.256369][ T4675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.267407][ T4676] bridge_slave_1: left allmulticast mode
[   49.278403][ T4676] bridge_slave_1: left promiscuous mode
[   49.284714][ T4676] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.315750][ T4676] bridge_slave_0: left allmulticast mode
[   49.321459][ T4676] bridge_slave_0: left promiscuous mode
[   49.327237][ T4676] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.366365][ T3779] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   49.374661][ T4675] bond0: (slave dummy0): Releasing backup interface
[   49.382679][ T4675] batman_adv: batadv0: Adding interface: dummy0
[   49.389309][ T4675] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.415529][ T4675] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[   49.472278][ T4695] netlink: 9 bytes leftover after parsing attributes in process `syz.4.391'.
[   49.527840][ T4701] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.572014][ T4701] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.626411][ T4701] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.696390][ T4701] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.797009][ T3779] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.818542][ T3779] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.835051][ T3779] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.843360][ T3779] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.406030][ T3806] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   50.414018][ T3806] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   50.433318][   T29] kauditd_printk_skb: 190 callbacks suppressed
[   50.433333][   T29] audit: type=1326 audit(1755470627.343:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f994f9b5ba7 code=0x7ffc0000
[   50.465497][   T29] audit: type=1326 audit(1755470627.373:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f994f95add9 code=0x7ffc0000
[   50.488955][   T29] audit: type=1326 audit(1755470627.373:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   50.512894][   T29] audit: type=1326 audit(1755470627.373:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f994f9b5ba7 code=0x7ffc0000
[   50.536607][   T29] audit: type=1326 audit(1755470627.373:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f994f95add9 code=0x7ffc0000
[   50.560151][   T29] audit: type=1326 audit(1755470627.373:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   50.584253][   T29] audit: type=1326 audit(1755470627.403:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f994f9b5ba7 code=0x7ffc0000
[   50.608093][   T29] audit: type=1326 audit(1755470627.403:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f994f95add9 code=0x7ffc0000
[   50.631929][   T29] audit: type=1326 audit(1755470627.403:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   50.656376][   T29] audit: type=1326 audit(1755470627.403:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4714 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f994f9b5ba7 code=0x7ffc0000
[   50.726361][ T4729] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.789426][ T4729] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.800461][ T4737] loop4: detected capacity change from 0 to 1024
[   50.808021][ T4737] EXT4-fs: Ignoring removed orlov option
[   50.816017][ T3395] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   50.823968][ T4737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.848232][ T4729] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.878947][ T4729] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.949979][ T3779] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.961633][ T3779] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.970958][ T3779] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.979761][ T3779] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.114898][ T4760] netlink: 96 bytes leftover after parsing attributes in process `syz.0.409'.
[   51.189472][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.214033][ T4769] netlink: 12 bytes leftover after parsing attributes in process `syz.4.412'.
[   51.223429][ T4764] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   51.266698][ T4769] 8021q: adding VLAN 0 to HW filter on device bond2
[   51.275359][ T4769] bond1: (slave bond2): Enslaving as an active interface with an up link
[   51.287122][ T4769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.412'.
[   51.298890][ T4769] bond1 (unregistering): (slave bond2): Releasing backup interface
[   51.308498][ T4769] bond1 (unregistering): Released all slaves
[   51.390923][ T4777] pim6reg1: entered promiscuous mode
[   51.396350][ T4777] pim6reg1: entered allmulticast mode
[   51.636398][ T4790] loop1: detected capacity change from 0 to 512
[   51.659953][ T4790] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.685181][ T4790] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.704262][ T4790] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   51.712912][ T4790] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   51.757961][ T4790] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.419: Allocating blocks 41-42 which overlap fs metadata
[   51.785207][ T4790] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.419: Allocating blocks 41-42 which overlap fs metadata
[   51.826447][ T4790] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.419: Failed to acquire dquot type 1
[   51.857481][ T4790] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   51.872646][ T4790] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.419: corrupted inode contents
[   51.885135][ T4790] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #12: comm syz.1.419: mark_inode_dirty error
[   51.897076][ T4790] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.419: corrupted inode contents
[   51.910576][ T4790] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.419: mark_inode_dirty error
[   51.922211][ T4790] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.419: corrupted inode contents
[   51.944526][ T4790] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   51.953459][ T4790] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.419: corrupted inode contents
[   51.966818][ T4790] EXT4-fs error (device loop1): ext4_truncate:4666: inode #12: comm syz.1.419: mark_inode_dirty error
[   51.978283][ T4790] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   51.989409][ T4790] EXT4-fs (loop1): 1 truncate cleaned up
[   51.995560][ T4790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.029280][ T4790] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   52.054795][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.191989][ T4807] netlink: 'syz.0.425': attribute type 3 has an invalid length.
[   52.591961][ T4832] netlink: 'syz.0.433': attribute type 1 has an invalid length.
[   52.611120][ T4832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.433'.
[   52.638429][ T4832] 8021q: adding VLAN 0 to HW filter on device batadv1
[   52.648387][ T4832] bond2: (slave batadv1): Enslaving as a backup interface with an up link
[   52.664212][ T4832] bond2 (unregistering): (slave batadv1): Releasing backup interface
[   52.675751][ T4832] bond2 (unregistering): Released all slaves
[   53.272041][ T4853] tipc: Failed to remove unknown binding: 66,3,3/0:1874850877/1874850878
[   53.490260][ T4858] capability: warning: `syz.1.445' uses deprecated v2 capabilities in a way that may be insecure
[   53.612755][ T4862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.446'.
[   53.749862][ T4868] loop3: detected capacity change from 0 to 2048
[   53.793415][ T4873] syzkaller0: entered promiscuous mode
[   53.799143][ T4873] syzkaller0: entered allmulticast mode
[   53.838477][ T4868] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.887070][ T4883] loop0: detected capacity change from 0 to 512
[   53.909956][ T4883] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.917255][ T4884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   53.932329][ T4868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.968125][ T4884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   53.978729][ T4883] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.012972][ T4883] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.021500][ T4883] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   54.041139][ T4880] batman_adv: batadv0: Adding interface: dummy0
[   54.047808][ T4880] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.073544][ T4880] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[   54.090986][ T4883] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.455: Allocating blocks 41-42 which overlap fs metadata
[   54.126457][ T4883] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.455: Allocating blocks 41-42 which overlap fs metadata
[   54.144884][ T4883] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.455: Failed to acquire dquot type 1
[   54.190530][ T4883] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   54.213322][ T4894] loop3: detected capacity change from 0 to 2048
[   54.236232][ T4894] EXT4-fs: dax option not supported
[   54.257841][ T4883] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.455: corrupted inode contents
[   54.327450][ T4883] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #12: comm syz.0.455: mark_inode_dirty error
[   54.346339][ T4883] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.455: corrupted inode contents
[   54.359282][ T4883] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.455: mark_inode_dirty error
[   54.371330][ T4883] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.455: corrupted inode contents
[   54.385352][ T4883] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   54.395717][ T4883] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.455: corrupted inode contents
[   54.409583][ T4883] EXT4-fs error (device loop0): ext4_truncate:4666: inode #12: comm syz.0.455: mark_inode_dirty error
[   54.422312][ T4883] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   54.432876][ T4883] EXT4-fs (loop0): 1 truncate cleaned up
[   54.440310][ T4883] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.471345][ T4883] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   54.497225][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.644679][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   54.972695][ T4910] loop0: detected capacity change from 0 to 512
[   54.989433][ T4910] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   55.030283][ T4910] EXT4-fs (loop0): orphan cleanup on readonly fs
[   55.038099][ T4910] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.463: Block bitmap for bg 0 marked uninitialized
[   55.060751][ T4910] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   55.080859][ T4910] EXT4-fs (loop0): 1 orphan inode deleted
[   55.092923][ T4910] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   55.145220][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.279613][ T4934] netlink: 'syz.1.474': attribute type 4 has an invalid length.
[   55.380747][ T4939] netlink: 12 bytes leftover after parsing attributes in process `syz.1.476'.
[   55.528581][ T4951] loop0: detected capacity change from 0 to 128
[   55.536769][ T4947] loop4: detected capacity change from 0 to 512
[   55.576073][ T4951] FAT-fs (loop0): Directory bread(block 32) failed
[   55.600458][ T4947] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.615234][ T4951] FAT-fs (loop0): Directory bread(block 33) failed
[   55.645876][   T29] kauditd_printk_skb: 205 callbacks suppressed
[   55.645894][   T29] audit: type=1400 audit(1755470632.563:1379): avc:  denied  { write } for  pid=4953 comm="syz.3.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   55.648507][ T4947] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.679417][ T4951] FAT-fs (loop0): Directory bread(block 34) failed
[   55.686166][ T4951] FAT-fs (loop0): Directory bread(block 35) failed
[   55.692967][ T4951] FAT-fs (loop0): Directory bread(block 36) failed
[   55.714158][ T4947] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   55.722737][ T4947] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   55.743659][ T4951] FAT-fs (loop0): Directory bread(block 37) failed
[   55.766389][ T4951] FAT-fs (loop0): Directory bread(block 38) failed
[   55.783710][ T4951] FAT-fs (loop0): Directory bread(block 39) failed
[   55.791800][ T4947] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.479: Allocating blocks 41-42 which overlap fs metadata
[   55.814842][ T4951] FAT-fs (loop0): Directory bread(block 40) failed
[   55.821679][ T4951] FAT-fs (loop0): Directory bread(block 41) failed
[   55.854772][ T4947] Quota error (device loop4): write_blk: dquota write failed
[   55.862345][ T4947] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[   55.936193][ T4947] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.479: Allocating blocks 41-42 which overlap fs metadata
[   55.971985][ T4947] Quota error (device loop4): write_blk: dquota write failed
[   56.028695][ T4947] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   56.038898][ T4947] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.479: Failed to acquire dquot type 1
[   56.074368][ T4947] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   56.114429][ T4947] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.479: corrupted inode contents
[   56.152382][ T4947] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.479: mark_inode_dirty error
[   56.177746][ T4947] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.479: corrupted inode contents
[   56.209510][ T4947] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.479: mark_inode_dirty error
[   56.234646][ T4947] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.479: corrupted inode contents
[   56.252150][ T4947] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   56.352281][ T4947] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.479: corrupted inode contents
[   56.384731][ T4947] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.479: mark_inode_dirty error
[   56.402119][ T4947] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   56.441813][ T4947] EXT4-fs (loop4): 1 truncate cleaned up
[   56.452606][ T4947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.479040][ T4986] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.488446][ T4986] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.601051][ T4947] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   56.620307][ T4988] batadv_slave_1: entered promiscuous mode
[   56.627041][   T29] audit: type=1400 audit(1755470633.533:1380): avc:  denied  { ioctl } for  pid=4987 comm="syz.2.494" path="socket:[12754]" dev="sockfs" ino=12754 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   56.667483][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.676844][ T4988] batadv_slave_1: left promiscuous mode
[   56.700620][ T4990] netlink: 8 bytes leftover after parsing attributes in process `syz.4.495'.
[   56.755876][ T4996] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'.
[   56.764880][ T4999] batman_adv: batadv0: Adding interface: dummy0
[   56.771390][ T4999] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.775265][ T4996] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'.
[   56.799345][ T4999] batman_adv: batadv0: Interface activated: dummy0
[   56.828338][ T4999] batadv0: mtu less than device minimum
[   56.834612][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.845713][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.856634][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.867500][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.878440][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.889474][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.900340][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.911359][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   56.922246][ T4999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.059006][ T5010] netlink: 12 bytes leftover after parsing attributes in process `syz.1.502'.
[   57.311388][ T5018] loop1: detected capacity change from 0 to 1024
[   57.311733][   T29] audit: type=1400 audit(1755470634.223:1381): avc:  denied  { bind } for  pid=5016 comm="syz.3.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   57.318799][ T5013] netlink: 5 bytes leftover after parsing attributes in process `syz.4.506'.
[   57.348068][ T5018] EXT4-fs: Ignoring removed orlov option
[   57.354187][ T5013] 0ªX¹¦D: renamed from gretap0
[   57.359448][   T29] audit: type=1400 audit(1755470634.253:1382): avc:  denied  { setopt } for  pid=5016 comm="syz.3.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   57.368804][ T5018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.397046][ T5013] 0ªX¹¦D: entered allmulticast mode
[   57.484193][   T29] audit: type=1400 audit(1755470634.393:1383): avc:  denied  { relabelfrom } for  pid=5022 comm="syz.3.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   57.504289][   T29] audit: type=1400 audit(1755470634.393:1384): avc:  denied  { relabelto } for  pid=5022 comm="syz.3.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   57.553760][ T5031] netlink: 8 bytes leftover after parsing attributes in process `syz.2.511'.
[   57.601314][ T5035] netlink: 'syz.0.513': attribute type 12 has an invalid length.
[   57.802369][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.839618][ T5054] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.877619][ T5054] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.892223][ T5057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.520'.
[   57.933272][ T5057] 8021q: adding VLAN 0 to HW filter on device bond2
[   57.941836][ T5057] bond1: (slave bond2): Enslaving as an active interface with an up link
[   57.951410][ T5054] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.971837][ T5057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.520'.
[   57.983929][ T5057] bond1 (unregistering): (slave bond2): Releasing backup interface
[   57.994007][ T5057] bond1 (unregistering): Released all slaves
[   58.025928][ T5054] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.073867][ T5062] loop1: detected capacity change from 0 to 128
[   58.097107][ T5062] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   58.112923][ T3763] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.136352][ T3763] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.153729][ T5062] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   58.169399][ T3763] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.178096][ T3763] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.215542][ T3299] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   58.449277][ T5080] loop0: detected capacity change from 0 to 1024
[   58.458759][ T5078] loop1: detected capacity change from 0 to 128
[   58.473177][ T5080] EXT4-fs: Ignoring removed orlov option
[   58.488033][ T5078] syz.1.528: attempt to access beyond end of device
[   58.488033][ T5078] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   58.511365][ T5080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.514177][ T5078] syz.1.528: attempt to access beyond end of device
[   58.514177][ T5078] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[   58.538825][ T5078] syz.1.528: attempt to access beyond end of device
[   58.538825][ T5078] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[   58.552516][ T5078] syz.1.528: attempt to access beyond end of device
[   58.552516][ T5078] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[   58.567360][ T5078] syz.1.528: attempt to access beyond end of device
[   58.567360][ T5078] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[   58.581259][ T5078] syz.1.528: attempt to access beyond end of device
[   58.581259][ T5078] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[   58.595440][ T5078] syz.1.528: attempt to access beyond end of device
[   58.595440][ T5078] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[   58.608966][ T5078] syz.1.528: attempt to access beyond end of device
[   58.608966][ T5078] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[   58.616926][ T5083] syz.1.528: attempt to access beyond end of device
[   58.616926][ T5083] loop1: rw=2049, sector=305, nr_sectors = 1 limit=128
[   58.622904][ T5078] syz.1.528: attempt to access beyond end of device
[   58.622904][ T5078] loop1: rw=2049, sector=289, nr_sectors = 9 limit=128
[   59.102564][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.321505][ T5112] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.386408][ T5112] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.476168][ T5112] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.526545][ T5112] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.617630][ T3774] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.651105][ T3774] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.677241][ T3774] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.707550][ T3774] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.900877][ T5142] syzkaller0: entered allmulticast mode
[   59.929751][ T5142] syzkaller0: entered promiscuous mode
[   59.959888][ T5142] syzkaller0 (unregistering): left allmulticast mode
[   59.966839][ T5142] syzkaller0 (unregistering): left promiscuous mode
[   60.353445][ T5161] loop4: detected capacity change from 0 to 1024
[   60.375185][ T5161] EXT4-fs: Ignoring removed nobh option
[   60.406901][ T5161] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.477253][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.979082][ T5225] loop3: detected capacity change from 0 to 512
[   61.010934][ T5225] EXT4-fs: Ignoring removed bh option
[   61.047222][ T5225] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   61.056341][ T5225] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   61.096318][ T5225] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   61.116066][ T5225] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   61.132623][ T5225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.304018][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.318685][   T29] kauditd_printk_skb: 142 callbacks suppressed
[   61.318700][   T29] audit: type=1400 audit(1755470638.233:1527): avc:  denied  { create } for  pid=5231 comm="syz.0.564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   61.379023][   T29] audit: type=1400 audit(1755470638.283:1528): avc:  denied  { sys_admin } for  pid=5231 comm="syz.0.564" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   61.470958][   T29] audit: type=1400 audit(1755470638.383:1529): avc:  denied  { setopt } for  pid=5240 comm="syz.3.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   61.504801][ T1036] IPVS: starting estimator thread 0...
[   61.563027][ T5246] loop3: detected capacity change from 0 to 1024
[   61.575126][   T29] audit: type=1326 audit(1755470638.473:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   61.598638][   T29] audit: type=1326 audit(1755470638.473:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   61.622292][   T29] audit: type=1326 audit(1755470638.473:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f994f9bec23 code=0x7ffc0000
[   61.625077][ T5242] IPVS: using max 2592 ests per chain, 129600 per kthread
[   61.646133][   T29] audit: type=1326 audit(1755470638.473:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f994f9bd69f code=0x7ffc0000
[   61.676898][   T29] audit: type=1326 audit(1755470638.473:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f994f9bec77 code=0x7ffc0000
[   61.700461][   T29] audit: type=1326 audit(1755470638.473:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f994f9bd550 code=0x7ffc0000
[   61.724058][   T29] audit: type=1326 audit(1755470638.473:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f994f9be7eb code=0x7ffc0000
[   61.781672][ T5246] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.792402][ T5246] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   61.792814][ T5249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.571'.
[   61.831114][ T5246] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[   61.831733][ T5249] team1: entered promiscuous mode
[   61.844398][ T5249] team1: entered allmulticast mode
[   61.849770][ T5246] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.569: Freeing blocks not in datazone - block = 0, count = 4096
[   61.904742][ T5246] EXT4-fs (loop3): Remounting filesystem read-only
[   61.921566][ T5246] EXT4-fs (loop3): 1 orphan inode deleted
[   61.937641][ T3812] EXT4-fs (loop3): Quota write (off=3072, len=1024) cancelled because transaction is not started
[   61.965250][ T5246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.077500][ T5254] syzkaller0: entered promiscuous mode
[   62.083090][ T5254] syzkaller0: entered allmulticast mode
[   62.174365][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.612251][ T5269] netlink: 'syz.1.579': attribute type 1 has an invalid length.
[   62.677734][ T5269] 8021q: adding VLAN 0 to HW filter on device bond1
[   62.894859][ T5269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.579'.
[   62.934928][ T5269] bond1 (unregistering): Released all slaves
[   63.044653][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   63.054223][ T5262] syz.3.576 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   63.068402][ T5262] CPU: 1 UID: 0 PID: 5262 Comm: syz.3.576 Tainted: G        W           6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[   63.068441][ T5262] Tainted: [W]=WARN
[   63.068449][ T5262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.068525][ T5262] Call Trace:
[   63.068532][ T5262]  <TASK>
[   63.068540][ T5262]  __dump_stack+0x1d/0x30
[   63.068573][ T5262]  dump_stack_lvl+0xe8/0x140
[   63.068593][ T5262]  dump_stack+0x15/0x1b
[   63.068609][ T5262]  dump_header+0x81/0x220
[   63.068685][ T5262]  oom_kill_process+0x342/0x400
[   63.068718][ T5262]  out_of_memory+0x979/0xb80
[   63.068752][ T5262]  try_charge_memcg+0x5e6/0x9e0
[   63.068785][ T5262]  obj_cgroup_charge_pages+0xa6/0x150
[   63.068813][ T5262]  __memcg_kmem_charge_page+0x9f/0x170
[   63.068846][ T5262]  __alloc_frozen_pages_noprof+0x188/0x360
[   63.068914][ T5262]  alloc_pages_mpol+0xb3/0x250
[   63.068947][ T5262]  alloc_pages_noprof+0x90/0x130
[   63.068973][ T5262]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   63.069105][ T5262]  __kvmalloc_node_noprof+0x30f/0x4e0
[   63.069212][ T5262]  ? ip_set_alloc+0x1f/0x30
[   63.069247][ T5262]  ? ip_set_alloc+0x1f/0x30
[   63.069276][ T5262]  ? hash_netiface_create+0x21b/0x740
[   63.069329][ T5262]  ? __kmalloc_cache_noprof+0x189/0x320
[   63.069359][ T5262]  ip_set_alloc+0x1f/0x30
[   63.069384][ T5262]  hash_netiface_create+0x282/0x740
[   63.069455][ T5262]  ? __pfx_hash_netiface_create+0x10/0x10
[   63.069483][ T5262]  ip_set_create+0x3cc/0x960
[   63.069520][ T5262]  ? __nla_parse+0x40/0x60
[   63.069545][ T5262]  nfnetlink_rcv_msg+0x4c3/0x590
[   63.069665][ T5262]  netlink_rcv_skb+0x123/0x220
[   63.069684][ T5262]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   63.069722][ T5262]  nfnetlink_rcv+0x16b/0x1690
[   63.069750][ T5262]  ? nlmon_xmit+0x4f/0x60
[   63.069831][ T5262]  ? consume_skb+0x49/0x150
[   63.069852][ T5262]  ? nlmon_xmit+0x4f/0x60
[   63.069881][ T5262]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   63.069908][ T5262]  ? __dev_queue_xmit+0x1200/0x2000
[   63.069929][ T5262]  ? __dev_queue_xmit+0x182/0x2000
[   63.069980][ T5262]  ? ref_tracker_free+0x37d/0x3e0
[   63.070010][ T5262]  ? __netlink_deliver_tap+0x4dc/0x500
[   63.070102][ T5262]  netlink_unicast+0x5bd/0x690
[   63.070132][ T5262]  netlink_sendmsg+0x58b/0x6b0
[   63.070158][ T5262]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.070242][ T5262]  __sock_sendmsg+0x142/0x180
[   63.070274][ T5262]  ____sys_sendmsg+0x31e/0x4e0
[   63.070301][ T5262]  ___sys_sendmsg+0x17b/0x1d0
[   63.070372][ T5262]  __x64_sys_sendmsg+0xd4/0x160
[   63.070399][ T5262]  x64_sys_call+0x191e/0x2ff0
[   63.070495][ T5262]  do_syscall_64+0xd2/0x200
[   63.070524][ T5262]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.070546][ T5262]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.070573][ T5262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.070611][ T5262] RIP: 0033:0x7f994f9bebe9
[   63.070631][ T5262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.070652][ T5262] RSP: 002b:00007f994e41f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.070677][ T5262] RAX: ffffffffffffffda RBX: 00007f994fbe5fa0 RCX: 00007f994f9bebe9
[   63.070689][ T5262] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   63.070703][ T5262] RBP: 00007f994fa41e19 R08: 0000000000000000 R09: 0000000000000000
[   63.070718][ T5262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   63.070730][ T5262] R13: 00007f994fbe6038 R14: 00007f994fbe5fa0 R15: 00007ffcd06c5588
[   63.070747][ T5262]  </TASK>
[   63.070753][ T5262] memory: usage 307200kB, limit 307200kB, failcnt 193
[   63.204861][ T5275] lo speed is unknown, defaulting to 1000
[   63.205881][ T5262] memory+swap: usage 307244kB, limit 9007199254740988kB, failcnt 0
[   63.205903][ T5262] kmem: usage 306968kB, limit 9007199254740988kB, failcnt 0
[   63.205915][ T5262] Memory cgroup stats for /syz3:
[   63.215002][ T5262] cache 90112
[   63.254761][ T5275] lo speed is unknown, defaulting to 1000
[   63.260075][ T5262] rss 4096
[   63.260088][ T5262] shmem 0
[   63.260095][ T5262] mapped_file 65536
[   63.260101][ T5262] dirty 0
[   63.260107][ T5262] writeback 0
[   63.260114][ T5262] workingset_refault_anon 12
[   63.260121][ T5262] workingset_refault_file 55
[   63.260128][ T5262] swap 172032
[   63.260134][ T5262] swapcached 16384
[   63.285054][ T5275] lo speed is unknown, defaulting to 1000
[   63.286164][ T5262] pgpgin 27453
[   63.291226][ T5275] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   63.296237][ T5262] pgpgout 27426
[   63.296248][ T5262] pgfault 44477
[   63.296263][ T5262] pgmajfault 7
[   63.296271][ T5262] inactive_anon 8192
[   63.325138][ T5275] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   63.330813][ T5262] active_anon 8192
[   63.330825][ T5262] inactive_file 65536
[   63.330832][ T5262] active_file 28672
[   63.330844][ T5262] unevictable 0
[   63.406871][ T5275] lo speed is unknown, defaulting to 1000
[   63.407698][ T5262] hierarchical_memory_limit 314572800
[   63.407709][ T5262] hierarchical_memsw_limit 9223372036854771712
[   63.407717][ T5262] total_cache 90112
[   63.407724][ T5262] total_rss 4096
[   63.407735][ T5262] total_shmem 0
[   63.431613][ T5275] lo speed is unknown, defaulting to 1000
[   63.439594][ T5262] total_mapped_file 65536
[   63.439609][ T5262] total_dirty 0
[   63.439616][ T5262] total_writeback 0
[   63.439623][ T5262] total_workingset_refault_anon 12
[   63.505180][ T5275] lo speed is unknown, defaulting to 1000
[   63.510276][ T5262] total_workingset_refault_file 55
[   63.514322][ T5275] lo speed is unknown, defaulting to 1000
[   63.517639][ T5262] total_swap 172032
[   63.517654][ T5262] total_swapcached 16384
[   63.517663][ T5262] total_pgpgin 27453
[   63.545368][ T5275] lo speed is unknown, defaulting to 1000
[   63.547449][ T5262] total_pgpgout 27426
[   63.638332][ T5262] total_pgfault 44477
[   63.642469][ T5262] total_pgmajfault 7
[   63.646574][ T5262] total_inactive_anon 8192
[   63.651039][ T5262] total_active_anon 8192
[   63.655311][ T5262] total_inactive_file 65536
[   63.659869][ T5262] total_active_file 28672
[   63.664216][ T5262] total_unevictable 0
[   63.668223][ T5262] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.576,pid=5261,uid=0
[   63.683017][ T5262] Memory cgroup out of memory: Killed process 5261 (syz.3.576) total-vm:95680kB, anon-rss:944kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[   63.747023][ T5277] lo speed is unknown, defaulting to 1000
[   63.936672][ T5281] netlink: 12 bytes leftover after parsing attributes in process `syz.0.582'.
[   63.996114][ T5262] syz.3.576 (5262) used greatest stack depth: 7536 bytes left
[   64.044019][ T5285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.585'.
[   64.056130][ T5285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.585'.
[   64.154076][ T5292] netlink: 14 bytes leftover after parsing attributes in process `syz.3.588'.
[   64.251123][ T5300] $Hÿ: renamed from bond0 (while UP)
[   64.258922][ T5300] $Hÿ: entered promiscuous mode
[   64.264110][ T5300] bond_slave_0: entered promiscuous mode
[   64.270334][ T5300] bond_slave_1: entered promiscuous mode
[   64.357133][ T5307] netlink: 2036 bytes leftover after parsing attributes in process `syz.4.593'.
[   64.366284][ T5307] netlink: 24 bytes leftover after parsing attributes in process `syz.4.593'.
[   64.757409][ T5315] lo speed is unknown, defaulting to 1000
[   65.174143][ T5321] random: crng reseeded on system resumption
[   65.204464][ T5321] netlink: 24 bytes leftover after parsing attributes in process `syz.4.599'.
[   65.240838][ T5321] netlink: 32 bytes leftover after parsing attributes in process `syz.4.599'.
[   65.252298][ T5324] netlink: 'syz.2.600': attribute type 2 has an invalid length.
[   65.260067][ T5324] netlink: 'syz.2.600': attribute type 1 has an invalid length.
[   65.262622][ T3358] IPVS: starting estimator thread 0...
[   65.267982][ T5324] netlink: 'syz.2.600': attribute type 2 has an invalid length.
[   65.364692][ T5325] IPVS: using max 2448 ests per chain, 122400 per kthread
[   66.088850][ T5342] loop3: detected capacity change from 0 to 512
[   66.126571][ T5342] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   66.161280][ T5342] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.606: invalid indirect mapped block 2683928664 (level 1)
[   66.203433][ T5346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5346 comm=syz.4.607
[   66.223191][ T5342] EXT4-fs (loop3): 1 truncate cleaned up
[   66.240087][ T5346] netlink: 12 bytes leftover after parsing attributes in process `syz.4.607'.
[   66.252482][ T5342] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.321458][ T5342] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.606: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   66.386660][   T29] kauditd_printk_skb: 182 callbacks suppressed
[   66.386692][   T29] audit: type=1326 audit(2000000003.820:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.420811][ T5350] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[   66.430199][   T29] audit: type=1326 audit(2000000003.850:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.453914][   T29] audit: type=1326 audit(2000000003.850:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.477278][   T29] audit: type=1326 audit(2000000003.850:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.500994][   T29] audit: type=1326 audit(2000000003.850:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.524653][   T29] audit: type=1326 audit(2000000003.850:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.548357][   T29] audit: type=1326 audit(2000000003.850:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.572192][   T29] audit: type=1326 audit(2000000003.850:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.595845][   T29] audit: type=1326 audit(2000000003.850:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.619736][   T29] audit: type=1326 audit(2000000003.850:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5349 comm="syz.4.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   66.644204][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.926474][ T5360] smc: net device bond0 applied user defined pnetid SYZ0
[   66.934365][ T5360] smc: net device bond0 erased user defined pnetid SYZ0
[   67.257570][ T5381] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5381 comm=syz.0.623
[   67.357906][ T5393] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   67.496713][ T5403] hub 9-0:1.0: USB hub found
[   67.507702][ T5407] lo speed is unknown, defaulting to 1000
[   67.519030][ T5403] hub 9-0:1.0: 8 ports detected
[   67.565411][ T5403] loop3: detected capacity change from 0 to 512
[   67.601642][ T5403] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.663913][ T5403] EXT4-fs error (device loop3): ext4_quota_enable:7120: comm syz.3.634: Bad quota inum: 29696, type: 1
[   67.678836][ T5403] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=29696). Please run e2fsck to fix.
[   67.686943][ T5427] netlink: 'syz.2.642': attribute type 298 has an invalid length.
[   67.706177][ T5403] EXT4-fs (loop3): mount failed
[   67.851341][ T5433] lo speed is unknown, defaulting to 1000
[   67.938796][ T5445] __nla_validate_parse: 3 callbacks suppressed
[   67.938815][ T5445] netlink: 277 bytes leftover after parsing attributes in process `syz.0.649'.
[   68.081481][ T5455] netlink: 'syz.2.653': attribute type 1 has an invalid length.
[   68.113407][ T5457] Falling back ldisc for ptm0.
[   68.119736][ T5457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.127588][ T5455] bond1: entered promiscuous mode
[   68.128968][ T5457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.133838][ T5455] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.198996][ T5458] net_ratelimit: 12 callbacks suppressed
[   68.199014][ T5458] TC_ACT_REPEAT abuse ?
[   68.209159][ T5458] TC_ACT_REPEAT abuse ?
[   68.214975][ T5462] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.222084][ T5462] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   68.232738][ T5462] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[   68.255421][ T5455] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   68.262724][ T5455] IPv6: NLM_F_CREATE should be set when creating new route
[   68.269975][ T5455] IPv6: NLM_F_CREATE should be set when creating new route
[   68.277510][ T5455] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   68.291460][ T5462] bond1: (slave wireguard0): making interface the new active one
[   68.299354][ T5462] wireguard0: entered promiscuous mode
[   68.306633][ T5462] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[   68.336524][ T5455] bond1: (slave wireguard1): The slave device specified does not support setting the MAC address
[   68.360550][ T5455] bond1: (slave wireguard1): Enslaving as a backup interface with an up link
[   68.379845][ T5474] netlink: 'syz.4.658': attribute type 10 has an invalid length.
[   68.388537][ T5474] 8021q: adding VLAN 0 to HW filter on device team0
[   68.397431][ T5474] bond0: (slave team0): Enslaving as an active interface with an up link
[   68.431601][ T5479] loop1: detected capacity change from 0 to 1024
[   68.447518][ T5479] EXT4-fs: inline encryption not supported
[   68.467387][ T5479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.501974][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.829434][ T5515] TC_ACT_REPEAT abuse ?
[   68.833998][    C1] TC_ACT_REPEAT abuse ?
[   68.885054][ T5518] netlink: 'syz.0.671': attribute type 1 has an invalid length.
[   68.897588][ T5519] loop3: detected capacity change from 0 to 512
[   68.900150][ T5518] 8021q: adding VLAN 0 to HW filter on device bond2
[   68.917660][ T5518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.671'.
[   68.927489][ T5519] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   68.936249][ T5519] EXT4-fs (loop3): orphan cleanup on readonly fs
[   68.943472][ T5519] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   68.943699][ T5518] bond2 (unregistering): Released all slaves
[   68.960311][ T5519] EXT4-fs (loop3): Cannot turn on quotas: error -117
[   68.971734][ T5519] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.670: bg 0: block 40: padding at end of block bitmap is not set
[   68.986405][ T5519] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   68.995954][ T5519] EXT4-fs (loop3): 1 truncate cleaned up
[   69.002139][ T5519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.019409][ T5519] netlink: 'syz.3.670': attribute type 39 has an invalid length.
[   69.133080][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.169112][ T5529] vlan2: entered allmulticast mode
[   69.174482][ T5529] bridge_slave_0: entered allmulticast mode
[   69.177619][ T5531] netlink: 24 bytes leftover after parsing attributes in process `syz.4.675'.
[   69.202224][ T5531] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5531 comm=syz.4.675
[   69.271687][ T5536] loop3: detected capacity change from 0 to 128
[   70.263528][ T5569] loop3: detected capacity change from 0 to 128
[   70.553457][ T5576] netlink: 'syz.2.692': attribute type 10 has an invalid length.
[   70.562816][ T5576] netlink: 40 bytes leftover after parsing attributes in process `syz.2.692'.
[   70.576616][ T5576] dummy0: entered promiscuous mode
[   70.584478][ T5576] batman_adv: batadv0: Interface deactivated: dummy0
[   70.594633][ T5576] batman_adv: batadv0: Removing interface: dummy0
[   70.624989][ T5576] bridge0: port 4(dummy0) entered blocking state
[   70.632630][ T5576] bridge0: port 4(dummy0) entered disabled state
[   70.916717][ T5576] dummy0: entered allmulticast mode
[   70.988095][ T5576] bridge0: port 4(dummy0) entered blocking state
[   70.994979][ T5576] bridge0: port 4(dummy0) entered forwarding state
[   71.154575][ T5596] netlink: 'syz.0.706': attribute type 12 has an invalid length.
[   71.276907][ T5616] 0ªX¹¦D: left allmulticast mode
[   71.305560][ T5616] team1: left promiscuous mode
[   71.310460][ T5616] team1: left allmulticast mode
[   71.444643][   T29] kauditd_printk_skb: 190 callbacks suppressed
[   71.444672][   T29] audit: type=1326 audit(2000000008.870:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.534658][   T29] audit: type=1326 audit(2000000008.870:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.558129][   T29] audit: type=1326 audit(2000000008.880:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.575028][ T5625] loop1: detected capacity change from 0 to 1024
[   71.581751][   T29] audit: type=1326 audit(2000000008.880:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.611818][   T29] audit: type=1326 audit(2000000008.880:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.635808][   T29] audit: type=1326 audit(2000000008.880:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.659357][   T29] audit: type=1326 audit(2000000008.880:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.682888][   T29] audit: type=1326 audit(2000000008.880:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.706246][   T29] audit: type=1326 audit(2000000008.880:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.729904][   T29] audit: type=1326 audit(2000000008.880:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.4.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462dcebe9 code=0x7ffc0000
[   71.799724][ T5625] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.857676][ T5625] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   71.996374][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.058197][ T5652] netlink: 'syz.1.718': attribute type 39 has an invalid length.
[   72.104031][ T5656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.720'.
[   72.126056][ T3358] Process accounting resumed
[   72.147744][ T5659] lo speed is unknown, defaulting to 1000
[   73.137121][ T5695] netlink: 4 bytes leftover after parsing attributes in process `syz.1.736'.
[   73.160742][ T5695] netlink: 12 bytes leftover after parsing attributes in process `syz.1.736'.
[   73.368959][ T5714] loop1: detected capacity change from 0 to 512
[   73.402068][ T5718] syzkaller0: entered promiscuous mode
[   73.411902][ T5714] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.415856][ T5718] syzkaller0 (unregistering): left promiscuous mode
[   73.431995][ T5714] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.486543][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.574496][ T5730] 9pnet: p9_errstr2errno: server reported unknown error 184467440737
[   73.988131][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811aae3200: rx timeout, send abort
[   74.054975][ T5747] loop3: detected capacity change from 0 to 2048
[   74.067598][ T5747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.093549][ T3305] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   74.108637][ T3305] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   74.120849][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.283140][ T5756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.759'.
[   74.488179][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811aae3400: rx timeout, send abort
[   74.496501][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811aae3200: abort rx timeout. Force session deactivation
[   74.638099][ T5764] loop3: detected capacity change from 0 to 1024
[   74.678949][ T5781] lo speed is unknown, defaulting to 1000
[   74.695559][ T5764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.882334][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.996667][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811aae3400: abort rx timeout. Force session deactivation
[   75.234436][ T5813] loop1: detected capacity change from 0 to 128
[   75.491657][ T3806] bio_check_eod: 8528 callbacks suppressed
[   75.491673][ T3806] kworker/u8:56: attempt to access beyond end of device
[   75.491673][ T3806] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[   76.473808][   T29] kauditd_printk_skb: 74 callbacks suppressed
[   76.473825][   T29] audit: type=1400 audit(2000000013.900:2000): avc:  denied  { create } for  pid=5849 comm="syz.3.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   76.542672][   T29] audit: type=1400 audit(2000000013.930:2001): avc:  denied  { ioctl } for  pid=5849 comm="syz.3.796" path="socket:[16483]" dev="sockfs" ino=16483 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   76.631774][ T5859] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[   76.684998][ T5860] netlink: 'syz.3.798': attribute type 10 has an invalid length.
[   76.729893][ T5860] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[   76.744444][ T5860] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[   76.765606][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.774326][   T29] audit: type=1326 audit(2000000014.200:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.785220][ T5860] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   76.807303][ T5868] netlink: 4 bytes leftover after parsing attributes in process `syz.0.799'.
[   76.810749][   T29] audit: type=1326 audit(2000000014.240:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.850821][   T29] audit: type=1326 audit(2000000014.250:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.875887][   T29] audit: type=1326 audit(2000000014.250:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.899626][   T29] audit: type=1326 audit(2000000014.250:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.925285][ T5867] netlink: 60 bytes leftover after parsing attributes in process `syz.4.801'.
[   76.925969][   T29] audit: type=1326 audit(2000000014.280:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.958383][   T29] audit: type=1326 audit(2000000014.290:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   76.982356][   T29] audit: type=1326 audit(2000000014.290:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5858 comm="syz.3.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   77.006961][   T36] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[   77.051681][ T5859] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[   77.066299][ T5859] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[   77.082856][ T5859] bond0: entered promiscuous mode
[   77.088310][ T5859] bond_slave_0: entered promiscuous mode
[   77.094287][ T5859] bond_slave_1: entered promiscuous mode
[   77.100187][ T5859] batadv0: entered promiscuous mode
[   77.108614][ T5878] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.175275][ T5878] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.180635][ T5880] netlink: 12 bytes leftover after parsing attributes in process `syz.2.805'.
[   77.230037][ T5878] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.257501][ T5894] netlink: 'syz.4.811': attribute type 4 has an invalid length.
[   77.278279][ T5878] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.304213][ T5898] loop4: detected capacity change from 0 to 512
[   77.323722][ T5898] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.813: corrupted in-inode xattr: invalid ea_ino
[   77.343192][ T5904] hsr0: entered promiscuous mode
[   77.345360][ T5898] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.813: couldn't read orphan inode 15 (err -117)
[   77.348939][ T5904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'.
[   77.362111][ T5898] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000500000000 r/w without journal. Quota mode: writeback.
[   77.382094][ T5904] hsr_slave_0: left promiscuous mode
[   77.389390][ T5904] hsr_slave_1: left promiscuous mode
[   77.398762][ T5904] hsr0 (unregistering): left promiscuous mode
[   77.413181][ T3811] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.426972][ T3811] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.442047][ T3815] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.453007][ T3815] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.499911][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000500000000.
[   77.679503][ T5917] lo speed is unknown, defaulting to 1000
[   77.836014][ T5926] lo speed is unknown, defaulting to 1000
[   77.857472][ T5929] netlink: 36 bytes leftover after parsing attributes in process `syz.0.824'.
[   77.866502][ T5929] netlink: 16 bytes leftover after parsing attributes in process `syz.0.824'.
[   77.875486][ T5929] netlink: 36 bytes leftover after parsing attributes in process `syz.0.824'.
[   78.151821][ T5960] loop3: detected capacity change from 0 to 1024
[   78.153198][ T5958] batadv_slave_0: entered promiscuous mode
[   78.180931][ T5962] __nla_validate_parse: 1 callbacks suppressed
[   78.180948][ T5962] netlink: 8 bytes leftover after parsing attributes in process `syz.4.837'.
[   78.196128][ T5962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.837'.
[   78.227879][ T5960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.242037][ T5958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.835'.
[   78.253243][ T5958] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.269399][ T5960] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.326273][ T5958] batadv_slave_0 (unregistering): left promiscuous mode
[   78.357547][ T5958] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.565795][ T5960] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 13)
[   78.583074][ T5997] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   78.589264][ T5960] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   78.603325][ T5960] EXT4-fs (loop3): This should not happen!! Data will be lost
[   78.603325][ T5960] 
[   78.616386][ T5988] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 1)
[   78.630803][ T5988] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 1)
[   78.645824][ T5988] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 1)
[   78.660316][ T5988] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 1)
[   78.683418][ T5988] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.836: lblock 3 mapped to illegal pblock 3 (length 1)
[   78.698521][ T5960] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.836: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   78.718388][ T5960] EXT4-fs error (device loop3) in ext4_setattr:6071: Corrupt filesystem
[   78.780435][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.835730][ T6005] loop3: detected capacity change from 0 to 2048
[   78.865066][ T6005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.893437][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.906869][ T6009] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   78.916302][ T6009] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   79.044649][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   79.121963][ T6018] tipc: Started in network mode
[   79.126966][ T6018] tipc: Node identity 7, cluster identity 4711
[   79.133203][ T6018] tipc: Node number set to 7
[   79.170648][ T6020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.178327][ T6020] batadv0: mtu less than device minimum
[   79.184452][ T6020] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   79.195261][ T6020] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   79.206329][ T6020] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   79.223323][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.234349][ T6020] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.249804][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_1
[   79.259092][ T6020] batman_adv: batadv0: Interface deactivated: dummy0
[   79.265984][ T6020] batman_adv: batadv0: Removing interface: dummy0
[   79.278966][ T6020] bond0: (slave batadv0): Releasing backup interface
[   79.287202][ T6020] batadv0 (unregistering): left promiscuous mode
[   79.449993][ T6025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.864'.
[   80.185008][ T6049] lo speed is unknown, defaulting to 1000
[   80.742859][ T6079] loop1: detected capacity change from 0 to 512
[   80.750324][ T6079] EXT4-fs: Ignoring removed nobh option
[   80.779124][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.881: corrupted inode contents
[   80.823631][ T6079] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.881: mark_inode_dirty error
[   80.902495][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.881: corrupted inode contents
[   80.994014][ T6079] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.881: mark_inode_dirty error
[   81.059545][ T6087] lo speed is unknown, defaulting to 1000
[   81.075820][ T6079] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.881: Failed to acquire dquot type 0
[   81.116075][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.881: corrupted inode contents
[   81.199869][ T6079] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.881: mark_inode_dirty error
[   81.218794][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.881: corrupted inode contents
[   81.234344][ T6079] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.881: mark_inode_dirty error
[   81.247651][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.881: corrupted inode contents
[   81.260231][ T6079] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   81.271015][ T6079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.881: corrupted inode contents
[   81.306700][ T6079] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.881: mark_inode_dirty error
[   81.330691][ T6079] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   81.356757][ T6079] EXT4-fs (loop1): 1 truncate cleaned up
[   81.377091][ T6079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.390438][ T6079] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.812064][ T6110] lo speed is unknown, defaulting to 1000
[   82.044729][ T6110] lo speed is unknown, defaulting to 1000
[   82.051272][ T6068] syz.1.881 (6068) used greatest stack depth: 7344 bytes left
[   82.062570][ T6110] lo speed is unknown, defaulting to 1000
[   82.072427][ T6110] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   82.096248][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.112172][ T6110] lo speed is unknown, defaulting to 1000
[   82.120215][ T6114] netlink: 76 bytes leftover after parsing attributes in process `syz.0.900'.
[   82.129868][ T6110] lo speed is unknown, defaulting to 1000
[   82.138148][ T6110] lo speed is unknown, defaulting to 1000
[   82.145404][ T6110] lo speed is unknown, defaulting to 1000
[   82.170290][   T29] kauditd_printk_skb: 98 callbacks suppressed
[   82.170330][   T29] audit: type=1400 audit(2000000019.600:2106): avc:  denied  { mounton } for  pid=6115 comm="syz.4.901" path=2F3139312FE91F7189591E9233614B dev="tmpfs" ino=1017 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   82.183690][ T6110] lo speed is unknown, defaulting to 1000
[   82.203516][ T6116] cgroup: Invalid name
[   82.231403][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.3.903'.
[   82.328001][ T6129] wg2: left promiscuous mode
[   82.332661][ T6129] wg2: left allmulticast mode
[   82.339632][   T29] audit: type=1326 audit(2000000019.770:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.339656][ T6131] loop4: detected capacity change from 0 to 512
[   82.340154][ T6131] EXT4-fs: Ignoring removed oldalloc option
[   82.363285][   T29] audit: type=1326 audit(2000000019.770:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.369579][ T6131] EXT4-fs: inline encryption not supported
[   82.369691][ T6131] EXT4-fs: Ignoring removed mblk_io_submit option
[   82.437358][ T6131] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   82.449734][ T6129] wg2: entered promiscuous mode
[   82.452044][   T29] audit: type=1326 audit(2000000019.810:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.454679][ T6129] wg2: entered allmulticast mode
[   82.478187][   T29] audit: type=1326 audit(2000000019.810:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.506621][   T29] audit: type=1326 audit(2000000019.810:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.530162][   T29] audit: type=1326 audit(2000000019.810:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.553625][   T29] audit: type=1326 audit(2000000019.810:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.577397][   T29] audit: type=1326 audit(2000000019.810:2114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.600964][   T29] audit: type=1326 audit(2000000019.810:2115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994f9bebe9 code=0x7ffc0000
[   82.640614][ T6131] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.907: bg 0: block 64: padding at end of block bitmap is not set
[   82.667516][ T6140] loop3: detected capacity change from 0 to 128
[   82.695624][ T6140] syz.3.909: attempt to access beyond end of device
[   82.695624][ T6140] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[   82.710906][ T6131] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.907: Failed to acquire dquot type 0
[   82.722027][ T6140] syz.3.909: attempt to access beyond end of device
[   82.722027][ T6140] loop3: rw=2049, sector=161, nr_sectors = 8 limit=128
[   82.737782][ T6131] EXT4-fs (loop4): 1 truncate cleaned up
[   82.737847][ T6140] syz.3.909: attempt to access beyond end of device
[   82.737847][ T6140] loop3: rw=2049, sector=177, nr_sectors = 24 limit=128
[   82.745121][ T6131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.781720][ T6140] syz.3.909: attempt to access beyond end of device
[   82.781720][ T6140] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   82.796880][ T6140] syz.3.909: attempt to access beyond end of device
[   82.796880][ T6140] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   82.811277][ T6140] syz.3.909: attempt to access beyond end of device
[   82.811277][ T6140] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[   82.825969][ T6140] syz.3.909: attempt to access beyond end of device
[   82.825969][ T6140] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[   82.839639][ T6140] syz.3.909: attempt to access beyond end of device
[   82.839639][ T6140] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[   82.840278][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.854416][ T6140] syz.3.909: attempt to access beyond end of device
[   82.854416][ T6140] loop3: rw=2049, sector=289, nr_sectors = 9 limit=128
[   82.998333][ T6153] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.013964][ T6156] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.915'.
[   83.046508][ T6153] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.096688][ T6153] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.112968][ T6160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.917'.
[   83.147103][ T6153] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.212686][ T3809] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.227158][ T3809] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.238953][ T3809] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.251370][ T3809] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.478961][ T6176] syzkaller0: entered promiscuous mode
[   83.484479][ T6176] syzkaller0: entered allmulticast mode
[   83.674716][ T6185] netlink: 12 bytes leftover after parsing attributes in process `syz.2.928'.
[   83.691462][ T6185] 8021q: adding VLAN 0 to HW filter on device bond2
[   83.707645][ T6185] vlan2: entered allmulticast mode
[   83.712887][ T6185] bond2: entered allmulticast mode
[   83.799770][ T6195] loop4: detected capacity change from 0 to 512
[   83.812813][ T6195] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   83.844208][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.934'.
[   83.852397][ T6195] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   83.853794][ T6200] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.875477][ T6200] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.880233][ T6203] netlink: 'syz.2.935': attribute type 1 has an invalid length.
[   83.891603][ T6200] batman_adv: batadv0: Removing interface: dummy0
[   83.909844][ T3308] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   83.910347][ T6203] 8021q: adding VLAN 0 to HW filter on device bond3
[   83.966776][ T6203] bridge0: port 4(dummy0) entered disabled state
[   83.974046][ T6203] dummy0: left allmulticast mode
[   83.990242][ T6203] dummy0: left promiscuous mode
[   83.995399][ T6203] bridge0: port 4(dummy0) entered disabled state
[   84.011088][ T6203] bond3: (slave dummy0): making interface the new active one
[   84.020929][ T6203] bond3: (slave dummy0): Enslaving as an active interface with an up link
[   84.094324][ T6218] netlink: 'syz.0.941': attribute type 10 has an invalid length.
[   84.105575][ T6218] team0: Port device dummy0 added
[   84.118014][ T6218] netlink: 'syz.0.941': attribute type 10 has an invalid length.
[   84.137399][ T6218] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   84.148806][ T6218] team0: Failed to send options change via netlink (err -105)
[   84.156483][ T6218] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   84.169773][ T6218] team0: Port device dummy0 removed
[   84.183309][ T6218] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   84.546697][ T6229] loop4: detected capacity change from 0 to 2048
[   84.598270][ T6229] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.692057][ T6229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.952607][ T6251] ªªªªª: renamed from vlan1 (while UP)
[   85.051356][ T6265] loop1: detected capacity change from 0 to 1024
[   85.058634][ T6265] EXT4-fs: Ignoring removed orlov option
[   85.067485][ T6265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.110164][ T6270] netlink: 12 bytes leftover after parsing attributes in process `syz.2.961'.
[   85.697803][ T6271] ==================================================================
[   85.705941][ T6271] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[   85.714122][ T6271] 
[   85.716466][ T6271] write to 0xffff8881047deca8 of 8 bytes by task 6265 on cpu 0:
[   85.724112][ T6271]  filemap_splice_read+0x4f4/0x740
[   85.729266][ T6271]  ext4_file_splice_read+0x8f/0xb0
[   85.734394][ T6271]  splice_direct_to_actor+0x26f/0x680
[   85.739948][ T6271]  do_splice_direct+0xda/0x150
[   85.744710][ T6271]  do_sendfile+0x380/0x650
[   85.749133][ T6271]  __x64_sys_sendfile64+0x105/0x150
[   85.754343][ T6271]  x64_sys_call+0x2bb0/0x2ff0
[   85.759080][ T6271]  do_syscall_64+0xd2/0x200
[   85.763685][ T6271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.769665][ T6271] 
[   85.771992][ T6271] write to 0xffff8881047deca8 of 8 bytes by task 6271 on cpu 1:
[   85.779722][ T6271]  filemap_splice_read+0x4f4/0x740
[   85.785025][ T6271]  ext4_file_splice_read+0x8f/0xb0
[   85.790497][ T6271]  splice_direct_to_actor+0x26f/0x680
[   85.795875][ T6271]  do_splice_direct+0xda/0x150
[   85.800691][ T6271]  do_sendfile+0x380/0x650
[   85.805123][ T6271]  __x64_sys_sendfile64+0x105/0x150
[   85.810327][ T6271]  x64_sys_call+0x2bb0/0x2ff0
[   85.815004][ T6271]  do_syscall_64+0xd2/0x200
[   85.819603][ T6271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.825501][ T6271] 
[   85.827911][ T6271] value changed: 0x0000000000000af6 -> 0x0000000000000af7
[   85.835195][ T6271] 
[   85.837520][ T6271] Reported by Kernel Concurrency Sanitizer on:
[   85.843783][ T6271] CPU: 1 UID: 0 PID: 6271 Comm: syz.1.960 Tainted: G        W           6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[   85.858718][ T6271] Tainted: [W]=WARN
[   85.862515][ T6271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.872665][ T6271] ==================================================================
[   86.006055][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.