last executing test programs:

2m9.811025557s ago: executing program 2 (id=780):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r0)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000006bc0)={0x97c4, 0xfffffffffffff801, 0xc})
r3 = open(&(0x7f0000000300)='./file0\x00', 0x400, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
r4 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r4, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2m8.742952012s ago: executing program 2 (id=785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008840)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x258, 0x4c, 0x232, 0x258, 0x0, 0x388, 0x2e8, 0x2e8, 0x388, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@ipv4, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv4=@dev}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1, 0x20}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

2m7.685770647s ago: executing program 2 (id=792):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="09000000040000000800000010"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800002d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, 0x0, 0x310)

2m7.511829633s ago: executing program 2 (id=794):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r1, 0x0, 0x3}, 0x18)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000140)={0x5c, 0x0, 0x2, 0x1}, 0x8)

2m7.235346757s ago: executing program 2 (id=796):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r2, 0x0, 0x3)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

2m7.058730493s ago: executing program 2 (id=798):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x3, 0x47}]}}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)

1m51.892029812s ago: executing program 32 (id=798):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x3, 0x47}]}}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)

46.739427625s ago: executing program 0 (id=1256):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x120c042, &(0x7f0000000840)={[{@nodiscard}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@resuid}, {@debug}, {@minixdf}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}], [{@seclabel}]}, 0x1, 0x5e7, &(0x7f0000001400)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pt22s4Uubacyn0+ydOa9nb7vsP3uvH373m4AlTWY/lOL2BsR00lEfzK/WNcZWeXgwv3u/f3J6fSWRL3+xp9JJFlZfv8k+9mXHdwTET//lMSejtXtzsxdOT8+NTV5Odsfnr0wPTwzd+XguQvjZyfPTl4cfWn02NEjR4+N7G/rvK4WlJ28/v6H/Z+Nvf3dN/8kI9//NpbE8Xg1u2PzeWyUwRhs/J8kq6v6jm10YyXpyP5Omh/ipLPEgFiX/PHrioinoj86YunB649PXys1OGBT1ZOIOlBRifyHisr7Aflr+5Wvg2ul9EqArXD3xMIAwOr871wYG4yextjAzntJNA/rJBFxaAPa3xURt2+NXT9za+x6bNI4HFBs/lpEPF2U/0kj/weiJwYa+V9blv9pv+BU9jMtf73N9lcOFct/2DoL+d+zZv5Hi/x/pyn/322z/cGlzfd6l+V/b7unBAAAAAAAAJV180REvFj0/n9tcf5PFMz/6YuI4xvQ/uCK/dXv/9fubEAzQIG7JyJeaZ7/G7XF/M9m/w50ZFuPNeYDdCVnzk1NHoqIxyPiQHTtSPdH1mjj4Od7vm5VN5jN/8tvaQy3s7mAWRx3OncsP2ZifHb8Yc8biLh7LeKZwvm/yeL1Pym4/qfPB9Nr/N7m9eB7nr9xqtX97p//wGapfxuxv3D9z9KnViRrfj7HoeFGf2A47xWs9uzHX/zQqv12899HTMDDS6//O9fO/4Gk+fN6ZtbfxuG5znqrunb7/93Jm40uRndW9tH47OzlkYju5GRHWrqsfHT9McMjp2spH/J8SfP/wHNrj/8V9f97I2J+xa9P/lq+pjj35L99v7cKSf8fypPm/8S6rv/r3xi9MfBjq/Yf7Pp/pHGtP5CVGP+DBV/ladq9vLwgHTuLqrY6XgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHF7VptaCiiLyKeiJ21qUszsy+cufTBxYm0rvH9/7X8m377F/aT/Pv/B5r2R1fsH46I3RHxZUdvY3/o9KWpibJPHgAAAAAAAAAAAAAAAAAAALaJvhbr/1N/dJQdHbDpOssOAChNQf7/UkYcwNZz/Yfqkv9QXfIfqkv+Q3XJf6gu+Q/VJf+hutrJf3MDAQAAAABg29q97+avSUTMv9zbuKW6s7quUiMDNlut7ACA0ngbH6rL1D+oLq/xgeQ+9T0tD7rfkWuZPv0QBwMAAAAAAAAAAABA5ezfa/0/VJX1/1Bd1v9DdeXr//eVHAew9bzGB6JgJX/zc0Ph+v/CowAAAAAAAAAAAACAzTIzd+X8+NTU5GUbb22PMLZyo16vX03/CrZLPP/zjXwq/HaJZ8VGvtbvwY4q7zkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY7r8AAAD//7wNI2E=")
lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0xee01)

46.411148375s ago: executing program 0 (id=1258):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r2, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x6, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x41}, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r2, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

46.12721236s ago: executing program 0 (id=1261):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000480)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@errors_continue}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x189)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x13, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000540)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbf}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='fscache_access_volume\x00', 0xffffffffffffffff, 0x0, 0x2100000000}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x50)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x7b, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)

45.933453097s ago: executing program 0 (id=1263):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

44.926067827s ago: executing program 0 (id=1276):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)

44.692584779s ago: executing program 0 (id=1279):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2, {0x1}}, 0x18)
sendmsg$inet(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000780)="8a", 0x1}], 0x1}, 0x44)

29.316432135s ago: executing program 33 (id=1279):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2, {0x1}}, 0x18)
sendmsg$inet(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000780)="8a", 0x1}], 0x1}, 0x44)

23.608501176s ago: executing program 3 (id=1403):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
fdatasync(0xffffffffffffffff)

23.327499752s ago: executing program 3 (id=1404):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20002)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

23.113730951s ago: executing program 3 (id=1405):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x80000)

22.90031255s ago: executing program 3 (id=1406):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x80080)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x6, 0x7}, 0x0, 0x7fff, 0xa, {0x0, 0xfa}, 0x5, 0xd0aa})
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x45, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0x40a85323, &(0x7f0000000c80)={{0x32, 0x8}, 'port1\x00', 0x10, 0x20434, 0x4, 0x6, 0x400, 0x8, 0x7, 0x0, 0x1, 0x6})
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x4, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000002000080000000000000000061104f000000000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x8bc6bfab9230d34f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000c40))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x10)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x44, 0x6, 0x4a0, 0x138, 0x0, 0x368, 0x1d0, 0x138, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x11000000, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x4}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xff000000, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {0xff}, 0x11, 0x0, 0x28}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x10, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0xffffff00, 'vlan1\x00', 'nr0\x00', {}, {0xff}}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0xff, 0xffffff00, 'ip6gre0\x00', 'virt_wifi0\x00', {0xff}, {}, 0x2e, 0x0, 0x1}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00', {0xe6d959333babc205}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)

21.43782346s ago: executing program 3 (id=1410):
r0 = add_key$fscrypt_v1(&(0x7f0000002a00), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000007c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa00", 0x28}, 0x48, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000000)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r4 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6075ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r4, r3, r3, 0x0)
keyctl$KEYCTL_MOVE(0x4, r0, r0, 0x0, 0x0)

18.683821927s ago: executing program 3 (id=1422):
r0 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", "000400", "78cb6e6d9d2574d4"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "bb28ced7b820ec2d", "ca08bd91171e6405c84cdc6e52f57229", "f5ce6f37", "fe017c9f4e95f742"}, 0x28)
close_range(r0, 0xffffffffffffffff, 0x0)

18.110022189s ago: executing program 34 (id=1422):
r0 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", "000400", "78cb6e6d9d2574d4"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "bb28ced7b820ec2d", "ca08bd91171e6405c84cdc6e52f57229", "f5ce6f37", "fe017c9f4e95f742"}, 0x28)
close_range(r0, 0xffffffffffffffff, 0x0)

4.02744862s ago: executing program 6 (id=1520):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')

3.91168744s ago: executing program 6 (id=1521):
socket(0x2c, 0x802, 0x0)
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0x21081e, &(0x7f0000000340)={[{@noacl}]}, 0x0, 0x512, &(0x7f0000000f40)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP6ZkrEpU4wZE/gHNP3LkguHEpBxA/IlCDxGHQjCdZJ2tvot3EzsafjzSaefNm5/t9OzvzMi9rvwBG1s2I2I+IiYh4PyJm8/2FfIl3Okt63GcHD1YODx6sFCJJ3vtnIatP90XXn0ndyM9ZjogffCfix4VH47Z29zaW6/Xadl6ebze25lu7e3fWG8trtbXaZrW6tLi08NbdN6sX1tZXGhP51pc//f3+N36apjWT7+lux0XqNL10HCc1HhHfu4xgQzCWt2di2InwRIoR8WJEvJrd/7Mxll1NAOA6S5LZSGa7ywDAdVfMxsAKxUo+FjATxWKl0hnDeymmi/Vmq337fnNnc7UzVjYXpeL99XptIR8rnItSIS0vZtsPy9VT5bsR8UJE/HxyKitXVpr11WH+4AMAI+zGqf7/P5Od/h8AuObKw04AABg4/T8AjB79PwCMHv0/AIyeTv8/New0AIAB8v4PAKNH/w8AI+X7776bLslh/v3Xqx/s7mw0P7izWmttVBo7K5WV5vZWZa3ZXMu+s6dx1vnqzebW4hux8+HcN7da7fnW7t69RnNns30v+17ve7VSdtT+AFoGAPTzwiuf/KmQ9shvT2VLdM3lUBpqZsBlKw47AWBoxoadADA0ZvuC0fUU7/iGB+Ca6DFF7wnlXh8QSpIkubyUgEt26wvG/2FUdY3/+1/AMGKM/8PoMv4PoytJCued8z/OeyAAcLUZ4wf6/P7/xXz9m/yXAz9aPX3Ex5eZFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxtR/P/VvK5wGeiWKxUIp6LiLkoFe6v12sLEfF8RPxxsjSZlheHnDMA8LSKfy3k83/dmn195kTVyzeONyci4ie/fO8XHy6329t/iJgo/GvyaH/743x/dfDZAwBnO+qns3XXi/xnBw9WjpZB5vP3b0dEuRP/8GAiDo/jj8d4ti5HKSKm/13IyxHxt87PK2MXEH//o4j4fK/2F2ImGwPpzHx6In4e+7mBxi+eiF/M6jrr9O/icxeQC4yaT9Lnzzu97r9i3MzWve//cvaEenr58y891cph9gx8GP/o+TfWI356z988b4w3fvfdztbUo3UfRXxxPOIo9mHX8+cofqFP/Ne7T1TuH//PX3r51X51ya8ibkXv+N2x5tuNrfnW7t6d9cbyWm2ttlmtLi0uLbx1983qfDZGPd+/N/jH27ef71eXtn+6T/zyGe3/av8mn/Dr/73/w688Jv7XX+sVvxgvPSZ+2id+7Zzxl6d/2/fqpPFX+7T/rOt/+5zxP/3L3iPThgMAw9Pa3dtYrtdr28/SRvrefAXSeHY3Zp/N6767l/6TvQJp9Nz41qBiTUTvqp+91rmnT1UlyRPF6vfEuIhRN+AqOL7pI+K/2Z4kGXZOAAAAAAAAAAAAAADASQP6uB4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABciv8HAAD///S20A0=")
r0 = socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=0x0], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000084060d31174a4b3ab0f77ab41f35233efb66a8934bf2e2454c94b8e9c949ff971f039d5e27cd4b4f23fd428fa10cbfd94295837c9c9583168454de2f3b930b68ac2ee1d15e6e9e04ad8f5ee92265049ba3a5d3f4b646e676eb57b857732b0d7ae3ab63bc5c1c4d80fc67cf8463b9d7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x4}, 0x18)
unshare(0x2060600)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000980)={'wg2\x00'})
sendto$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f00000005c0)=ANY=[], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, &(0x7f0000000000)="b50ac0ecb01b1b6555b7b34f104fb5d3053ce7cba5ba931b7965199c433dfd1e962792fb815deb", 0x27)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e20, 0xdb, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x4}], 0x1c)
r5 = socket$netlink(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x14, r6, 0x1, 0x70bd29, 0x25dfdbfb, {0x25}}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.750847334s ago: executing program 5 (id=1526):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
syz_clone(0x1200, 0x0, 0x0, &(0x7f0000000840), 0x0, 0x0)

2.503106826s ago: executing program 5 (id=1529):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001940), r0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100e3d61bbffedbdf25070000001400018008"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)

2.219713232s ago: executing program 5 (id=1530):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000080)={{0x2, 0x4e23, @local}, {0x306}, 0x8, {0x2, 0x4e21, @loopback}, 'ip6_vti0\x00'})

2.12741379s ago: executing program 6 (id=1531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x1, 0xfb, 0x2}]})

2.112191681s ago: executing program 5 (id=1532):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
capset(&(0x7f0000000380)={0x19980330}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x1)

1.932660577s ago: executing program 6 (id=1535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x64d, &(0x7f0000000100)={0x0, 0x11f8, 0x8, 0x2, 0x801e7}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r2})
io_uring_enter(r2, 0x749d, 0x4, 0x0, 0x0, 0x0)

1.79331934s ago: executing program 5 (id=1536):
r0 = socket(0x2, 0x80805, 0x0)
socket$key(0xf, 0x3, 0x2)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_exception\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fdffffee000000000000000085000000feff5d45169e5a35315ed576df2c00000095"], &(0x7f0000000040)='GPL\x00'}, 0x94)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, r5}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_exception\x00', r6}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c20000010180c200000008004500001c00000000001190780800001ce0000001160017c100089078"], 0x0)
close(0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000340)={'wg1\x00', <r8=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x7c, r7, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400802}, {}, 0x0, 0x1, 0x2, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r11}, 0x18)
r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r12, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)

1.78648833s ago: executing program 6 (id=1538):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x11e, 0x82, 0x0, &(0x7f0000000080))

1.647374483s ago: executing program 6 (id=1539):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[], 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
rename(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00')
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x33}})

1.641446703s ago: executing program 5 (id=1541):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
close(r0)
socket(0x10, 0x803, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r1}, 0x18)
r2 = syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r3], 0x20}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2800000010000100db1815168c69010000000000", @ANYRES32=0x0, @ANYBLOB="200400000000000008001b0000000000"], 0x28}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r8}, 0x10)
syz_usb_disconnect(0xffffffffffffffff)

1.56605973s ago: executing program 1 (id=1542):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x184, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x184}}, 0x4050)

1.431664412s ago: executing program 1 (id=1544):
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff9e)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f3fd65bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e208000000729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e7095d6744756e17ece06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000600000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)

1.243365238s ago: executing program 4 (id=1546):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000500)={[{@i_version}, {@usrquota}, {@bh}]}, 0x1, 0x523, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AgiNfbGsrzrtbzrUptIuGeuSFTiBEf+AM49ceeC4MalHJD4YYFqJA5TzezY2di79qaJvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiIdyNipjyelFu81d3y8z7ZfbC4t/tgMYkse+dfSVGeH4uen8ldK19zKiJ+8J2InyRH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5427r9ceozVTx5a+1JwoU1/++I873/hZXq3p8khvO56mbtMrB3FylyPie6cRbAQule2ZGHVF+EzSiHg+Il4urv+ZuFT8NgGAiyzLZiKb6c0DABddWsyBJWm1nAuYjjStVrtzeC/E1bTRandu3W9tri1158quRyW9v9Ko3ynnCq9HJcnzc0X6Yb52KH83Ip6LiF9OXiny1cVWY2mUNz4AMMauHRr//zvZHf8BgAvu+I/NAAAXkfEfAMaP8R8Axo/xHwDGT3f8v/K4P5Zl2c9PozoAwBnw/A8A48f4DwBj5ftvv51v2V75/ddL721trrbeu71Ub69Wm5uL1cXWxnp1udVaLr6zp3nS6zVarfW512Lz/evfXG93Zttb2/earc21zr3ie73v1SvFWTtn0DIAYJDnXvroL0k+Ir95pdiiZy2HykhrBpy2dNQVAEbm0qgrAIyM1b5gfD18xn/sDwGYHoALos8SvY+Y6vcHQlmWZadXJeCU3fyC+X8YVz3z/z4FDGPmpPn/Ym1gbxLChWT+H8ZXliXDrvkfw54IAJxvx8zxXz/L+xBgdAa8//98uf9d+ebAj5YOn/HhadYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzrf99X+r5TK/05Gm1WrEM8UCQJXk/kqjficino2IP09WJvP83IjrDAA8qfTvSbn+182ZV6cfKXrx2kFyIiJ++ut3fvX+Qqez8aeIieTfk/vHOx+Wx2snBps6jRYAAMfbH6eLfc+D/Ce7Dxb3t7Oszz++3b0ryOPu7U7E3kH8y3G52E9FJSKu/icp811Jz9zFk9j5ICI+36/9SUwXcyDdW5bD8fPYz5xp/PSR+Gm5QHNa/lt87inUBcbNR3n/81a/6y+NG8W+//U/VfRQT67s//KXWtwr+sCH8ff7v0sD+r8bw8Z47Q/f7aauHC37IOKLlyP2Y+/19D/78ZMB8V8dMv5fv/Tiy4PKst9E3Iz+8XtjzXaa67Ptre3bK82F5fpyfa1Wm5+bv/PG3ddrs8Uc9ezg0eCfb956dlBZ3v6rA+JPndD+rw7Z/t/+/90ffuWY+F9/pV/8NF44Jn4+Jn5tyPgLV38/8Lk7j790tP3JML//W0PG//hv20eWDQcARqe9tb260GjUNyTGNPHjOBfVGC6R/5c9B9Xom/jWWcWaiP5Fv3ile00fKsqyzxRrUI/xNGbdgPPg4KKPiP+NujIAAAAAAAAAAAAAAEBfZ/EXS6NuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXpwEAAP//+E3TQw==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

1.068255304s ago: executing program 4 (id=1547):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20008000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000a80)=@gcm_128={{0x303}, "9ff3d6661480294c", "5fa3c0bf46782bbee21b09b7446edc75", "5bee93e1", "f11bb8cba3046ce3"}, 0x28)

890.232641ms ago: executing program 4 (id=1548):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
personality(0xc00000a)

771.223851ms ago: executing program 4 (id=1549):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ppoll(0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)

247.456698ms ago: executing program 1 (id=1550):
r0 = socket(0x2, 0x80805, 0x0)
socket$key(0xf, 0x3, 0x2)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_exception\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fdffffee000000000000000085000000feff5d45169e5a35315ed576df2c00000095"], &(0x7f0000000040)='GPL\x00'}, 0x94)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, r5}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_exception\x00', r6}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c20000010180c200000008004500001c00000000001190780800001ce0000001160017c100089078"], 0x0)
close(0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000340)={'wg1\x00', <r8=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x7c, r7, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400802}, {}, 0x0, 0x1, 0x2, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r11}, 0x18)
r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r12, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)

247.173078ms ago: executing program 4 (id=1551):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)

134.383838ms ago: executing program 1 (id=1552):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c0007800800050000000000080006000000000008"], 0xd0}}, 0x0)

83.193333ms ago: executing program 4 (id=1553):
bpf$MAP_CREATE(0x0, &(0x7f00000040c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2, 0x118)
r0 = syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x40, 0x5, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec5, 0x0, 0x0, 0x0, 0x200}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r4=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, 0x0, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x22, &(0x7f0000000380)={&(0x7f0000003000)}, 0x1)
syz_emit_ethernet(0x6e, &(0x7f0000000800)={@random="617e71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x38, 0x3a, 0xff, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x9, {0x7, 0x6, "3c9377", 0x5, 0x2c, 0xff, @mcast1, @loopback, [@hopopts={0x33}]}}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000002600000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg(0xffffffffffffffff, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x4000)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)

65.328364ms ago: executing program 1 (id=1554):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, 0x0)

0s ago: executing program 1 (id=1555):
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
shmat(0x0, &(0x7f0000064000/0x3000)=nil, 0x2000)

kernel console output (not intermixed with test programs):

3] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  211.399201][ T8233] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  211.409399][ T8233] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  211.419403][ T8233] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  211.429345][ T8233] 45325 total pagecache pages
[  211.434190][ T8233] 0 pages in swap cache
[  211.438745][ T8233] Free swap  = 124704kB
[  211.445925][ T8233] Total swap = 124996kB
[  211.476601][ T8233] 2097051 pages RAM
[  211.481113][ T8233] 0 pages HighMem/MovableOnly
[  211.503353][ T8269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  211.525459][ T8233] 416127 pages reserved
[  211.529691][ T8233] 0 pages cma reserved
[  211.538442][ T8188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.595211][ T5773] Bluetooth: hci0: command tx timeout
[  211.774762][ T8278] netlink: 28 bytes leftover after parsing attributes in process `syz.3.887'.
[  211.809659][ T8278] netlink: 32 bytes leftover after parsing attributes in process `syz.3.887'.
[  211.836713][ T8278] netlink: 28 bytes leftover after parsing attributes in process `syz.3.887'.
[  211.860528][ T8278] netlink: 32 bytes leftover after parsing attributes in process `syz.3.887'.
[  211.926811][ T8188] team0: Port device team_slave_0 added
[  211.980667][ T8188] team0: Port device team_slave_1 added
[  212.566253][ T8188] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.656771][ T8188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.699523][ T8188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.808263][ T8188] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.827152][ T8188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.899974][ T8188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.194149][ T8188] hsr_slave_0: entered promiscuous mode
[  213.235371][ T8188] hsr_slave_1: entered promiscuous mode
[  213.314617][ T8188] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.332572][ T8188] Cannot create hsr debugfs directory
[  213.394518][ T7083] hsr_slave_0: left promiscuous mode
[  213.408203][ T7083] hsr_slave_1: left promiscuous mode
[  213.444684][ T7083] bridge_slave_1: left allmulticast mode
[  213.450417][ T7083] bridge_slave_1: left promiscuous mode
[  213.476429][ T7083] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.522818][ T7083] bridge_slave_0: left allmulticast mode
[  213.544362][ T7083] bridge_slave_0: left promiscuous mode
[  213.550214][ T7083] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.664687][ T5773] Bluetooth: hci0: command tx timeout
[  213.703330][ T7083] veth1_macvtap: left promiscuous mode
[  213.712312][ T7083] veth0_macvtap: left promiscuous mode
[  213.718603][ T7083] veth1_vlan: left promiscuous mode
[  213.725168][ T7083] veth0_vlan: left promiscuous mode
[  214.290129][   T28] kauditd_printk_skb: 94 callbacks suppressed
[  214.290145][   T28] audit: type=1326 audit(1767946216.274:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8304 comm="syz.3.891" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x0
[  214.666434][   T28] audit: type=1326 audit(1767946216.654:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.0.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  214.692381][   T28] audit: type=1326 audit(1767946216.654:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.0.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  214.717288][   T28] audit: type=1326 audit(1767946216.684:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.0.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  214.790712][   T28] audit: type=1326 audit(1767946216.684:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.0.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  214.832208][   T28] audit: type=1326 audit(1767946216.704:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.0.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  215.078188][ T7083] team0 (unregistering): Port device team_slave_1 removed
[  215.200759][ T7083] team0 (unregistering): Port device team_slave_0 removed
[  215.328648][ T8329] loop3: detected capacity change from 0 to 512
[  215.338493][ T7083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.360001][ T8329] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.902: inode has both inline data and extents flags
[  215.378824][ T8329] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.902: couldn't read orphan inode 15 (err -117)
[  215.402459][ T8329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.578325][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.612841][ T7083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.757542][ T5773] Bluetooth: hci0: command tx timeout
[  215.999000][ T7083] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  216.383793][ T7083] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  216.398755][ T7083] bond0 (unregistering): Released all slaves
[  216.561938][ T8306] netlink: 144 bytes leftover after parsing attributes in process `syz.1.893'.
[  217.150697][   T28] audit: type=1326 audit(1767946219.134:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  217.209398][   T28] audit: type=1326 audit(1767946219.134:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  217.288636][   T28] audit: type=1326 audit(1767946219.134:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  217.343276][   T28] audit: type=1326 audit(1767946219.134:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  217.406278][ T7083] IPVS: stop unused estimator thread 0...
[  217.471018][ T8188] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  217.498205][ T8188] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  217.548185][ T8188] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  217.604617][ T8188] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  217.778355][ T8364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.912'.
[  217.897151][ T8188] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.953419][ T8188] 8021q: adding VLAN 0 to HW filter on device team0
[  218.002828][ T7779] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.010642][ T7779] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.099349][ T4722] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.106719][ T4722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.467222][ T8377] loop3: detected capacity change from 0 to 1024
[  218.485515][ T8377] ext4: Bad value for 'resgid'
[  218.946002][ T8188] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.813453][ T8188] veth0_vlan: entered promiscuous mode
[  219.868417][ T8188] veth1_vlan: entered promiscuous mode
[  219.972051][ T8188] veth0_macvtap: entered promiscuous mode
[  220.017269][ T8188] veth1_macvtap: entered promiscuous mode
[  220.127017][ T8188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.164350][ T8188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.199838][ T8188] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.256367][ T8188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.294436][ T8188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.326361][ T8188] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.806886][ T8188] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.815924][ T8188] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.826043][ T8188] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.834899][ T8188] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.190378][ T7083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.219600][ T7083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.348123][ T7779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.368469][ T7779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.671560][ T8431] loop4: detected capacity change from 0 to 256
[  221.761675][ T8211] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  222.106516][    T8] IPVS: starting estimator thread 0...
[  222.199995][ T8445] hub 9-0:1.0: USB hub found
[  222.220158][ T8445] hub 9-0:1.0: 1 port detected
[  222.307203][ T8442] IPVS: using max 16 ests per chain, 38400 per kthread
[  223.394648][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  223.394665][   T28] audit: type=1326 audit(1767946225.374:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  223.454863][   T28] audit: type=1326 audit(1767946225.374:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  223.514674][   T28] audit: type=1326 audit(1767946225.374:2356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  223.595052][   T28] audit: type=1326 audit(1767946225.374:2357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  223.620702][ T8344] warn_alloc: 3 callbacks suppressed
[  223.620720][ T8344] syz.1.908: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  223.674537][   T28] audit: type=1326 audit(1767946225.374:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  223.698823][ T8344] CPU: 1 PID: 8344 Comm: syz.1.908 Not tainted syzkaller #0
[  223.706169][ T8344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  223.716257][ T8344] Call Trace:
[  223.719572][ T8344]  <TASK>
[  223.722539][ T8344]  dump_stack_lvl+0x16c/0x230
[  223.727277][ T8344]  ? show_regs_print_info+0x20/0x20
[  223.732520][ T8344]  ? load_image+0x3b0/0x3b0
[  223.737065][ T8344]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  223.743519][ T8344]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  223.750067][ T8344]  warn_alloc+0x210/0x300
[  223.754454][ T8344]  ? zone_watermark_ok_safe+0x230/0x230
[  223.760065][ T8344]  ? _raw_spin_unlock+0x28/0x40
[  223.764964][ T8344]  __vmalloc_node_range+0x662/0x1320
[  223.770321][ T8344]  ? free_vm_area+0x50/0x50
[  223.774860][ T8344]  ? _raw_spin_unlock+0x28/0x40
[  223.779750][ T8344]  ? __kmem_cache_free+0xba/0x1f0
[  223.784815][ T8344]  __vmalloc_node_range+0x568/0x1320
[  223.790136][ T8344]  ? hash_netiface_create+0x361/0xff0
[  223.795580][ T8344]  ? __asan_memset+0x22/0x40
[  223.800231][ T8344]  ? free_vm_area+0x50/0x50
[  223.804776][ T8344]  ? kvmalloc_node+0x70/0x180
[  223.809501][ T8344]  ? rcu_is_watching+0x15/0xb0
[  223.814311][ T8344]  ? kvmalloc_node+0x70/0x180
[  223.819024][ T8344]  ? trace_kmalloc+0x1f/0xa0
[  223.823647][ T8344]  kvmalloc_node+0x13f/0x180
[  223.828273][ T8344]  ? hash_netiface_create+0x361/0xff0
[  223.833687][ T8344]  hash_netiface_create+0x361/0xff0
[  223.838949][ T8344]  ? __lock_acquire+0x7c80/0x7c80
[  223.844015][ T8344]  ? __nla_parse+0x40/0x50
[  223.848473][ T8344]  ? hash_netport6_gc+0x570/0x570
[  223.853540][ T8344]  ip_set_create+0xa87/0x18e0
[  223.858253][ T8344]  ? ip_set_create+0x4b2/0x18e0
[  223.863142][ T8344]  ? ip_set_protocol+0x5d0/0x5d0
[  223.868111][ T8344]  ? trace_contention_end+0x39/0xe0
[  223.873512][ T8344]  nfnetlink_rcv_msg+0xb49/0x1130
[  223.878592][ T8344]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.884693][ T8344]  ? nfnetlink_rcv_msg+0x20e/0x1130
[  223.889949][ T8344]  ? nfnetlink_unbind+0x160/0x160
[  223.895036][ T8344]  ? __dev_queue_xmit+0x1a64/0x35a0
[  223.900279][ T8344]  ? __netlink_deliver_tap+0x5ab/0x830
[  223.905767][ T8344]  ? netlink_deliver_tap+0x19c/0x1b0
[  223.911082][ T8344]  ? netlink_unicast+0x72c/0x8d0
[  223.916150][ T8344]  ? netlink_sendmsg+0x8c1/0xbe0
[  223.921118][ T8344]  ? ____sys_sendmsg+0x5bf/0x950
[  223.926116][ T8344]  ? ___sys_sendmsg+0x220/0x290
[  223.931000][ T8344]  ? __se_sys_sendmsg+0x1a5/0x270
[  223.936057][ T8344]  ? do_syscall_64+0x55/0xb0
[  223.940698][ T8344]  netlink_rcv_skb+0x216/0x480
[  223.945504][ T8344]  ? nfnetlink_unbind+0x160/0x160
[  223.950577][ T8344]  ? netlink_ack+0x1110/0x1110
[  223.955378][ T8344]  ? apparmor_capable+0x137/0x1a0
[  223.960437][ T8344]  ? bpf_lsm_capable+0x9/0x10
[  223.965157][ T8344]  ? security_capable+0x89/0xb0
[  223.970060][ T8344]  nfnetlink_rcv+0x274/0x2180
[  223.974795][ T8344]  ? __local_bh_enable_ip+0x12e/0x1c0
[  223.980199][ T8344]  ? lockdep_hardirqs_on+0x98/0x150
[  223.985442][ T8344]  ? __local_bh_enable_ip+0x12e/0x1c0
[  223.990852][ T8344]  ? _local_bh_enable+0xa0/0xa0
[  223.995746][ T8344]  ? __dev_queue_xmit+0x245/0x35a0
[  224.000899][ T8344]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[  224.006505][ T8344]  ? __dev_queue_xmit+0x245/0x35a0
[  224.011667][ T8344]  ? ref_tracker_free+0x634/0x7d0
[  224.016722][ T8344]  ? __copy_skb_header+0xa7/0x550
[  224.021813][ T8344]  ? refcount_inc+0x70/0x70
[  224.026348][ T8344]  ? __skb_clone+0x63/0x790
[  224.030884][ T8344]  ? __skb_clone+0x480/0x790
[  224.035514][ T8344]  ? __netlink_deliver_tap+0x7e8/0x830
[  224.041003][ T8344]  ? netlink_deliver_tap+0x2e/0x1b0
[  224.046229][ T8344]  ? __lock_acquire+0x7c80/0x7c80
[  224.051294][ T8344]  ? netlink_deliver_tap+0x2e/0x1b0
[  224.056551][ T8344]  netlink_unicast+0x751/0x8d0
[  224.061363][ T8344]  netlink_sendmsg+0x8c1/0xbe0
[  224.066167][ T8344]  ? netlink_getsockopt+0x580/0x580
[  224.071395][ T8344]  ? aa_sock_msg_perm+0x94/0x150
[  224.076405][ T8344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  224.081739][ T8344]  ? security_socket_sendmsg+0x80/0xa0
[  224.087253][ T8344]  ? netlink_getsockopt+0x580/0x580
[  224.092493][ T8344]  ____sys_sendmsg+0x5bf/0x950
[  224.097298][ T8344]  ? __asan_memset+0x22/0x40
[  224.101935][ T8344]  ? __sys_sendmsg_sock+0x30/0x30
[  224.106998][ T8344]  ? __import_iovec+0x5f2/0x860
[  224.111892][ T8344]  ? import_iovec+0x73/0xa0
[  224.116441][ T8344]  ___sys_sendmsg+0x220/0x290
[  224.121159][ T8344]  ? __sys_sendmsg+0x270/0x270
[  224.126001][ T8344]  __se_sys_sendmsg+0x1a5/0x270
[  224.130887][ T8344]  ? __x64_sys_sendmsg+0x80/0x80
[  224.135867][ T8344]  ? lockdep_hardirqs_on+0x98/0x150
[  224.141099][ T8344]  do_syscall_64+0x55/0xb0
[  224.145569][ T8344]  ? clear_bhb_loop+0x40/0x90
[  224.150287][ T8344]  ? clear_bhb_loop+0x40/0x90
[  224.154995][ T8344]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  224.160933][ T8344] RIP: 0033:0x7eff05f8f749
[  224.165385][ T8344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.185023][ T8344] RSP: 002b:00007eff06d76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.193569][ T8344] RAX: ffffffffffffffda RBX: 00007eff061e5fa0 RCX: 00007eff05f8f749
[  224.201572][ T8344] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  224.209575][ T8344] RBP: 00007eff06013f91 R08: 0000000000000000 R09: 0000000000000000
[  224.217573][ T8344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  224.225584][ T8344] R13: 00007eff061e6038 R14: 00007eff061e5fa0 R15: 00007ffd13c0c9b8
[  224.233611][ T8344]  </TASK>
[  224.241805][   T28] audit: type=1326 audit(1767946225.374:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  224.283033][ T8344] Mem-Info:
[  224.291079][   T28] audit: type=1326 audit(1767946225.374:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  224.345843][ T8344] active_anon:8289 inactive_anon:0 isolated_anon:0
[  224.345843][ T8344]  active_file:797 inactive_file:40304 isolated_file:0
[  224.345843][ T8344]  unevictable:768 dirty:26 writeback:0
[  224.345843][ T8344]  slab_reclaimable:10413 slab_unreclaimable:94331
[  224.345843][ T8344]  mapped:24356 shmem:4240 pagetables:610
[  224.345843][ T8344]  sec_pagetables:0 bounce:0
[  224.345843][ T8344]  kernel_misc_reclaimable:0
[  224.345843][ T8344]  free:1320893 free_pcp:11574 free_cma:0
[  224.420648][   T28] audit: type=1326 audit(1767946225.374:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  224.525636][ T8344] Node 0 active_anon:32856kB inactive_anon:0kB active_file:3188kB inactive_file:161016kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97424kB dirty:0kB writeback:0kB shmem:15424kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12168kB pagetables:2340kB sec_pagetables:0kB all_unreclaimable? no
[  224.553405][   T28] audit: type=1326 audit(1767946225.374:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  224.612576][ T8344] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  224.644185][ T8344] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  224.672549][ T8344] lowmem_reserve[]: 0 2525 2526 2526 2526
[  224.676370][   T28] audit: type=1326 audit(1767946225.374:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.0.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  224.678572][ T8344] Node 0 DMA32 free:1371056kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:33008kB inactive_anon:0kB active_file:3188kB inactive_file:159700kB unevictable:1536kB writepending:96kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:23544kB local_pcp:20504kB free_cma:0kB
[  224.733200][ T8344] lowmem_reserve[]: 0 0 1 1 1
[  224.738331][ T8344] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  224.766028][ T8344] lowmem_reserve[]: 0 0 0 0 0
[  224.770831][ T8344] Node 1 Normal free:3896892kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23528kB local_pcp:11072kB free_cma:0kB
[  224.804754][ T8344] lowmem_reserve[]: 0 0 0 0 0
[  224.811347][ T8344] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  224.854105][ T8344] Node 0 DMA32: 258*4kB (UME) 217*8kB (UME) 38*16kB (M) 102*32kB (UME) 73*64kB (M) 71*128kB (UME) 268*256kB (UME) 150*512kB (UM) 69*1024kB (U) 32*2048kB (UME) 261*4096kB (UM) = 1371056kB
[  224.940684][ T8344] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  224.975501][ T8344] Node 1 Normal: 237*4kB (UM) 63*8kB (UME) 43*16kB (UME) 47*32kB (UME) 14*64kB (UE) 7*128kB (UME) 1*256kB (E) 2*512kB (UM) 1*1024kB (E) 1*2048kB (E) 949*4096kB (M) = 3896892kB
[  225.023292][ T8344] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  225.040031][ T8344] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  225.051925][ T8344] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  225.063004][ T8344] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  225.080974][ T8344] 45337 total pagecache pages
[  225.092082][ T8344] 0 pages in swap cache
[  225.103287][ T8344] Free swap  = 124704kB
[  225.114148][ T8344] Total swap = 124996kB
[  225.137425][ T8344] 2097051 pages RAM
[  225.148642][ T8344] 0 pages HighMem/MovableOnly
[  225.164906][ T8344] 416127 pages reserved
[  225.178071][ T8344] 0 pages cma reserved
[  226.971858][ T8513] netlink: 8 bytes leftover after parsing attributes in process `syz.3.945'.
[  228.994837][ T8546] GUP no longer grows the stack in syz.3.952 (8546): 200000004000-20000000a000 (200000002000)
[  229.058193][ T8546] CPU: 1 PID: 8546 Comm: syz.3.952 Not tainted syzkaller #0
[  229.065576][ T8546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  229.075699][ T8546] Call Trace:
[  229.079020][ T8546]  <TASK>
[  229.081993][ T8546]  dump_stack_lvl+0x16c/0x230
[  229.086747][ T8546]  ? show_regs_print_info+0x20/0x20
[  229.092009][ T8546]  ? load_image+0x3b0/0x3b0
[  229.096570][ T8546]  ? find_vma+0x12e/0x1b0
[  229.100964][ T8546]  __get_user_pages+0xfb9/0x1470
[  229.105985][ T8546]  ? populate_vma_page_range+0x370/0x370
[  229.111695][ T8546]  get_user_pages_remote+0x3de/0xc10
[  229.117051][ T8546]  ? get_dump_page+0x200/0x200
[  229.121888][ T8546]  __access_remote_vm+0x1ff/0x570
[  229.126973][ T8546]  ? generic_access_phys+0x650/0x650
[  229.132304][ T8546]  ? alloc_pages+0x4dc/0x740
[  229.136952][ T8546]  ? do_raw_spin_unlock+0x121/0x230
[  229.142211][ T8546]  proc_pid_cmdline_read+0x551/0x830
[  229.147549][ T8546]  ? schedule+0xc7/0x170
[  229.151862][ T8546]  ? comm_show+0x150/0x150
[  229.156328][ T8546]  ? common_file_perm+0x140/0x1f0
[  229.161408][ T8546]  ? fsnotify_perm+0x271/0x5e0
[  229.166232][ T8546]  do_iter_read+0x506/0xc80
[  229.170809][ T8546]  ? comm_show+0x150/0x150
[  229.175279][ T8546]  ? vfs_iter_read+0xa0/0xa0
[  229.179929][ T8546]  ? __import_iovec+0x5f2/0x860
[  229.184864][ T8546]  ? import_iovec+0x73/0xa0
[  229.189432][ T8546]  do_preadv+0x1fa/0x330
[  229.193753][ T8546]  ? do_prlimit+0x2f0/0x3f0
[  229.198319][ T8546]  ? do_writev+0x410/0x410
[  229.202819][ T8546]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  229.208880][ T8546]  ? lock_chain_count+0x20/0x20
[  229.213803][ T8546]  ? lockdep_hardirqs_on+0x98/0x150
[  229.219075][ T8546]  do_syscall_64+0x55/0xb0
[  229.223551][ T8546]  ? clear_bhb_loop+0x40/0x90
[  229.228294][ T8546]  ? clear_bhb_loop+0x40/0x90
[  229.233063][ T8546]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  229.239061][ T8546] RIP: 0033:0x7f978798f749
[  229.243542][ T8546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.263211][ T8546] RSP: 002b:00007f97887e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  229.271710][ T8546] RAX: ffffffffffffffda RBX: 00007f9787be5fa0 RCX: 00007f978798f749
[  229.279763][ T8546] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000005
[  229.287767][ T8546] RBP: 00007f9787a13f91 R08: 0000000000000000 R09: 0000000000000000
[  229.295766][ T8546] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  229.303777][ T8546] R13: 00007f9787be6038 R14: 00007f9787be5fa0 R15: 00007ffedd0eb418
[  229.311808][ T8546]  </TASK>
[  229.632377][ T8564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.958'.
[  230.509560][   T28] kauditd_printk_skb: 110 callbacks suppressed
[  230.509577][   T28] audit: type=1326 audit(1767946232.494:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.591080][   T28] audit: type=1326 audit(1767946232.494:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.634642][   T28] audit: type=1326 audit(1767946232.514:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.684413][   T28] audit: type=1326 audit(1767946232.514:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.754386][   T28] audit: type=1326 audit(1767946232.514:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.817864][   T28] audit: type=1326 audit(1767946232.514:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.874470][   T28] audit: type=1326 audit(1767946232.514:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  230.958991][   T28] audit: type=1326 audit(1767946232.514:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  231.034424][   T28] audit: type=1326 audit(1767946232.534:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  231.084103][   T28] audit: type=1326 audit(1767946232.534:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  231.456118][ T8607] sd 0:0:1:0: device reset
[  231.603541][ T8612] netlink: 12 bytes leftover after parsing attributes in process `syz.0.966'.
[  231.631767][ T8612] : entered promiscuous mode
[  233.204581][ T5812] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  233.364723][ T5812] usb 2-1: device descriptor read/64, error -71
[  233.654473][ T5812] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  233.728573][ T8656] xt_TCPMSS: Only works on TCP SYN packets
[  233.806315][ T8658] macsec0: entered allmulticast mode
[  233.819725][ T8658] veth1_macvtap: entered allmulticast mode
[  233.825854][ T5812] usb 2-1: device descriptor read/64, error -71
[  233.842641][ T8658] macsec0: left allmulticast mode
[  233.848587][ T8658] veth1_macvtap: left allmulticast mode
[  234.347148][ T5812] usb usb2-port1: attempt power cycle
[  234.450057][ T8664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.981'.
[  234.764421][ T5812] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  234.795968][ T5812] usb 2-1: device descriptor read/8, error -71
[  235.264514][ T5812] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  235.307425][ T8680] syz.4.985[8680] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.308303][ T8680] syz.4.985[8680] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.608144][ T5812] usb 2-1: device descriptor read/8, error -71
[  236.142752][ T5812] usb usb2-port1: unable to enumerate USB device
[  236.944362][   T28] kauditd_printk_skb: 372 callbacks suppressed
[  236.944381][   T28] audit: type=1326 audit(1767946238.884:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8693 comm="syz.0.990" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3891f8f749 code=0x0
[  237.023220][ T8699] netlink: 3 bytes leftover after parsing attributes in process `syz.0.990'.
[  237.096872][ T8699] 0ªX¹¦À: renamed from caif0
[  237.144237][ T8699] 0ªX¹¦À: entered allmulticast mode
[  237.171475][ T8699] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  237.533753][ T8708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.993'.
[  237.555307][ T8708] netlink: 44 bytes leftover after parsing attributes in process `syz.3.993'.
[  238.762970][ T8725] loop4: detected capacity change from 0 to 512
[  238.777098][ T8725] EXT4-fs: Ignoring removed nobh option
[  238.826011][ T8725] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  238.867069][ T8725] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.998: invalid indirect mapped block 256 (level 1)
[  238.903971][ T8725] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.998: invalid indirect mapped block 2683928664 (level 1)
[  238.932375][ T8725] EXT4-fs (loop4): 1 truncate cleaned up
[  238.973430][ T8725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.103895][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.181844][ T8742] loop4: detected capacity change from 0 to 128
[  239.205548][ T8742] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  239.217793][   T28] audit: type=1326 audit(1767946241.194:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  239.241277][   T28] audit: type=1326 audit(1767946241.194:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  239.263684][   T28] audit: type=1326 audit(1767946241.204:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  239.286089][ T8742] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  239.296571][   T28] audit: type=1326 audit(1767946241.204:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  239.319089][   T28] audit: type=1326 audit(1767946241.204:2861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  239.349638][ T8742] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz.4.1000: bad entry in directory: rec_len is smaller than minimal - offset=1012, inode=128, rec_len=9, size=1024 fake=0
[  239.401463][ T8742] EXT4-fs (loop4): Remounting filesystem read-only
[  239.415966][ T8719] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  239.422223][ T8719] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  239.455389][ T8719] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  239.461594][ T8719] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  239.476414][ T8719] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  239.487696][ T8719] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  239.498873][ T8188] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  239.719170][   T28] audit: type=1326 audit(1767946241.704:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  239.779609][   T28] audit: type=1326 audit(1767946241.704:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  239.830436][   T28] audit: type=1326 audit(1767946241.704:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  239.865551][   T28] audit: type=1326 audit(1767946241.704:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  240.338256][ T8761] syz.1.1006[8761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.338360][ T8761] syz.1.1006[8761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.625453][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  240.636796][ T8771] tipc: Enabled bearer <udp:syz2>, priority 10
[  240.651738][ T8771] tipc: Enabled bearer <eth:ip6_vti0>, priority 10
[  240.669442][ T8771] tipc: Resetting bearer <eth:ip6_vti0>
[  241.424558][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  241.504509][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  241.510967][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  241.584769][ T5773] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  241.988930][ T8793] usb usb2: usbfs: interface 0 claimed by hub while 'syz.1.1021' sets config #0
[  242.148750][   T28] kauditd_printk_skb: 24 callbacks suppressed
[  242.148768][   T28] audit: type=1326 audit(1767946244.134:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  242.187315][   T28] audit: type=1326 audit(1767946244.134:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  242.215174][   T28] audit: type=1326 audit(1767946244.134:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  242.231372][ T8797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1023'.
[  242.258432][ T8797] hsr_slave_0: left promiscuous mode
[  242.266501][ T8797] hsr_slave_1: left promiscuous mode
[  242.281520][ T8801] atomic_op ffff888020b0e198 conn xmit_atomic 0000000000000000
[  242.607475][   T28] audit: type=1326 audit(1767946244.584:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  242.664810][   T28] audit: type=1326 audit(1767946244.584:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  242.730583][   T28] audit: type=1326 audit(1767946244.594:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  242.784991][   T28] audit: type=1326 audit(1767946244.594:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  242.825538][   T28] audit: type=1326 audit(1767946244.594:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  243.013382][   T28] audit: type=1326 audit(1767946244.594:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  243.441649][   T28] audit: type=1326 audit(1767946244.594:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  243.600411][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  244.881948][ T8866] random: crng reseeded on system resumption
[  244.980635][ T8868] futex_wake_op: syz.1.1043 tries to shift op by -3; fix this program
[  245.142669][ T8873] loop7: detected capacity change from 0 to 16384
[  245.314619][ T8879] loop7: detected capacity change from 16384 to 0
[  245.448210][ T8884] loop3: detected capacity change from 0 to 128
[  245.525983][ T8884] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  245.611513][ T8884] ext4 filesystem being mounted at /271/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  245.666176][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  245.812124][ T5772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  246.113625][ T8904] syz.4.1054[8904] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.113770][ T8904] syz.4.1054[8904] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.462539][ T8923] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  246.515033][ T8923] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  247.025572][ T8939] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1066'.
[  247.066729][ T8939] unsupported nlmsg_type 40
[  247.329055][ T8941] loop4: detected capacity change from 0 to 8192
[  247.402161][ T8941] syz.4.1065: attempt to access beyond end of device
[  247.402161][ T8941] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  247.473431][ T8941] Buffer I/O error on dev loop4, logical block 57847, async page read
[  247.519681][ T8941] syz.4.1065: attempt to access beyond end of device
[  247.519681][ T8941] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  247.572144][ T8941] Buffer I/O error on dev loop4, logical block 57847, async page read
[  247.604352][   T28] kauditd_printk_skb: 36 callbacks suppressed
[  247.604372][   T28] audit: type=1800 audit(1767946249.584:2936): pid=8941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1065" name="file2" dev="loop4" ino=1048605 res=0 errno=0
[  248.689764][ T8972] sg_write: data in/out 178/8 bytes for SCSI command 0xfe-- guessing data in;
[  248.689764][ T8972]    program syz.0.1074 not setting count and/or reply_len properly
[  249.134107][ T8989] loop4: detected capacity change from 0 to 128
[  249.212073][ T8989] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  249.258255][ T8989] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.314443][   T28] audit: type=1326 audit(1767946251.294:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.407948][   T28] audit: type=1326 audit(1767946251.294:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.461339][   T28] audit: type=1326 audit(1767946251.304:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.518092][   T28] audit: type=1326 audit(1767946251.384:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.572317][   T28] audit: type=1326 audit(1767946251.384:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.647499][ T8188] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  249.658829][   T28] audit: type=1326 audit(1767946251.384:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f97879c2005 code=0x7ffc0000
[  249.742073][   T28] audit: type=1326 audit(1767946251.394:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.807975][   T28] audit: type=1326 audit(1767946251.394:2944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  249.910126][   T28] audit: type=1326 audit(1767946251.424:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8993 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  250.839608][   T27] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  250.865942][   T27] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  251.123679][ T9044] vlan2: entered allmulticast mode
[  251.177761][ T9040] fido_id[9040]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  251.883797][ T9074] loop3: detected capacity change from 0 to 164
[  251.935555][ T9074] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  251.977044][ T9077] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  251.990682][ T9077] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.033241][ T9074] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  252.073651][ T9074] rock: directory entry would overflow storage
[  252.094409][ T9074] rock: sig=0x4f50, size=4, remaining=3
[  252.110306][ T9074] iso9660: Corrupted directory entry in block 4 of inode 1792
[  252.138827][ T9077] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.171638][ T9077] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.268002][ T9077] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.311041][ T9077] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.446280][ T9077] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.494465][ T9077] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.558115][ T9091] loop4: detected capacity change from 0 to 128
[  252.604648][ T9091] EXT4-fs: Mount option(s) incompatible with ext2
[  252.778273][ T9077] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  252.818348][ T9077] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.898758][ T9077] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  252.934416][ T9077] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.960066][ T9101] syz.4.1114 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  253.023306][ T9077] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  253.039693][   T28] kauditd_printk_skb: 50 callbacks suppressed
[  253.039708][   T28] audit: type=1326 audit(1767946255.024:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.081154][ T9077] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.123251][   T28] audit: type=1326 audit(1767946255.024:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.166004][ T9077] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  253.188538][ T9077] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.199976][   T28] audit: type=1326 audit(1767946255.024:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.288116][   T28] audit: type=1326 audit(1767946255.024:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.384640][   T28] audit: type=1326 audit(1767946255.044:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.485871][   T28] audit: type=1326 audit(1767946255.044:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.549451][   T28] audit: type=1326 audit(1767946255.044:3002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.644381][   T28] audit: type=1326 audit(1767946255.044:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.714675][   T28] audit: type=1326 audit(1767946255.044:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  253.801116][   T28] audit: type=1326 audit(1767946255.134:3005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  254.781404][ T9163] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1130'.
[  255.878925][ T9187] loop4: detected capacity change from 0 to 8192
[  255.916620][ T9187] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  255.989515][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  256.417748][ T9207] loop3: detected capacity change from 0 to 512
[  256.470485][ T9207] EXT4-fs (loop3): 1 truncate cleaned up
[  256.500995][ T9207] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.621266][ T9207] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1150: bg 0: block 465: padding at end of block bitmap is not set
[  256.698276][ T9207] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  256.709771][ T9207] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1150: invalid indirect mapped block 234881024 (level 0)
[  256.816377][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.360749][ T9231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1158'.
[  258.405476][ T9246] loop4: detected capacity change from 0 to 512
[  258.809307][ T9246] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  259.615031][ T9255] syz.0.1168[9255] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  259.615181][ T9255] syz.0.1168[9255] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  259.751098][   T28] kauditd_printk_skb: 101 callbacks suppressed
[  259.751115][   T28] audit: type=1326 audit(1767946261.734:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  259.805723][   T28] audit: type=1326 audit(1767946261.784:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  259.934953][   T28] audit: type=1326 audit(1767946261.784:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.015592][   T28] audit: type=1326 audit(1767946261.784:3110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.043063][   T28] audit: type=1326 audit(1767946261.784:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.068109][   T28] audit: type=1326 audit(1767946261.784:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.090841][   T28] audit: type=1326 audit(1767946261.784:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.170369][   T28] audit: type=1326 audit(1767946261.784:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9261 comm="syz.1.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  260.328324][   T28] audit: type=1326 audit(1767946262.314:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9271 comm="syz.0.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  260.414510][   T28] audit: type=1326 audit(1767946262.344:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9271 comm="syz.0.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3891f8f749 code=0x7ffc0000
[  260.601830][ T9281] loop3: detected capacity change from 0 to 512
[  260.641386][ T9281] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  260.690207][ T9281] EXT4-fs (loop3): 1 orphan inode deleted
[  260.714448][ T9281] EXT4-fs (loop3): 1 truncate cleaned up
[  260.721598][ T9281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.941222][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.402056][ T9307] loop3: detected capacity change from 0 to 256
[  261.454416][ T9307] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  261.501289][ T9307] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  261.501432][ T9307] FAT-fs (loop3): Filesystem has been set read-only
[  261.593012][ T9311] bridge_slave_0: left allmulticast mode
[  261.609336][ T9311] bridge_slave_0: left promiscuous mode
[  261.639966][ T9311] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.689016][ T9313] loop4: detected capacity change from 0 to 128
[  261.690127][ T9311] bridge_slave_1: left allmulticast mode
[  261.732714][ T9311] bridge_slave_1: left promiscuous mode
[  261.749492][ T9313] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  261.774632][ T9311] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.805843][ T9313] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  261.865909][ T9311] bond0: (slave bond_slave_0): Releasing backup interface
[  261.925956][ T9317] syz.1.1191[9317] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.926102][ T9317] syz.1.1191[9317] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.999498][ T9311] bond0: (slave bond_slave_1): Releasing backup interface
[  262.327030][ T9311] team0: Port device team_slave_0 removed
[  262.431313][ T9311] team0: Port device team_slave_1 removed
[  262.456355][ T9311] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.474665][ T9311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.499264][ T9311] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.514372][ T9311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.590972][ T4722] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  262.649720][ T8146] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  262.670337][ T9331] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1198'.
[  262.834678][ T8146] usb 1-1: device descriptor read/64, error -71
[  262.940511][ T9344] loop4: detected capacity change from 0 to 512
[  262.967428][ T9344] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  263.014430][ T9344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.029340][ T9344] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.115814][ T8146] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[  263.292304][ T8146] usb 1-1: device descriptor read/64, error -71
[  263.316403][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1206'.
[  263.415329][ T8146] usb usb1-port1: attempt power cycle
[  263.419758][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.834487][ T8146] usb 1-1: new low-speed USB device number 4 using dummy_hcd
[  263.897726][ T8146] usb 1-1: device descriptor read/8, error -71
[  264.184599][ T8146] usb 1-1: new low-speed USB device number 5 using dummy_hcd
[  264.227375][ T8146] usb 1-1: device descriptor read/8, error -71
[  264.354890][ T8146] usb usb1-port1: unable to enumerate USB device
[  264.654807][ T9387] loop4: detected capacity change from 0 to 1024
[  264.695620][ T9387] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  264.707116][ T9387] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  264.715668][ T9387] EXT4-fs (loop4): orphan cleanup on readonly fs
[  264.755319][ T9387] __quota_error: 93 callbacks suppressed
[  264.755339][ T9387] Quota error (device loop4): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  264.796085][ T9387] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  264.823052][ T9387] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1221: Failed to acquire dquot type 0
[  264.841210][ T9387] Quota error (device loop4): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  264.851851][ T9387] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  264.866147][ T9387] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1221: Failed to acquire dquot type 0
[  264.880509][ T9387] EXT4-fs error (device loop4): ext4_free_blocks:6676: comm syz.4.1221: Freeing blocks not in datazone - block = 0, count = 4096
[  264.900308][ T9387] Quota error (device loop4): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  264.916724][ T9387] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  264.964445][ T9387] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1221: Failed to acquire dquot type 0
[  264.987362][ T9387] EXT4-fs (loop4): 1 orphan inode deleted
[  265.019100][ T9387] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.133223][ T9387] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.163628][ T9392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1223'.
[  265.297453][ T9395] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1224'.
[  265.496668][ T9400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1225'.
[  265.528607][ T9400] hsr_slave_0: left promiscuous mode
[  265.576406][ T9400] hsr_slave_1: left promiscuous mode
[  265.607975][   T28] audit: type=1326 audit(1767946267.594:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9401 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  265.648945][   T28] audit: type=1326 audit(1767946267.614:3211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9401 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  265.697196][   T28] audit: type=1326 audit(1767946267.614:3212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9401 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  265.721896][   T28] audit: type=1326 audit(1767946267.614:3213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9401 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  266.125097][ T9414] ipt_ECN: cannot use operation on non-tcp rule
[  266.318946][ T9417] loop4: detected capacity change from 0 to 512
[  266.403671][ T9417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.434634][ T9417] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.862872][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.556854][ T9431] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1237'.
[  267.844360][ T9433] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1237'.
[  268.375274][ T9440] syz.4.1240[9440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.375420][ T9440] syz.4.1240[9440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.148478][ T9450] loop4: detected capacity change from 0 to 128
[  269.204782][ T9450] FAT-fs (loop4): Unrecognized mount option "nonžp" or missing value
[  270.635453][ T9363] Set syz1 is full, maxelem 65536 reached
[  270.695031][ T9461] Process accounting resumed
[  270.895688][ T9475] loop4: detected capacity change from 0 to 512
[  270.942423][ T9475] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1254: inode has both inline data and extents flags
[  270.987880][ T9475] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1254: couldn't read orphan inode 15 (err -117)
[  271.054352][ T9475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.235203][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.805855][ T9524] serio: Serial port ttyS3
[  272.952359][ T9532] loop4: detected capacity change from 0 to 2048
[  273.018092][ T9532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.031700][ T9532] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.116615][ T9539] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1275: bg 0: block 345: padding at end of block bitmap is not set
[  273.154608][ T9539] EXT4-fs (loop4): Remounting filesystem read-only
[  273.416959][ T9545] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1282'.
[  273.434535][ T9545] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1282'.
[  273.453874][ T9545] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1282'.
[  273.469736][ T9545] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1282'.
[  273.570291][   T28] kauditd_printk_skb: 195 callbacks suppressed
[  273.570307][   T28] audit: type=1326 audit(1767946275.554:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.613370][   T28] audit: type=1326 audit(1767946275.594:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.708552][   T28] audit: type=1326 audit(1767946275.594:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.748186][   T28] audit: type=1326 audit(1767946275.594:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.792252][   T28] audit: type=1326 audit(1767946275.594:3413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.822335][   T28] audit: type=1326 audit(1767946275.594:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.848494][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.889333][   T28] audit: type=1326 audit(1767946275.594:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  273.947353][ T9551] loop3: detected capacity change from 0 to 128
[  273.971248][ T9551] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  273.991215][   T28] audit: type=1326 audit(1767946275.594:3416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  274.013705][ T9551] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  274.030387][   T28] audit: type=1326 audit(1767946275.594:3417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  274.053811][   T28] audit: type=1326 audit(1767946275.594:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff05f865e7 code=0x7ffc0000
[  274.106519][ T9556] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1287'.
[  274.117174][ T9551] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz.3.1285: bad entry in directory: rec_len is smaller than minimal - offset=1012, inode=128, rec_len=9, size=1024 fake=0
[  274.158876][ T9556] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1287'.
[  274.199398][ T9551] EXT4-fs (loop3): Remounting filesystem read-only
[  274.311536][ T5772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  275.303631][ T9582] xt_hashlimit: max too large, truncated to 1048576
[  275.317090][ T9582] xt_CT: You must specify a L4 protocol and not use inversions on it
[  275.936721][ T9583] macsec0: entered promiscuous mode
[  275.955127][ T9583] macsec1: entered promiscuous mode
[  275.979746][ T9583] macsec1: entered allmulticast mode
[  276.009907][ T9583] macsec0: entered allmulticast mode
[  276.033594][ T9583] veth1_macvtap: entered allmulticast mode
[  276.085249][ T9583] macsec0: left allmulticast mode
[  276.090378][ T9583] veth1_macvtap: left allmulticast mode
[  276.185044][ T9586] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1299'.
[  276.378923][ T9592] 9pnet_virtio: no channels available for device 
[  276.915256][ T9603] xt_hashlimit: max too large, truncated to 1048576
[  276.922638][ T9603] xt_CT: You must specify a L4 protocol and not use inversions on it
[  277.001570][ T9611] loop3: detected capacity change from 0 to 128
[  277.814159][ T9619] loop4: detected capacity change from 0 to 512
[  277.870100][ T9619] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1314: inode has both inline data and extents flags
[  277.924616][ T9619] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1314: couldn't read orphan inode 15 (err -117)
[  277.981901][ T9619] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.140431][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.410748][ T9628] loop4: detected capacity change from 0 to 1024
[  278.436435][ T9628] ext4: Unknown parameter 'seclabel'
[  278.778665][    T8] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  278.815454][    T8] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  278.969891][ T9636] fido_id[9636]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  279.386193][ T9647] sch_fq: defrate 4294967295 ignored.
[  279.454165][   T28] kauditd_printk_skb: 130 callbacks suppressed
[  279.454183][   T28] audit: type=1326 audit(1767946281.434:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.524658][   T28] audit: type=1326 audit(1767946281.474:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.564403][   T28] audit: type=1326 audit(1767946281.494:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.642280][   T28] audit: type=1326 audit(1767946281.494:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.718205][   T28] audit: type=1326 audit(1767946281.494:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.775127][   T28] audit: type=1326 audit(1767946281.494:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.825550][   T28] audit: type=1326 audit(1767946281.494:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.879017][   T28] audit: type=1326 audit(1767946281.494:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  279.949745][   T28] audit: type=1326 audit(1767946281.494:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  280.014015][   T28] audit: type=1326 audit(1767946281.494:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  281.989562][ T9697] loop3: detected capacity change from 0 to 1024
[  282.015440][ T9697] EXT4-fs: Ignoring removed nobh option
[  282.042044][ T9697] EXT4-fs: inline encryption not supported
[  282.076338][ T9697] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  282.321397][ T9697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.368453][ T9704] loop4: detected capacity change from 0 to 1024
[  282.390542][ T9697] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.1345: Allocating blocks 385-513 which overlap fs metadata
[  282.419121][ T9704] EXT4-fs: inline encryption not supported
[  282.426627][ T9697] EXT4-fs (loop3): pa ffff888077e62cb0: logic 16, phys. 129, len 24
[  282.434838][ T9697] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8
[  282.467923][ T9704] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  282.517129][ T9704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.605890][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.652589][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.941374][ T9716] Invalid ELF header magic: != ELF
[  283.400264][ T9729] loop3: detected capacity change from 0 to 256
[  284.454056][ T9744] loop3: detected capacity change from 0 to 512
[  284.496851][ T9744] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1364: inode has both inline data and extents flags
[  284.536164][ T9744] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1364: couldn't read orphan inode 15 (err -117)
[  284.599908][ T9744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.665882][ T9744] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  284.768604][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.000137][ T9754] syzkaller0: entered promiscuous mode
[  285.036249][ T9754] syzkaller0: entered allmulticast mode
[  285.478345][ T9762] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1370'.
[  285.677475][ T9764] loop4: detected capacity change from 0 to 512
[  285.724960][ T9764] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  285.760621][ T9764] EXT4-fs (loop4): 1 truncate cleaned up
[  285.770705][ T9764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.936549][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.673415][ T9774] autofs4:pid:9774:autofs_fill_super: called with bogus options
[  287.914635][ T9778] loop4: detected capacity change from 0 to 4096
[  287.960401][ T9778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.615946][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.847635][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  288.847652][   T28] audit: type=1326 audit(1767946290.834:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  288.961531][   T28] audit: type=1326 audit(1767946290.834:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  289.057658][   T28] audit: type=1326 audit(1767946290.834:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  289.129925][   T28] audit: type=1326 audit(1767946290.834:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  289.188804][   T28] audit: type=1326 audit(1767946290.834:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  289.255670][   T28] audit: type=1326 audit(1767946290.904:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  289.310276][   T28] audit: type=1326 audit(1767946290.904:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f093865e7 code=0x7ffc0000
[  289.364581][   T28] audit: type=1326 audit(1767946290.904:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f0932b829 code=0x7ffc0000
[  289.409147][   T28] audit: type=1326 audit(1767946290.904:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f093865e7 code=0x7ffc0000
[  289.465797][ T5773] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  289.477365][ T5773] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  289.486991][ T5773] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  289.511700][ T5773] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  289.528094][   T28] audit: type=1326 audit(1767946290.904:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9782 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f0932b829 code=0x7ffc0000
[  289.564201][ T5773] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  289.572502][ T5773] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  289.672033][ T9789] syz.4.1380[9789] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.672175][ T9789] syz.4.1380[9789] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  291.362259][ T8946] .`: (slave syz_tun): Releasing backup interface
[  291.657228][ T9806] sd 0:0:1:0: device reset
[  291.672980][   T51] Bluetooth: hci4: command tx timeout
[  292.135564][ T1026] : left promiscuous mode
[  292.281309][ T1026] tipc: Left network mode
[  292.485822][ T9786] chnl_net:caif_netlink_parms(): no params data found
[  292.941207][ T9821] warn_alloc: 5 callbacks suppressed
[  292.941226][ T9821] syz.4.1395: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  292.976965][ T9786] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.984214][ T9786] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.004839][ T9786] bridge_slave_0: entered allmulticast mode
[  293.024009][ T9821] CPU: 0 PID: 9821 Comm: syz.4.1395 Not tainted syzkaller #0
[  293.024982][ T9786] bridge_slave_0: entered promiscuous mode
[  293.031446][ T9821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  293.031475][ T9821] Call Trace:
[  293.031485][ T9821]  <TASK>
[  293.031496][ T9821]  dump_stack_lvl+0x16c/0x230
[  293.058428][ T9821]  ? show_regs_print_info+0x20/0x20
[  293.063696][ T9821]  ? load_image+0x3b0/0x3b0
[  293.068274][ T9821]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  293.074752][ T9821]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  293.081309][ T9821]  warn_alloc+0x210/0x300
[  293.085698][ T9821]  ? zone_watermark_ok_safe+0x230/0x230
[  293.091283][ T9821]  ? _raw_spin_unlock+0x28/0x40
[  293.096174][ T9821]  __vmalloc_node_range+0x662/0x1320
[  293.101513][ T9821]  ? __asan_memset+0x22/0x40
[  293.106162][ T9821]  ? free_vm_area+0x50/0x50
[  293.110702][ T9821]  ? kvmalloc_node+0x70/0x180
[  293.115414][ T9821]  ? rcu_is_watching+0x15/0xb0
[  293.120220][ T9821]  ? kvmalloc_node+0x70/0x180
[  293.124933][ T9821]  ? trace_kmalloc+0x1f/0xa0
[  293.129575][ T9821]  kvmalloc_node+0x13f/0x180
[  293.134210][ T9821]  ? translate_table+0x19c/0x2020
[  293.139277][ T9821]  translate_table+0x19c/0x2020
[  293.144179][ T9821]  ? ip6t_register_table+0x7b0/0x7b0
[  293.149495][ T9821]  ? __might_fault+0xaa/0x120
[  293.154207][ T9821]  ? __lock_acquire+0x7c80/0x7c80
[  293.159264][ T9821]  ? __virt_addr_valid+0x18c/0x540
[  293.164408][ T9821]  ? __might_fault+0xaa/0x120
[  293.169117][ T9821]  ? __might_fault+0xc6/0x120
[  293.173820][ T9821]  ? __might_fault+0xaa/0x120
[  293.178541][ T9821]  do_ip6t_set_ctl+0x969/0xcd0
[  293.183344][ T9821]  ? ip6t_unregister_table_exit+0x230/0x230
[  293.189273][ T9821]  ? __lock_acquire+0x7c80/0x7c80
[  293.194340][ T9821]  ? rcu_is_watching+0x15/0xb0
[  293.199151][ T9821]  ? trace_contention_end+0x39/0xe0
[  293.204444][ T9821]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  293.210124][ T9821]  ? mutex_unlock+0x10/0x10
[  293.214660][ T9821]  ? __might_sleep+0xe0/0xe0
[  293.219282][ T9821]  ? mutex_lock_nested+0x20/0x20
[  293.224260][ T9821]  nf_setsockopt+0x263/0x280
[  293.228919][ T9821]  ? sock_common_recvmsg+0x1b0/0x1b0
[  293.234236][ T9821]  smc_setsockopt+0x229/0xab0
[  293.238957][ T9821]  ? smc_shutdown+0x9b0/0x9b0
[  293.243661][ T9821]  ? __fget_files+0x28/0x4d0
[  293.248289][ T9821]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  293.253868][ T9821]  ? security_socket_setsockopt+0x7e/0xa0
[  293.259635][ T9821]  ? smc_shutdown+0x9b0/0x9b0
[  293.264372][ T9821]  do_sock_setsockopt+0x175/0x1a0
[  293.269442][ T9821]  ? __fdget+0x180/0x210
[  293.273726][ T9821]  __x64_sys_setsockopt+0x184/0x200
[  293.278962][ T9821]  do_syscall_64+0x55/0xb0
[  293.283410][ T9821]  ? clear_bhb_loop+0x40/0x90
[  293.288122][ T9821]  ? clear_bhb_loop+0x40/0x90
[  293.292842][ T9821]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.298774][ T9821] RIP: 0033:0x7f8f0938f749
[  293.303224][ T9821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.322862][ T9821] RSP: 002b:00007f8f0a141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  293.331311][ T9821] RAX: ffffffffffffffda RBX: 00007f8f095e5fa0 RCX: 00007f8f0938f749
[  293.339324][ T9821] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  293.347323][ T9821] RBP: 00007f8f09413f91 R08: 0000000000000330 R09: 0000000000000000
[  293.355322][ T9821] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  293.363322][ T9821] R13: 00007f8f095e6038 R14: 00007f8f095e5fa0 R15: 00007ffe5b64a9f8
[  293.371334][ T9821]  </TASK>
[  293.385054][ T9821] Mem-Info:
[  293.388503][ T9821] active_anon:24091 inactive_anon:0 isolated_anon:0
[  293.388503][ T9821]  active_file:12404 inactive_file:40334 isolated_file:0
[  293.388503][ T9821]  unevictable:768 dirty:23 writeback:0
[  293.388503][ T9821]  slab_reclaimable:10343 slab_unreclaimable:98448
[  293.388503][ T9821]  mapped:24841 shmem:21925 pagetables:403
[  293.388503][ T9821]  sec_pagetables:0 bounce:0
[  293.388503][ T9821]  kernel_misc_reclaimable:0
[  293.388503][ T9821]  free:1302461 free_pcp:11980 free_cma:0
[  293.443902][ T9821] Node 0 active_anon:96292kB inactive_anon:0kB active_file:49616kB inactive_file:161136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99400kB dirty:92kB writeback:0kB shmem:86164kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11760kB pagetables:1524kB sec_pagetables:0kB all_unreclaimable? no
[  293.502388][ T9821] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  293.538746][ T9821] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  293.566442][ T9821] lowmem_reserve[]: 0 2525 2526 2526 2526
[  293.587424][ T9821] Node 0 DMA32 free:1297576kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:96244kB inactive_anon:0kB active_file:49616kB inactive_file:159820kB unevictable:1536kB writepending:88kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:24740kB local_pcp:19824kB free_cma:0kB
[  293.599020][ T9786] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.640731][ T9821] lowmem_reserve[]: 0 0 1 1 1
[  293.666056][ T9821] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  293.697191][ T9821] lowmem_reserve[]: 0 0 0 0 0
[  293.702014][ T9821] Node 1 Normal free:3896896kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23600kB local_pcp:10848kB free_cma:0kB
[  293.724968][ T9786] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.758669][ T9786] bridge_slave_1: entered allmulticast mode
[  293.770838][   T51] Bluetooth: hci4: command tx timeout
[  293.784486][ T9786] bridge_slave_1: entered promiscuous mode
[  293.813476][ T9821] lowmem_reserve[]: 0 0 0 0 0
[  293.830649][ T9821] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  293.872410][ T9821] Node 0 DMA32: 10*4kB (ME) 552*8kB (UME) 629*16kB (UME) 362*32kB (UME) 170*64kB (ME) 404*128kB (UME) 341*256kB (UM) 194*512kB (UM) 92*1024kB (UM) 27*2048kB (UME) 213*4096kB (UM) = 1297272kB
[  293.909058][ T9821] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  293.942689][ T9821] Node 1 Normal: 236*4kB (U) 62*8kB (UE) 42*16kB (UE) 50*32kB (UE) 17*64kB (UME) 7*128kB (UME) 2*256kB (ME) 1*512kB (U) 1*1024kB (E) 1*2048kB (E) 949*4096kB (M) = 3896896kB
[  293.974347][ T9821] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  293.983985][ T9821] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  294.020519][ T9821] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  294.031715][ T9786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  294.046031][ T9786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  294.059887][ T9821] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  294.081510][ T9821] 74658 total pagecache pages
[  294.101374][ T9821] 0 pages in swap cache
[  294.114401][ T9821] Free swap  = 124704kB
[  294.119345][ T9821] Total swap = 124996kB
[  294.123587][ T9821] 2097051 pages RAM
[  294.151827][ T9821] 0 pages HighMem/MovableOnly
[  294.164607][ T9821] 416127 pages reserved
[  294.177612][ T9786] team0: Port device team_slave_0 added
[  294.184227][ T9821] 0 pages cma reserved
[  294.220095][ T9786] team0: Port device team_slave_1 added
[  294.257772][   T28] kauditd_printk_skb: 91 callbacks suppressed
[  294.257788][   T28] audit: type=1326 audit(1767946296.244:3689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.318534][ T9786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  294.334430][ T9786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.361257][   T28] audit: type=1326 audit(1767946296.274:3690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.410362][   T28] audit: type=1326 audit(1767946296.284:3691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.441963][ T9786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.483238][   T28] audit: type=1326 audit(1767946296.284:3692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.526284][ T9786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.534297][   T28] audit: type=1326 audit(1767946296.284:3693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.560985][ T9786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.617797][   T28] audit: type=1326 audit(1767946296.284:3694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.665336][ T9786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.711889][   T28] audit: type=1326 audit(1767946296.284:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.741789][   T28] audit: type=1326 audit(1767946296.284:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  294.810048][   T28] audit: type=1326 audit(1767946296.284:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  295.084559][   T28] audit: type=1326 audit(1767946296.284:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9852 comm="syz.3.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f978798f749 code=0x7ffc0000
[  295.303136][ T9786] hsr_slave_0: entered promiscuous mode
[  295.329642][ T9786] hsr_slave_1: entered promiscuous mode
[  295.493572][ T9859] loop3: detected capacity change from 0 to 512
[  295.522823][ T9859] EXT4-fs (loop3): orphan cleanup on readonly fs
[  295.540760][ T9859] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1406: bad orphan inode 13
[  295.580467][ T9859] ext4_test_bit(bit=12, block=18) = 1
[  295.618783][ T9859] is_bad_inode(inode)=0
[  295.623194][ T9859] NEXT_ORPHAN(inode)=2130706432
[  295.643834][ T9859] max_ino=32
[  295.649740][ T9859] i_nlink=1
[  295.691400][ T9859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.765085][ T9859] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  295.806187][ T9859] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1406: bg 0: block 248: padding at end of block bitmap is not set
[  295.824623][   T51] Bluetooth: hci4: command tx timeout
[  295.857240][ T9859] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1406: Failed to acquire dquot type 1
[  295.888208][ T9862] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  295.934681][ T9859] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  296.299783][ T5772] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12
[  296.326901][ T5772] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12
[  296.354894][ T1026] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.390125][ T1026] batman_adv: batadv0: Removing interface: batadv_slave_1
[  296.413558][ T1026] bridge_slave_1: left allmulticast mode
[  296.460257][ T1026] bridge_slave_1: left promiscuous mode
[  296.466242][ T1026] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.532059][ T1026] bridge_slave_0: left allmulticast mode
[  296.538491][ T1026] bridge_slave_0: left promiscuous mode
[  296.544343][ T1026] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.655365][ T9876] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1414'.
[  296.664801][ T9876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1414'.
[  296.775345][ T9876] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1414'.
[  296.787167][ T9876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1414'.
[  296.942627][ T9876] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1414'.
[  296.969751][ T9876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1414'.
[  297.436994][ T1026] team0 (unregistering): Port device team_slave_1 removed
[  297.498376][ T1026] team0 (unregistering): Port device team_slave_0 removed
[  297.533906][   T34] smc: removing ib device syz!
[  297.577666][ T1026] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.648311][ T1026] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.904958][   T51] Bluetooth: hci4: command tx timeout
[  298.706719][ T1026] .` (unregistering): Released all slaves
[  299.010012][ T9786] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  299.021188][ T9786] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  299.030116][ T9894] x_tables: unsorted entry at hook 1
[  299.039967][ T9786] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  299.072266][ T9786] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  299.193893][ T9899] loop4: detected capacity change from 0 to 1024
[  299.207203][ T9899] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  299.246664][ T9899] JBD2: no valid journal superblock found
[  299.252511][ T9899] EXT4-fs (loop4): Could not load journal inode
[  299.484580][ T1026] IPVS: stop unused estimator thread 0...
[  299.521986][ T9786] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.563997][ T9786] 8021q: adding VLAN 0 to HW filter on device team0
[  299.587482][ T4722] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.594716][ T4722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.619801][ T1026] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.627019][ T1026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.782710][ T7776] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.939287][ T7776] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.055912][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  300.055929][   T28] audit: type=1326 audit(1767946302.044:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.134469][   T28] audit: type=1326 audit(1767946302.044:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.176927][ T7776] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.197705][   T28] audit: type=1326 audit(1767946302.044:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.248347][   T28] audit: type=1326 audit(1767946302.044:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.341506][   T28] audit: type=1326 audit(1767946302.044:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.367518][ T7776] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.384145][   T28] audit: type=1326 audit(1767946302.044:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.416943][   T28] audit: type=1326 audit(1767946302.044:3714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.473288][   T28] audit: type=1326 audit(1767946302.044:3715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.504334][   T28] audit: type=1326 audit(1767946302.044:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.604585][   T28] audit: type=1326 audit(1767946302.044:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9917 comm="syz.1.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7eff05f8f749 code=0x7ffc0000
[  300.686956][ T5773] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  300.703610][ T5773] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  300.713151][ T5773] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  300.754930][ T5773] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  300.781587][ T5773] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  300.790016][ T5773] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  300.816247][ T7776] tipc: Disabling bearer <udp:syz2>
[  300.832348][ T7776] tipc: Left network mode
[  300.873902][ T9786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.992016][ T9786] veth0_vlan: entered promiscuous mode
[  302.155274][ T9786] veth1_vlan: entered promiscuous mode
[  302.330853][ T7776] hsr_slave_0: left promiscuous mode
[  302.341587][ T7776] hsr_slave_1: left promiscuous mode
[  302.365217][ T7776] bridge_slave_1: left allmulticast mode
[  302.381171][ T7776] bridge_slave_1: left promiscuous mode
[  302.388392][ T7776] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.412269][ T7776] bridge_slave_0: left promiscuous mode
[  302.418397][ T7776] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.488942][ T7776] veth1_macvtap: left promiscuous mode
[  302.494787][ T7776] veth0_macvtap: left promiscuous mode
[  302.500489][ T7776] veth1_vlan: left promiscuous mode
[  302.524763][ T7776] veth0_vlan: left promiscuous mode
[  302.864556][ T5773] Bluetooth: hci2: command tx timeout
[  303.549451][ T7776] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  303.607359][ T7776] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  303.814804][ T9963] loop4: detected capacity change from 0 to 128
[  304.126748][ T7776] bond0 (unregistering): Released all slaves
[  304.243633][ T9930] chnl_net:caif_netlink_parms(): no params data found
[  304.261228][ T9960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1440'.
[  304.279181][ T9960] syz_tun: entered promiscuous mode
[  304.288047][ T9960] macvtap1: entered promiscuous mode
[  304.298896][ T9960] macvtap1: entered allmulticast mode
[  304.306397][ T9960] syz_tun: entered allmulticast mode
[  304.328523][ T9961] syz_tun: left allmulticast mode
[  304.337216][ T9961] syz_tun: left promiscuous mode
[  304.413705][ T9786] veth0_macvtap: entered promiscuous mode
[  304.490346][ T9786] veth1_macvtap: entered promiscuous mode
[  304.519547][ T9930] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.527129][ T9930] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.534521][ T9930] bridge_slave_0: entered allmulticast mode
[  304.542212][ T9930] bridge_slave_0: entered promiscuous mode
[  304.563623][ T9930] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.572773][ T9930] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.581323][ T7776] IPVS: stop unused estimator thread 0...
[  304.589495][ T9930] bridge_slave_1: entered allmulticast mode
[  304.598340][ T9930] bridge_slave_1: entered promiscuous mode
[  304.645313][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.657909][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.670350][ T9786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.683971][ T9930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.709040][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.727641][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.743720][ T9786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.758290][ T9930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.807115][ T9930] team0: Port device team_slave_0 added
[  304.815602][ T9786] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.826143][ T9786] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.835003][ T9786] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.843883][ T9786] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.859858][ T9930] team0: Port device team_slave_1 added
[  304.948502][ T5773] Bluetooth: hci2: command tx timeout
[  304.972421][ T9930] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.985457][ T9930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.048102][ T9930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.088999][ T9930] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.100722][ T9930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.133336][ T9930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.144452][ T9977] loop7: detected capacity change from 0 to 16383
[  305.331999][ T9930] hsr_slave_0: entered promiscuous mode
[  305.359996][ T9930] hsr_slave_1: entered promiscuous mode
[  305.369749][ T9930] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.384876][ T9930] Cannot create hsr debugfs directory
[  305.554999][ T1026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.562895][ T1026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.668743][   T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.695006][   T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  306.024433][ T9930] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  306.180866][ T9930] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  306.217392][ T9930] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  306.244462][ T9930] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  306.534346][   T28] kauditd_printk_skb: 92 callbacks suppressed
[  306.534363][   T28] audit: type=1326 audit(1767946308.514:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  306.582392][ T9930] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.622706][   T28] audit: type=1326 audit(1767946308.514:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  306.657123][   T28] audit: type=1326 audit(1767946308.524:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  306.688797][   T28] audit: type=1326 audit(1767946308.524:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  306.731467][ T9930] 8021q: adding VLAN 0 to HW filter on device team0
[  306.760857][ T1026] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.768123][ T1026] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.794993][   T28] audit: type=1326 audit(1767946308.524:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb20e98e1ff code=0x7ffc0000
[  306.841472][T10015] loop5: detected capacity change from 0 to 1024
[  306.859615][T10015] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.874666][   T28] audit: type=1326 audit(1767946308.524:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  306.886911][T10015] EXT4-fs (loop5): unable to read superblock
[  306.908634][ T7780] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.915910][ T7780] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.942881][   T28] audit: type=1326 audit(1767946308.524:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  307.012941][   T28] audit: type=1326 audit(1767946308.524:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  307.042206][ T5773] Bluetooth: hci2: command tx timeout
[  307.089558][   T28] audit: type=1326 audit(1767946308.524:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  307.182934][   T28] audit: type=1326 audit(1767946308.524:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.5.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb20e98f749 code=0x7ffc0000
[  307.674716][ T9930] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.766283][T10034] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  308.378440][ T9930] veth0_vlan: entered promiscuous mode
[  308.421504][ T9930] veth1_vlan: entered promiscuous mode
[  308.522722][ T9930] veth0_macvtap: entered promiscuous mode
[  308.536115][ T9930] veth1_macvtap: entered promiscuous mode
[  308.559675][ T9930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.589212][ T9930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.614418][ T9930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.635604][ T9930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.656474][ T9930] batman_adv: batadv0: Interface activated: batadv_slave_0
[  308.689606][ T9930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.724371][ T9930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.744629][ T9930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.764997][ T9930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.786380][ T9930] batman_adv: batadv0: Interface activated: batadv_slave_1
[  308.808360][ T9930] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.827702][ T9930] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.836876][ T9930] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.845664][ T9930] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.981122][ T7083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.999423][ T7083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.048344][ T7083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.057249][ T7083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.104706][ T5773] Bluetooth: hci2: command tx timeout
[  309.219575][T10072] syz.6.1476[10072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  309.219676][T10072] syz.6.1476[10072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  309.245324][T10072] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1476'.
[  309.269233][T10070] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  309.597190][T10077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1477'.
[  309.941971][T10084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1480'.
[  309.951297][T10084] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1480'.
[  309.960525][T10084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1480'.
[  309.976308][T10084] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1480'.
[  310.137515][T10092] syz.4.1484[10092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.137655][T10092] syz.4.1484[10092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.183035][T10092] loop4: detected capacity change from 0 to 256
[  310.225996][T10092] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  310.245835][T10092] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  310.364809][T10097] bridge_slave_0: left allmulticast mode
[  310.370542][T10097] bridge_slave_0: left promiscuous mode
[  310.396954][T10097] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.427708][T10097] bridge_slave_1: left allmulticast mode
[  310.433447][T10097] bridge_slave_1: left promiscuous mode
[  310.449067][T10097] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.498789][T10097] bond0: (slave bond_slave_0): Releasing backup interface
[  310.569972][T10097] bond0: (slave bond_slave_1): Releasing backup interface
[  310.657530][T10097] team0: Port device team_slave_0 removed
[  310.693011][T10097] team0: Port device team_slave_1 removed
[  310.714715][T10097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.752733][T10097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.765080][T10097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.772575][T10097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.948245][T10110] syz.1.1491[10110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.948389][T10110] syz.1.1491[10110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.378802][T10119] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  311.702590][T10125] loop6: detected capacity change from 0 to 512
[  311.758937][T10125] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  311.779816][T10125] EXT4-fs (loop6): orphan cleanup on readonly fs
[  311.821086][T10125] EXT4-fs error (device loop6): ext4_do_update_inode:5244: inode #16: comm syz.6.1498: corrupted inode contents
[  311.855589][T10125] EXT4-fs error (device loop6): ext4_dirty_inode:6120: inode #16: comm syz.6.1498: mark_inode_dirty error
[  311.909578][T10125] EXT4-fs error (device loop6): ext4_do_update_inode:5244: inode #16: comm syz.6.1498: corrupted inode contents
[  311.981315][   T28] kauditd_printk_skb: 130 callbacks suppressed
[  311.981330][   T28] audit: type=1326 audit(1767946313.964:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.010833][T10125] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #16: comm syz.6.1498: mark_inode_dirty error
[  312.051086][   T28] audit: type=1326 audit(1767946313.994:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.071575][T10125] EXT4-fs error (device loop6): ext4_do_update_inode:5244: inode #16: comm syz.6.1498: corrupted inode contents
[  312.085891][   T28] audit: type=1326 audit(1767946313.994:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.108856][   T28] audit: type=1326 audit(1767946313.994:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.131693][   T28] audit: type=1326 audit(1767946314.014:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.150794][T10125] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[  312.180124][T10125] EXT4-fs error (device loop6): ext4_do_update_inode:5244: inode #16: comm syz.6.1498: corrupted inode contents
[  312.197237][T10125] EXT4-fs error (device loop6): ext4_truncate:4294: inode #16: comm syz.6.1498: mark_inode_dirty error
[  312.200883][   T28] audit: type=1326 audit(1767946314.014:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.214647][T10125] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[  312.252040][T10125] EXT4-fs (loop6): 1 truncate cleaned up
[  312.260093][   T34] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  312.275462][   T34] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u4:2: Failed to release dquot type 1
[  312.286687][   T28] audit: type=1326 audit(1767946314.024:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.322505][T10125] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.342434][   T28] audit: type=1326 audit(1767946314.024:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.375270][   T28] audit: type=1326 audit(1767946314.024:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.4.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f0938f749 code=0x7ffc0000
[  312.440370][ T9930] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.592905][T10152] netlink: 'syz.5.1511': attribute type 10 has an invalid length.
[  312.628342][T10152] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  312.662054][T10156] bridge0: port 1(syz_tun) entered blocking state
[  312.674493][T10156] bridge0: port 1(syz_tun) entered disabled state
[  312.691540][T10156] syz_tun: entered allmulticast mode
[  312.703136][T10156] syz_tun: entered promiscuous mode
[  312.722201][T10152] (null): rxe_set_mtu: Set mtu to 1024
[  312.730039][T10156] bridge0: port 1(syz_tun) entered blocking state
[  312.738028][T10156] bridge0: port 1(syz_tun) entered forwarding state
[  312.758747][T10152] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa0c error=-28
[  312.785841][T10156] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  313.197437][T10152] infiniband syz1: set active
[  313.203760][T10152] infiniband syz1: added syz_tun
[  313.268923][T10152] RDS/IB: syz1: added
[  313.273170][T10152] smc: adding ib device syz1 with port count 1
[  313.280225][T10152] smc:    ib device syz1 port 1 has pnetid 
[  313.958387][T10186] loop6: detected capacity change from 0 to 512
[  313.986020][T10186] ext4: Unknown parameter 'noacl'
[  314.501999][T10186] warn_alloc: 1 callbacks suppressed
[  314.502014][T10186] syz.6.1521: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz6,mems_allowed=0-1
[  314.580038][T10186] CPU: 0 PID: 10186 Comm: syz.6.1521 Not tainted syzkaller #0
[  314.587601][T10186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  314.597696][T10186] Call Trace:
[  314.601105][T10186]  <TASK>
[  314.604065][T10186]  dump_stack_lvl+0x16c/0x230
[  314.608793][T10186]  ? show_regs_print_info+0x20/0x20
[  314.614035][T10186]  ? load_image+0x3b0/0x3b0
[  314.618576][T10186]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  314.625040][T10186]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  314.631580][T10186]  warn_alloc+0x210/0x300
[  314.635966][T10186]  ? stack_trace_save+0x9c/0xe0
[  314.640856][T10186]  ? zone_watermark_ok_safe+0x230/0x230
[  314.646475][T10186]  ? kasan_set_track+0x5f/0x70
[  314.651285][T10186]  ? kasan_set_track+0x4e/0x70
[  314.656076][T10186]  ? __kasan_kmalloc+0x8f/0xa0
[  314.660869][T10186]  ? xsk_init_queue+0xb0/0x110
[  314.665663][T10186]  ? xsk_setsockopt+0x43c/0x6f0
[  314.670550][T10186]  ? do_sock_setsockopt+0x175/0x1a0
[  314.675779][T10186]  ? __x64_sys_setsockopt+0x184/0x200
[  314.681219][T10186]  __vmalloc_node_range+0x126/0x1320
[  314.686567][T10186]  ? free_vm_area+0x50/0x50
[  314.691122][T10186]  vmalloc_user+0x74/0x80
[  314.695491][T10186]  ? xskq_create+0xbf/0x170
[  314.700779][T10186]  xskq_create+0xbf/0x170
[  314.705311][T10186]  xsk_init_queue+0xb0/0x110
[  314.709958][T10186]  xsk_setsockopt+0x43c/0x6f0
[  314.714681][T10186]  ? xsk_poll+0x670/0x670
[  314.719081][T10186]  ? __fget_files+0x28/0x4d0
[  314.723714][T10186]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  314.729299][T10186]  ? security_socket_setsockopt+0x7e/0xa0
[  314.735050][T10186]  ? xsk_poll+0x670/0x670
[  314.739428][T10186]  do_sock_setsockopt+0x175/0x1a0
[  314.744500][T10186]  ? __fdget+0x180/0x210
[  314.748801][T10186]  __x64_sys_setsockopt+0x184/0x200
[  314.754041][T10186]  do_syscall_64+0x55/0xb0
[  314.758499][T10186]  ? clear_bhb_loop+0x40/0x90
[  314.763211][T10186]  ? clear_bhb_loop+0x40/0x90
[  314.767922][T10186]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.773846][T10186] RIP: 0033:0x7f357bd8f749
[  314.778291][T10186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.797935][T10186] RSP: 002b:00007f357cb68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  314.806386][T10186] RAX: ffffffffffffffda RBX: 00007f357bfe5fa0 RCX: 00007f357bd8f749
[  314.814391][T10186] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  314.822396][T10186] RBP: 00007f357be13f91 R08: 0000000000000004 R09: 0000000000000000
[  314.830395][T10186] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.838399][T10186] R13: 00007f357bfe6038 R14: 00007f357bfe5fa0 R15: 00007fff248ce118
[  314.846420][T10186]  </TASK>
[  314.880920][T10186] Mem-Info:
[  314.884125][T10186] active_anon:40505 inactive_anon:0 isolated_anon:0
[  314.884125][T10186]  active_file:14405 inactive_file:40361 isolated_file:0
[  314.884125][T10186]  unevictable:768 dirty:69 writeback:0
[  314.884125][T10186]  slab_reclaimable:10870 slab_unreclaimable:93985
[  314.884125][T10186]  mapped:23838 shmem:38308 pagetables:419
[  314.884125][T10186]  sec_pagetables:0 bounce:0
[  314.884125][T10186]  kernel_misc_reclaimable:0
[  314.884125][T10186]  free:1304922 free_pcp:13807 free_cma:0
[  314.930820][T10186] Node 0 active_anon:162020kB inactive_anon:0kB active_file:57620kB inactive_file:161244kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:95352kB dirty:276kB writeback:0kB shmem:151696kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11720kB pagetables:1676kB sec_pagetables:0kB all_unreclaimable? no
[  314.969898][T10186] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  315.028221][T10186] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  315.062506][T10186] lowmem_reserve[]: 0 2525 2526 2526 2526
[  315.072371][T10195] netlink: 'syz.1.1525': attribute type 3 has an invalid length.
[  315.084371][T10195] netlink: 'syz.1.1525': attribute type 1 has an invalid length.
[  315.092169][T10195] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1525'.
[  315.101732][T10186] Node 0 DMA32 free:1306972kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:161772kB inactive_anon:0kB active_file:57620kB inactive_file:159928kB unevictable:1536kB writepending:272kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:32052kB local_pcp:16684kB free_cma:0kB
[  315.211986][T10186] lowmem_reserve[]: 0 0 1 1 1
[  315.223148][T10186] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  315.267886][T10186] lowmem_reserve[]: 0 0 0 0 0
[  315.272955][T10186] Node 1 Normal free:3896896kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23600kB local_pcp:12752kB free_cma:0kB
[  315.316297][T10186] lowmem_reserve[]: 0 0 0 0 0
[  315.321368][T10186] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  315.337953][T10186] Node 0 DMA32: 15*4kB (ME) 2*8kB (ME) 0*16kB 224*32kB (UM) 859*64kB (UME) 523*128kB (UM) 308*256kB (UM) 181*512kB (UM) 83*1024kB (UM) 21*2048kB (UM) 213*4096kB (UM) = 1301132kB
[  315.362191][T10186] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  315.382214][T10186] Node 1 Normal: 236*4kB (U) 62*8kB (UE) 42*16kB (UE) 50*32kB (UE) 17*64kB (UME) 7*128kB (UME) 2*256kB (ME) 1*512kB (U) 1*1024kB (E) 1*2048kB (E) 949*4096kB (M) = 3896896kB
[  315.412586][T10186] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  315.441207][T10186] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  315.451685][T10186] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  315.468836][T10186] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  315.481127][T10186] 94008 total pagecache pages
[  315.489035][T10186] 0 pages in swap cache
[  315.493478][T10186] Free swap  = 124704kB
[  315.500783][T10186] Total swap = 124996kB
[  315.508751][T10186] 2097051 pages RAM
[  315.512951][T10186] 0 pages HighMem/MovableOnly
[  315.524060][T10186] 416127 pages reserved
[  315.550087][T10186] 0 pages cma reserved
[  315.748885][T10216] loop5: detected capacity change from 0 to 1024
[  315.771416][T10216] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  315.784616][T10216] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  315.798057][T10216] JBD2: no valid journal superblock found
[  315.803999][T10216] EXT4-fs (loop5): Could not load journal inode
[  315.880201][T10216] capability: warning: `syz.5.1532' uses 32-bit capabilities (legacy support in use)
[  316.161134][ T8145] IPVS: starting estimator thread 0...
[  316.254615][T10232] IPVS: using max 20 ests per chain, 48000 per kthread
[  316.323074][T10238] serio: Serial port ttyS3
[  316.527898][T10245] loop4: detected capacity change from 0 to 512
[  316.535676][T10245] EXT4-fs: Ignoring removed i_version option
[  316.541823][T10245] EXT4-fs: Ignoring removed bh option
[  316.566868][T10245] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.588131][T10245] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  316.710593][ T8188] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.742163][T10233] bridge0: port 1(syz_tun) entered disabled state
[  316.754156][T10233] infiniband syz1: set down
[  317.360954][T10233] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.372986][T10233] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.388003][T10233] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.397427][T10233] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.430909][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.465494][T10240] netlink: 'syz.1.1544': attribute type 10 has an invalid length.
[  317.473810][T10240] team0: Device dummy0 is up. Set it down before adding it as a team port
[  317.740299][T10272] loop4: detected capacity change from 0 to 512
[  317.770603][T10272] 
[  317.773009][T10272] ======================================================
[  317.780089][T10272] WARNING: possible circular locking dependency detected
[  317.787166][T10272] syzkaller #0 Not tainted
[  317.791619][T10272] ------------------------------------------------------
[  317.798666][T10272] syz.4.1553/10272 is trying to acquire lock:
[  317.804776][T10272] ffff88802ae30bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0
[  317.814893][T10272] 
[  317.814893][T10272] but task is already holding lock:
[  317.822294][T10272] ffff88805da614c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  317.832194][T10272] 
[  317.832194][T10272] which lock already depends on the new lock.
[  317.832194][T10272] 
[  317.842633][T10272] 
[  317.842633][T10272] the existing dependency chain (in reverse order) is:
[  317.851686][T10272] 
[  317.851686][T10272] -> #2 (&ei->xattr_sem){++++}-{3:3}:
[  317.859307][T10272]        down_write+0x97/0x1f0
[  317.864127][T10272]        ext4_inline_data_truncate+0x199/0xb40
[  317.870376][T10272]        ext4_truncate+0x3a3/0x1060
[  317.875625][T10272]        ext4_evict_inode+0x8af/0xea0
[  317.881047][T10272]        evict+0x486/0x870
[  317.885498][T10272]        ext4_orphan_cleanup+0xbd4/0x1400
[  317.891249][T10272]        ext4_fill_super+0x5de4/0x66c0
[  317.896736][T10272]        get_tree_bdev+0x3e4/0x510
[  317.901874][T10272]        vfs_get_tree+0x8c/0x280
[  317.906832][T10272]        do_new_mount+0x24b/0xa40
[  317.911872][T10272]        __se_sys_mount+0x2da/0x3c0
[  317.917085][T10272]        do_syscall_64+0x55/0xb0
[  317.922050][T10272]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  317.928499][T10272] 
[  317.928499][T10272] -> #1 (sb_internal){.+.+}-{0:0}:
[  317.935822][T10272]        percpu_down_read+0x44/0x1a0
[  317.941140][T10272]        ext4_evict_inode+0x2b9/0xea0
[  317.946540][T10272]        evict+0x486/0x870
[  317.950980][T10272]        ext4_ext_migrate+0xcfb/0xff0
[  317.956373][T10272]        ext4_ioctl+0x1c4b/0x3820
[  317.961439][T10272]        __se_sys_ioctl+0xfd/0x170
[  317.966577][T10272]        do_syscall_64+0x55/0xb0
[  317.971530][T10272]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  317.978010][T10272] 
[  317.978010][T10272] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  317.986473][T10272]        __lock_acquire+0x2ddb/0x7c80
[  317.991872][T10272]        lock_acquire+0x197/0x410
[  317.996919][T10272]        percpu_down_read+0x44/0x1a0
[  318.002229][T10272]        ext4_writepages+0x170/0x2f0
[  318.007543][T10272]        do_writepages+0x3a2/0x600
[  318.012684][T10272]        __writeback_single_inode+0x153/0xee0
[  318.018787][T10272]        writeback_single_inode+0x211/0x720
[  318.024724][T10272]        write_inode_now+0x161/0x1e0
[  318.030050][T10272]        iput+0x5b2/0x920
[  318.034412][T10272]        ext4_xattr_block_set+0x273a/0x32a0
[  318.040337][T10272]        ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  318.046781][T10272]        __ext4_expand_extra_isize+0x306/0x400
[  318.052970][T10272]        __ext4_mark_inode_dirty+0x45d/0x6e0
[  318.058978][T10272]        ext4_evict_inode+0x7ed/0xea0
[  318.064377][T10272]        evict+0x486/0x870
[  318.068813][T10272]        ext4_orphan_cleanup+0xbd4/0x1400
[  318.074565][T10272]        ext4_fill_super+0x5de4/0x66c0
[  318.080062][T10272]        get_tree_bdev+0x3e4/0x510
[  318.085203][T10272]        vfs_get_tree+0x8c/0x280
[  318.090175][T10272]        do_new_mount+0x24b/0xa40
[  318.095231][T10272]        __se_sys_mount+0x2da/0x3c0
[  318.100457][T10272]        do_syscall_64+0x55/0xb0
[  318.105421][T10272]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  318.111872][T10272] 
[  318.111872][T10272] other info that might help us debug this:
[  318.111872][T10272] 
[  318.122122][T10272] Chain exists of:
[  318.122122][T10272]   &sbi->s_writepages_rwsem --> sb_internal --> &ei->xattr_sem
[  318.122122][T10272] 
[  318.135539][T10272]  Possible unsafe locking scenario:
[  318.135539][T10272] 
[  318.143009][T10272]        CPU0                    CPU1
[  318.148401][T10272]        ----                    ----
[  318.153778][T10272]   lock(&ei->xattr_sem);
[  318.158140][T10272]                                lock(sb_internal);
[  318.164787][T10272]                                lock(&ei->xattr_sem);
[  318.171660][T10272]   rlock(&sbi->s_writepages_rwsem);
[  318.176982][T10272] 
[  318.176982][T10272]  *** DEADLOCK ***
[  318.176982][T10272] 
[  318.185151][T10272] 3 locks held by syz.4.1553/10272:
[  318.190381][T10272]  #0: ffff88802c5180e0 (&type->s_umount_key#32){++++}-{3:3}, at: get_tree_bdev+0x344/0x510
[  318.200615][T10272]  #1: ffff88802c518608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[  318.210142][T10272]  #2: ffff88805da614c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[  318.220463][T10272] 
[  318.220463][T10272] stack backtrace:
[  318.226381][T10272] CPU: 0 PID: 10272 Comm: syz.4.1553 Not tainted syzkaller #0
[  318.233857][T10272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  318.243935][T10272] Call Trace:
[  318.247245][T10272]  <TASK>
[  318.250196][T10272]  dump_stack_lvl+0x16c/0x230
[  318.254909][T10272]  ? load_image+0x3b0/0x3b0
[  318.259441][T10272]  ? show_regs_print_info+0x20/0x20
[  318.264668][T10272]  ? print_circular_bug+0x12b/0x1a0
[  318.270036][T10272]  check_noncircular+0x2bd/0x3c0
[  318.275002][T10272]  ? look_up_lock_class+0x75/0x140
[  318.280165][T10272]  ? print_deadlock_bug+0x5d0/0x5d0
[  318.285401][T10272]  ? lockdep_lock+0xe0/0x220
[  318.290023][T10272]  ? _find_first_zero_bit+0xd3/0x100
[  318.295349][T10272]  __lock_acquire+0x2ddb/0x7c80
[  318.300239][T10272]  ? __lock_acquire+0x1334/0x7c80
[  318.305289][T10272]  ? verify_lock_unused+0x140/0x140
[  318.310515][T10272]  ? verify_lock_unused+0x140/0x140
[  318.315743][T10272]  lock_acquire+0x197/0x410
[  318.320273][T10272]  ? ext4_writepages+0x170/0x2f0
[  318.325250][T10272]  ? __might_sleep+0xe0/0xe0
[  318.329867][T10272]  ? mark_lock+0x94/0x320
[  318.334228][T10272]  ? read_lock_is_recursive+0x20/0x20
[  318.339628][T10272]  ? __lock_acquire+0x1334/0x7c80
[  318.344680][T10272]  percpu_down_read+0x44/0x1a0
[  318.349472][T10272]  ? ext4_writepages+0x170/0x2f0
[  318.354442][T10272]  ext4_writepages+0x170/0x2f0
[  318.359242][T10272]  ? ext4_read_folio+0x2f0/0x2f0
[  318.364211][T10272]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  318.370221][T10272]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  318.376148][T10272]  ? lockdep_hardirqs_on+0x98/0x150
[  318.381379][T10272]  ? ext4_read_folio+0x2f0/0x2f0
[  318.386395][T10272]  do_writepages+0x3a2/0x600
[  318.391033][T10272]  ? folio_clear_dirty_for_io+0xc30/0xc30
[  318.396822][T10272]  ? writeback_single_inode+0x206/0x720
[  318.402403][T10272]  ? __lock_acquire+0x7c80/0x7c80
[  318.407455][T10272]  ? do_raw_spin_lock+0x121/0x2c0
[  318.412506][T10272]  ? get_tree_bdev+0x3e4/0x510
[  318.417302][T10272]  __writeback_single_inode+0x153/0xee0
[  318.422897][T10272]  writeback_single_inode+0x211/0x720
[  318.428304][T10272]  ? write_inode_now+0x1e0/0x1e0
[  318.433279][T10272]  write_inode_now+0x161/0x1e0
[  318.438072][T10272]  ? bdi_split_work_to_wbs+0x890/0x890
[  318.443564][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  318.448793][T10272]  iput+0x5b2/0x920
[  318.452632][T10272]  ext4_xattr_block_set+0x273a/0x32a0
[  318.458039][T10272]  ? __might_sleep+0xe0/0xe0
[  318.462667][T10272]  ? xattr_find_entry+0x12b/0x2f0
[  318.467718][T10272]  ? ext4_xattr_block_find+0x350/0x350
[  318.473208][T10272]  ? ext4_xattr_block_find+0x2d4/0x350
[  318.478699][T10272]  ext4_expand_extra_isize_ea+0x10ea/0x19e0
[  318.484643][T10272]  __ext4_expand_extra_isize+0x306/0x400
[  318.490315][T10272]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  318.495814][T10272]  ext4_evict_inode+0x7ed/0xea0
[  318.500693][T10272]  ? _raw_spin_unlock+0x28/0x40
[  318.505572][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  318.511494][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  318.516729][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  318.522654][T10272]  evict+0x486/0x870
[  318.526575][T10272]  ? __lock_acquire+0x7c80/0x7c80
[  318.531627][T10272]  ? proc_nr_inodes+0x230/0x230
[  318.536500][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  318.541727][T10272]  ? _raw_spin_unlock+0x28/0x40
[  318.546600][T10272]  ? iput+0x70a/0x920
[  318.550603][T10272]  ext4_orphan_cleanup+0xbd4/0x1400
[  318.555837][T10272]  ? ext4_orphan_del+0xba0/0xba0
[  318.560825][T10272]  ? ext4_register_li_request+0x183/0x940
[  318.566582][T10272]  ? errseq_check_and_advance+0x66/0x120
[  318.572245][T10272]  ext4_fill_super+0x5de4/0x66c0
[  318.577223][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  318.583492][T10272]  ? __might_sleep+0xe0/0xe0
[  318.588110][T10272]  ? read_lock_is_recursive+0x20/0x20
[  318.593507][T10272]  ? snprintf+0xdb/0x120
[  318.597789][T10272]  ? vscnprintf+0x80/0x80
[  318.602160][T10272]  ? down_write+0x162/0x1f0
[  318.606690][T10272]  ? down_read_killable+0x340/0x340
[  318.611913][T10272]  ? setup_bdev_super+0x56b/0x660
[  318.616961][T10272]  get_tree_bdev+0x3e4/0x510
[  318.621571][T10272]  ? vfs_parse_fs_string+0x160/0x160
[  318.626890][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  318.633161][T10272]  ? setup_bdev_super+0x660/0x660
[  318.638211][T10272]  ? apparmor_capable+0x137/0x1a0
[  318.643274][T10272]  ? bpf_lsm_capable+0x9/0x10
[  318.647982][T10272]  ? security_capable+0x89/0xb0
[  318.652874][T10272]  vfs_get_tree+0x8c/0x280
[  318.657343][T10272]  do_new_mount+0x24b/0xa40
[  318.661878][T10272]  __se_sys_mount+0x2da/0x3c0
[  318.666584][T10272]  ? __x64_sys_mount+0xc0/0xc0
[  318.671370][T10272]  ? lockdep_hardirqs_on+0x98/0x150
[  318.676596][T10272]  ? __x64_sys_mount+0x20/0xc0
[  318.681380][T10272]  do_syscall_64+0x55/0xb0
[  318.685816][T10272]  ? clear_bhb_loop+0x40/0x90
[  318.690524][T10272]  ? clear_bhb_loop+0x40/0x90
[  318.695233][T10272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  318.701154][T10272] RIP: 0033:0x7f8f09390eea
[  318.705597][T10272] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.725231][T10272] RSP: 002b:00007f8f0a140e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  318.733668][T10272] RAX: ffffffffffffffda RBX: 00007f8f0a140ef0 RCX: 00007f8f09390eea
[  318.741669][T10272] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f8f0a140eb0
[  318.749661][T10272] RBP: 0000200000000180 R08: 00007f8f0a140ef0 R09: 0000000000800700
[  318.757658][T10272] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  318.765652][T10272] R13: 00007f8f0a140eb0 R14: 000000000000046f R15: 000000000000002c
[  318.773651][T10272]  </TASK>
[  318.790224][T10272] ------------[ cut here ]------------
[  318.796807][T10272] EA inode 11 i_nlink=2
[  318.797125][T10272] WARNING: CPU: 1 PID: 10272 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550
[  318.804580][T10280] syz.1.1556[10280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.811655][T10280] syz.1.1556[10280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  318.812965][T10272] Modules linked in:
[  318.839093][T10272] CPU: 1 PID: 10272 Comm: syz.4.1553 Not tainted syzkaller #0
[  318.846960][T10272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  318.857146][T10272] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  318.863803][T10272] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[  318.883535][T10272] RSP: 0018:ffffc9000425f1c0 EFLAGS: 00010246
[  318.890016][T10272] RAX: 746f696ef37f6600 RBX: 0000000000000002 RCX: 0000000000080000
[  318.898718][T10272] RDX: ffffc90004e41000 RSI: 000000000007ffff RDI: 0000000000080000
[  318.906841][T10272] RBP: ffffc9000425f2b8 R08: ffffc9000425edc7 R09: 1ffff9200084bdb8
[  318.914899][T10272] R10: dffffc0000000000 R11: fffff5200084bdb9 R12: dffffc0000000000
[  318.922923][T10272] R13: ffff88805b0c40a8 R14: ffff88805b0c3eb0 R15: ffff88805b0c3f00
[  318.931402][T10272] FS:  00007f8f0a1416c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  318.940820][T10272] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  318.947789][T10272] CR2: 00007eff06d156c0 CR3: 00000000621dc000 CR4: 00000000003506e0
[  318.956259][T10272] Call Trace:
[  318.959578][T10272]  <TASK>
[  318.962604][T10272]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  318.968783][T10272]  ? ext4_xattr_inode_iget+0x3df/0x600
[  318.974805][T10272]  ext4_xattr_set_entry+0xcda/0x1e90
[  318.980173][T10272]  ext4_xattr_ibody_set+0x254/0x6a0
[  318.985453][T10272]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  318.991430][T10272]  __ext4_expand_extra_isize+0x306/0x400
[  318.997194][T10272]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  319.003333][T10272]  ext4_evict_inode+0x7ed/0xea0
[  319.008349][T10272]  ? _raw_spin_unlock+0x28/0x40
[  319.013257][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  319.019240][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  319.024526][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  319.030474][T10272]  evict+0x486/0x870
[  319.034436][T10272]  ? __lock_acquire+0x7c80/0x7c80
[  319.039512][T10272]  ? proc_nr_inodes+0x230/0x230
[  319.044438][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  319.049692][T10272]  ? _raw_spin_unlock+0x28/0x40
[  319.054615][T10272]  ? iput+0x70a/0x920
[  319.058650][T10272]  ext4_orphan_cleanup+0xbd4/0x1400
[  319.063919][T10272]  ? ext4_orphan_del+0xba0/0xba0
[  319.068950][T10272]  ? ext4_register_li_request+0x183/0x940
[  319.074782][T10272]  ? errseq_check_and_advance+0x66/0x120
[  319.080474][T10272]  ext4_fill_super+0x5de4/0x66c0
[  319.085518][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  319.091814][T10272]  ? __might_sleep+0xe0/0xe0
[  319.096489][T10272]  ? read_lock_is_recursive+0x20/0x20
[  319.101928][T10272]  ? snprintf+0xdb/0x120
[  319.106893][T10272]  ? vscnprintf+0x80/0x80
[  319.111285][T10272]  ? down_write+0x162/0x1f0
[  319.115951][T10272]  ? down_read_killable+0x340/0x340
[  319.121225][T10272]  ? setup_bdev_super+0x56b/0x660
[  319.126336][T10272]  get_tree_bdev+0x3e4/0x510
[  319.130977][T10272]  ? vfs_parse_fs_string+0x160/0x160
[  319.136360][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  319.142654][T10272]  ? setup_bdev_super+0x660/0x660
[  319.147753][T10272]  ? apparmor_capable+0x137/0x1a0
[  319.152825][T10272]  ? bpf_lsm_capable+0x9/0x10
[  319.157583][T10272]  ? security_capable+0x89/0xb0
[  319.162488][T10272]  vfs_get_tree+0x8c/0x280
[  319.166980][T10272]  do_new_mount+0x24b/0xa40
[  319.171538][T10272]  __se_sys_mount+0x2da/0x3c0
[  319.176289][T10272]  ? __x64_sys_mount+0xc0/0xc0
[  319.181102][T10272]  ? lockdep_hardirqs_on+0x98/0x150
[  319.186508][T10272]  ? __x64_sys_mount+0x20/0xc0
[  319.191328][T10272]  do_syscall_64+0x55/0xb0
[  319.195823][T10272]  ? clear_bhb_loop+0x40/0x90
[  319.200549][T10272]  ? clear_bhb_loop+0x40/0x90
[  319.205883][T10272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  319.211830][T10272] RIP: 0033:0x7f8f09390eea
[  319.216422][T10272] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.236118][T10272] RSP: 002b:00007f8f0a140e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  319.244637][T10272] RAX: ffffffffffffffda RBX: 00007f8f0a140ef0 RCX: 00007f8f09390eea
[  319.252658][T10272] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f8f0a140eb0
[  319.260714][T10272] RBP: 0000200000000180 R08: 00007f8f0a140ef0 R09: 0000000000800700
[  319.268777][T10272] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  319.276828][T10272] R13: 00007f8f0a140eb0 R14: 000000000000046f R15: 000000000000002c
[  319.285015][T10272]  </TASK>
[  319.288086][T10272] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  319.295397][T10272] CPU: 1 PID: 10272 Comm: syz.4.1553 Not tainted syzkaller #0
[  319.302894][T10272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  319.312997][T10272] Call Trace:
[  319.316310][T10272]  <TASK>
[  319.319262][T10272]  dump_stack_lvl+0x16c/0x230
[  319.323976][T10272]  ? show_regs_print_info+0x20/0x20
[  319.329222][T10272]  ? load_image+0x3b0/0x3b0
[  319.333765][T10272]  panic+0x2c0/0x710
[  319.337692][T10272]  ? bpf_jit_dump+0xd0/0xd0
[  319.342233][T10272]  __warn+0x2e0/0x470
[  319.346243][T10272]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  319.352257][T10272]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  319.358267][T10272]  report_bug+0x2be/0x4f0
[  319.362634][T10272]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  319.368656][T10272]  ? ext4_xattr_inode_update_ref+0x4fb/0x550
[  319.374680][T10272]  ? ext4_xattr_inode_update_ref+0x4fd/0x550
[  319.380716][T10272]  handle_bug+0xcf/0x120
[  319.384988][T10272]  exc_invalid_op+0x1a/0x50
[  319.389525][T10272]  asm_exc_invalid_op+0x1a/0x20
[  319.394409][T10272] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[  319.401043][T10272] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[  319.420691][T10272] RSP: 0018:ffffc9000425f1c0 EFLAGS: 00010246
[  319.426784][T10272] RAX: 746f696ef37f6600 RBX: 0000000000000002 RCX: 0000000000080000
[  319.434783][T10272] RDX: ffffc90004e41000 RSI: 000000000007ffff RDI: 0000000000080000
[  319.442776][T10272] RBP: ffffc9000425f2b8 R08: ffffc9000425edc7 R09: 1ffff9200084bdb8
[  319.450769][T10272] R10: dffffc0000000000 R11: fffff5200084bdb9 R12: dffffc0000000000
[  319.458766][T10272] R13: ffff88805b0c40a8 R14: ffff88805b0c3eb0 R15: ffff88805b0c3f00
[  319.466778][T10272]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  319.472446][T10272]  ? ext4_xattr_inode_iget+0x3df/0x600
[  319.477937][T10272]  ext4_xattr_set_entry+0xcda/0x1e90
[  319.483262][T10272]  ext4_xattr_ibody_set+0x254/0x6a0
[  319.488491][T10272]  ext4_expand_extra_isize_ea+0x113a/0x19e0
[  319.494429][T10272]  __ext4_expand_extra_isize+0x306/0x400
[  319.500100][T10272]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  319.505593][T10272]  ext4_evict_inode+0x7ed/0xea0
[  319.510465][T10272]  ? _raw_spin_unlock+0x28/0x40
[  319.515351][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  319.521270][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  319.526494][T10272]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  319.532452][T10272]  evict+0x486/0x870
[  319.536375][T10272]  ? __lock_acquire+0x7c80/0x7c80
[  319.541428][T10272]  ? proc_nr_inodes+0x230/0x230
[  319.546305][T10272]  ? do_raw_spin_unlock+0x121/0x230
[  319.551535][T10272]  ? _raw_spin_unlock+0x28/0x40
[  319.556411][T10272]  ? iput+0x70a/0x920
[  319.560418][T10272]  ext4_orphan_cleanup+0xbd4/0x1400
[  319.565665][T10272]  ? ext4_orphan_del+0xba0/0xba0
[  319.570632][T10272]  ? ext4_register_li_request+0x183/0x940
[  319.576385][T10272]  ? errseq_check_and_advance+0x66/0x120
[  319.582053][T10272]  ext4_fill_super+0x5de4/0x66c0
[  319.587035][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  319.593301][T10272]  ? __might_sleep+0xe0/0xe0
[  319.597920][T10272]  ? read_lock_is_recursive+0x20/0x20
[  319.603320][T10272]  ? snprintf+0xdb/0x120
[  319.607612][T10272]  ? vscnprintf+0x80/0x80
[  319.611971][T10272]  ? down_write+0x162/0x1f0
[  319.616519][T10272]  ? down_read_killable+0x340/0x340
[  319.621741][T10272]  ? setup_bdev_super+0x56b/0x660
[  319.626799][T10272]  get_tree_bdev+0x3e4/0x510
[  319.631410][T10272]  ? vfs_parse_fs_string+0x160/0x160
[  319.636722][T10272]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  319.642992][T10272]  ? setup_bdev_super+0x660/0x660
[  319.648046][T10272]  ? apparmor_capable+0x137/0x1a0
[  319.653093][T10272]  ? bpf_lsm_capable+0x9/0x10
[  319.657805][T10272]  ? security_capable+0x89/0xb0
[  319.662684][T10272]  vfs_get_tree+0x8c/0x280
[  319.667136][T10272]  do_new_mount+0x24b/0xa40
[  319.671667][T10272]  __se_sys_mount+0x2da/0x3c0
[  319.676367][T10272]  ? __x64_sys_mount+0xc0/0xc0
[  319.681150][T10272]  ? lockdep_hardirqs_on+0x98/0x150
[  319.686369][T10272]  ? __x64_sys_mount+0x20/0xc0
[  319.691150][T10272]  do_syscall_64+0x55/0xb0
[  319.695584][T10272]  ? clear_bhb_loop+0x40/0x90
[  319.700287][T10272]  ? clear_bhb_loop+0x40/0x90
[  319.704989][T10272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  319.710914][T10272] RIP: 0033:0x7f8f09390eea
[  319.715350][T10272] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.734993][T10272] RSP: 002b:00007f8f0a140e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  319.743438][T10272] RAX: ffffffffffffffda RBX: 00007f8f0a140ef0 RCX: 00007f8f09390eea
[  319.751433][T10272] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f8f0a140eb0
[  319.759428][T10272] RBP: 0000200000000180 R08: 00007f8f0a140ef0 R09: 0000000000800700
[  319.767421][T10272] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  319.775415][T10272] R13: 00007f8f0a140eb0 R14: 000000000000046f R15: 000000000000002c
[  319.783417][T10272]  </TASK>
[  319.787028][T10272] Kernel Offset: disabled
[  319.791362][T10272] Rebooting in 86400 seconds..